Privacy Policy
Onwelo S.A. is the owner of the Hello Astra application intended for managing recruitment processes. with its registered office in Warsaw (01-207 Warsaw), ul. Karolkowa 30 (hereinafter “Onwelo” or ” Controller”).
We make every effort to protect the privacy of people who use our services, including application Hello Astra. In this Privacy Policy, we specify how we collect and process your personal data when you use our website and application.
Read the definitions of terms that you will come across in our Privacy Policy:
- Application – the Hello Astra application, enabling the Customer to manage the candidate database and recruitment processes.
- Client – a legal person, an organizational unit without legal personality, as well as a natural person conducting business activity, which has concluded an Agreement with Onwelo for the provision of Services.
- User account – User’s individual profile, created after registration in the Application, through which he can use the functionality and resources of the Application.
- GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC (General Data Protection Regulation) of 27 April 2016 (Official Journal of the EU No. 119, page 1).
- Service – website at https://helloastra.com, under which Onwelo provides its services.
- Services Agreement – contract for the provision of paid access to the Application contain nonpaid access.
- User – a natural person using the Application, employed by the Customer in any form, including under a civil law contract.
Data controller
Onwelo is the controller of data that we collect when you use the Application. You can contact us by e-mail: contact@onwelo.com or in writing to the address of the registered office.
We have also appointed a data protection officer, whom you can contact by e-mail: daneosobowe@onwelo.com or in writing (to the registered office with the note: Data Protection Officer).
Purposes and legal basis
The scope of your personal data that we collect, the purposes and the basis for their processing depend on the services you use via our website or Application. You will find the required information for each service in the list below.
Contact |
Scope of data: Purpose of data processing: Basis of data processing: Period of data storage: |
Contact regarding the application |
Scope of data: Purpose of data processing: Basis of data processing: Period of data storage: |
Conclusion and performance of contracts |
Scope of data: Purpose of data processing: Basis of data processing: Period of data storage: |
Using the application |
Scope of data: Purpose of data processing: Basis of data processing: Period of data storage: |
Newsletter sending |
Scope of data: Purpose of data processing: Basis of data processing: Period of data storage: |
Marketing of our products and services |
Scope of data: Purpose of data processing: Basis of data processing: Period of data storage: |
Answering questions, applications and complaints |
Scope of data: Purpose of data processing: Basis of data processing: Period of data storage: |
Determination, investigation and defense against claims |
Scope of data: Purpose of data processing: Basis of data processing: Period of data storage: |
Information on the requirement of data
Providing the indicated scope of data is a condition of access to and use of the Application or is required for the implementation of other services – such as answering an inquiry, receiving a newsletter or receiving ordered marketing and promotional information.
Information about profiling and automated decision making
The processing of your personal data does not include automated decision making, including profiling.
Recipients of personal data
The recipients of your personal data will be our authorized employees, persons cooperating with us on the basis of civil law contracts and entities providing services to us, including IT, hosting, legal and consulting services.
Transmission of data outside the eea
Some of our suppliers may be based outside the European Economic Area (EEA), in which case we transfer data on the basis of standard contractual clauses adopted by the Commission (EU) or participation in the “Privacy Shield” program established by Commission Implementing Decision (EU) 2016/1250 of on July 12, 2016 on the adequacy of protection provided by the EU-US Privacy Shield. The conditions for the transfer of personal data to third countries can be found at:
https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en.
Social media
Contact via social media – contact with us is also possible through our social profiles on Facebook, LinkedIn and Twitter. We can use the services of our partners to keep in touch with you or provide you with content. We only use the data obtained in connection with the inquiry addressed to us through social networking sites to provide the answer. Nevertheless, social media collects personal data independently (in connection with the user profiles created in them), therefore the User should read the privacy policies of these portals.
Links to other companies ‘websites – the website contains links to other companies’ websites, you should read their privacy policies. We also use the so-called Facebook, Instagram, Linkedin and Twitter plugins that allow direct redirection to our profiles on these websites. When you click the plug-in, your browser directly connects to the server of the given portal. If you are logged in to one of the social networks at that time, information about your visits to our Website will be sent to their servers, which will be able to be assigned to your account on this portal. If you do not want to transfer this data, you should log out of the respective social network before clicking on the plugin.
Your rights in connection with the processing of personal data
Under the terms of the GDPR, you have the following rights:
- Right to access your personal data and receive a copy of it ( Article 15 GDPR)
- Right to rectify (correct) your personal data (Article 16 of the GDPR)
- The right to limit the processing of personal data in the cases specified in Article 18 GDPR
- The right to delete personal data in the cases specified in Article 17 clause 1 GDPR, subject to the exceptions set out in Article 17 clause 3 GDPR
- The right to transfer data in the cases specified in Article 20 GDPR
- he right to object to the processing of personal data in the cases specified in Article 21 GDPR – you have the right to object to the processing of your personal data, including profiling, at any time, if we process your data based on our legitimate interest (e.g. in the case of marketing our products and services).
- The right to withdraw consent – you have the right to withdraw your consent at any time, if we process your personal data on the basis of consent, its withdrawal only works for the future and does not affect the processing carried out by us in accordance with the law before its withdrawal.
Demands for the exercise of rights should be sent via e-mail to daneosobowe@onwelo.com.
You have the right to lodge a complaint with the supervisory body if you feel that the administrator is processing your personal data contrary to legal requirements. The supervisory body for the processing of personal data by Onwelo SA is the Polish Office for Personal Data Protection https://uodo.gov.pl.
Data safety
We make every effort to ensure the security of your personal data, including by encrypting data transmission during registration and logging into the Application.
Updating privacy policy
Any changes to the above Privacy Policy will be made by publishing its new version on the website, and in the event of significant changes by sending separate notifications to the e-mail address you specify.