At The Reference we intend to give you as much control as possible over your personal information, including the registration data. We will let each user know how we will use the personal information derived from each user’s access to and use of the-reference.com and/or the services. This information will always be shared prior to or during the information entry by the data subject.
To successfully pursue its activities The Reference needs to process personal data about individuals. These can include customers, job seekers, journalists, vendors, suppliers, stakeholders, subcontractors, competitors, Alumni and other people the organization has a relationship with or may need to contact.
The Reference is committed to respect the rights of the people whose personal data is being processed. Therefore, The Reference complies with data protection regulations such as the General Data Protection Regulation (“GDPR”) and national laws of the countries in which it operates.
This privacy statement describes which personal data we collect, why we do it, how long we keep it and the rights you can exercise with regard to your personal data. It applies to all personal data submitted to The Reference via the website, by email, or by any other means.
The Reference.US Inc, registered at 79 Madison Avenue, 10061 New York, New York (hereinafter: “The Reference”) is the controller, as it determines the means and purposes of the processing of your personal data.
Personal data we collect about you
If possible, we will try to collect the personal data directly from the person concerned. However, it may be necessary to collect personal data from third parties in the context of future relationships (e.g. customers or candidates).
I. Information you provide us:
II. Information we may automatically collect if you visit our website:
III. Use of children’s data:
The Reference does not knowingly collect, process or store any personal data about children under the age of 16 and we do not offer any products or services directly to children under the legally allowed age. Where we knowingly have collected data of children, we will delete them immediately by erasing the data completely from our database.
IV. Finally, information collected on our site may be stored and processed into anonymous statistics or log files for internal use, such as traffic and profile analysis.
In general, we may have to process all categories of personal data to comply with applicable legal or regulatory requirements, relevant industry standards and our policies, and for litigation or defence of claims.
Subject to your explicit consent, we will use your contact details to send you our newsletter. We also may use the personal data in other ways, for which we provide specific notice at the time of collection.
Retention of your personal data
Your personal data is kept in our information systems only for as long as is necessary for the purposes for which it was collected (as described above). It will be deleted once it is no longer needed by us and once all requirements at law have been met.
We will retain and use your personal data for as long as reasonably necessary to perform our agreements or to consider tenders, to comply with our legal obligations (such as accounting and tax obligations) and to resolve disputes or enforce our agreements. Therefore, your personal data will be held during the duration of our contractual relationship and up to 10 years thereafter.
Application forms (CV’s), interview notes and references of unsuccessful candidates are kept for a period of 2 years following the closure of the hiring process. After that, when we would like to stay in contact with an applicant who was not chosen for the job he/she applied for we will ask for his/her consent to keep the cv in our application pool for another 2 years. This data will be timestamped in the database from the moment of entry, to be able to adequately handle it after the correct period.
In all cases personal data may be kept for a longer period of time where there is a legal or regulatory reason to do so, or a shorter period where the individual objects to the processing of their personal data and there is no longer a legitimate purpose to retain it.
The Reference only processes your personal data if at least one of these grounds applies:
Transfer to third parties
The Reference does not transfer your personal data to third parties, except:
THE REFERENCE shall in no case be liable, if it proves that it is not responsible for the event giving rise to the damage.
Transfer to third countries
When we transfer your personal data to other countries, outside of the European Economic Area, The Reference will take measures to ensure that your personal data is exclusively processed in accordance with this Privacy Statement and that adequate levels of protection have been implemented in order to safeguard your personal data. These arrangements can include Binding Corporate Rules for transfers within the Emakina Group, standard contractual clauses or approved certification mechanisms.
In accordance with the GDPR, The Reference will respond to your requests in the GDPR mandated time to exercise following rights:
You can exercise your rights by sending a request by email to firstname.lastname@example.org or by post to The Reference, 79 Madison Avenue, 10061 New York, New York, US.
Dispute Resolution and Arbitration
If you reside within the EU, any inquiries or complaints regarding The Reference’s compliance with the Privacy Shield program should be sent to the email and postal address set forth above. The Reference will respond within 45 days.
In compliance with the Privacy Shield Principles, The Reference commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Bart Roofthooft at: email@example.com.
The Reference has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) with regard to unresolved Privacy Shield complaints concerning data transferred from the EU.
Under certain conditions, individuals may be able to invoke binding arbitration before the Privacy Shield Panel jointly created by the U.S. Department of Commerce and the European Commission.
Federal Trade Commission Enforcement
The Reference is subject to the investigatory and enforcement powers of the Federal Trade Commission with respect to its compliance with the EU-U.S. Privacy Shield Framework.
The Reference has security policies and procedures in place to protect your personal data from unauthorized loss, misuse, alteration or destruction. Despite our best efforts, however, security cannot be absolutely guaranteed against all threats.
To the best of our ability, The Reference has taken steps to ensure the ongoing confidentiality, integrity, availability, and resilience of systems and services processing personal information. These actions may include physical security measures, network security measures, and organizational measures such as confidentiality clauses and restricted access.
Changes to our Privacy Statement
The Reference may change this Privacy Statement from time to time to reflect new legal or regulatory obligations, or in response to new data processing activities. Where the changes are significant we may choose to send an e-mail to all our registered users with the new details. Any such changes will be posted here and will be effective from the time they are communicated, or, if required, when we have obtained your consent. We advise you to check back frequently to see any updates or changes. This Privacy Statement was last reviewed June 25, 2018.