Joble Privacy and Policy

An overview of Joble's commitment to privacy, outlining the purpose, scope, and applicability of the privacy policy.

1. Definitions and Interpretations

Key Definitions

Below is a glossary of key terms and definitions used throughout the privacy policy. These definitions are meant to clarify the meaning of specific words and phrases and ensure consistency in understanding.

  1. Personal Data: Information that relates to an identified or identifiable individual.
  2. Processing: Any operation or set of operations performed on personal data, whether automated or manual.
  3. Controller: The entity that determines the purposes and means of processing personal data.
  4. Processor: The entity that processes personal data on behalf of the controller.
  5. Consent: Freely given, specific, informed, and unambiguous agreement by the data subject to the processing of personal data.
  6. Third-party: Any entity other than Joble, the data subject, the controller, or the processor.
  7. Cookies: Small files stored on a user's device when visiting a website, used to track user activity and preferences.
  8. Sensitive Data: Special categories of personal data revealing racial or ethnic origin, political opinions, religious beliefs, or other sensitive information.
  9. User: Any individual who accesses or uses the services provided by Joble.
  10. Vendor: A third-party entity providing goods or services to Joble, including those related to data processing.
  11. Joble Services: Refers to all products, applications, and platforms offered by Joble.

Interpretations

The following rules of interpretation apply to this privacy policy:

  1. Singular and Plural: Words in the singular include the plural and vice versa, as the context requires.
  2. Headings: Headings and subheadings are for convenience only and do not affect the interpretation of the policy.
  3. Gender: Words importing one gender include all genders.
  4. Statutory References: A reference to a statute includes any subordinate legislation made under that statute, as amended or re-enacted.
  5. Website: References to the "website" shall mean joble.app and any subdomains or related sites operated by Joble.
  6. Including: The word "including" shall be interpreted to mean "including without limitation."

Should there be any confusion or discrepancy in interpreting the terms and conditions of this privacy policy, please contact us at legal@joble.app for clarification.

2. Information Collection and Use

Under Dutch law, Joble is committed to protecting your privacy. This section outlines the types of personal information we collect and how we use that information.

  1. Personal Details: Full Name, Age, and Gender — for identification, service provision, and legal compliance.
  2. Contact Information: For communications regarding our services.
  3. Location Data: To ensure compliance with local regulations and to provide region-specific offerings.
  4. Professional Details: Job Titles, Roles, Industry, Resume and Career History.
  5. Financial Information: Payment Details and Transaction History.
  6. Technical Information: Device, Usage Data, Cookies, and Similar Technologies.
  7. Special Categories: Health Information, Criminal Background — for specific services, with explicit consent.

3. Methods of Collection

Joble collects personal information through various apps and packages:

  • JobID: Identity Verification — collects government-issued IDs, proof of address for KYC/KYB compliance.
  • JobPays: Financial Information — payment details, transaction history, and financial behavior analysis.
  • JobMatch: Career Details — career history, skills, qualifications, and preferences.
  • JobCRM, JobEMS, JobEvent: Professional Interaction data related to project management, sales, marketing, HR, and event management.

4. Use of Information

Joble uses your information for the following specific purposes:

  • Identity Verification (KYC/KYB): To ensure authenticity through rigorous identity checks on individuals and businesses.
  • Reusable Verification: Once verified through JobID, the trust level established can be reused within other Joble applications.
  • Secure Storage: Encrypted storage, localized data handling, and compliance with ISO 27001 standard.
  • Trust Level Scoring: Determine user trustworthiness and grant appropriate access and permissions.
  • Cross-Application Integration: Facilitate seamless interaction between different Joble applications.
  • Data Integrity: Implementation of two-step verification, encryption, and other international standards.

5. Third-Party Sharing and Collaboration

Joble collaborates with vetted third-party systems to enhance functionality and provide value-added services.

  • Vetted Partnerships: A rigorous vetting process assesses third-party compliance with local and international regulations.
  • Relevant Information Sharing: Only necessary and non-sensitive information relevant to the functionality or service is shared.
  • Restricted Sensitive Information: No sensitive information is shared with third-parties unless absolutely warranted and with explicit consent.
  • Compliance Requirements: Third-parties must follow all applicable local and international regulations.
  • Data Security: Third-parties must implement robust security measures including encryption, access controls, and monitoring.

6. Security Measures

Joble's security framework maintains the highest standards in data protection:

  • Region-Based Data Storage: Data restricted within geographical boundaries, complying with regional data protection laws.
  • AuthMiddleware: JWT tokens for stateless authentication and role-based access control.
  • DatabaseMiddleware: Automated region-based database selection and multi-factor authentication.
  • Encryption: End-to-end encryption using industry-leading algorithms with regular key rotation.
  • Two-Step Verification: Mandatory two-factor authentication with biometric options where applicable.
  • ISO 27001 Compliance: Continual alignment with ISO 27001, GDPR, and other relevant standards.
  • Incident Response Plan: Detailed procedures for identification, containment, eradication, recovery, and lessons learned.

7. Data Retention

Joble's data retention policies align with regulatory requirements, operational needs, and privacy concerns:

  • General Principles: Information is kept for as long as the user remains active or as required by applicable law.
  • Deletion or Anonymization: Upon user request or account closure, data is deleted or anonymized, subject to legal obligations.
  • JobID: Data retained for the duration of the verification and trust level establishment process.
  • JobPays: Financial records retained as per financial industry standards and Dutch law.
  • JobEMS: Employee records retained according to HR regulations and business needs.
  • JobMatch: Candidate profiles retained as needed for recruitment processes.

8. International Data Transfers

International data transfers are undertaken with strict adherence to international privacy laws and regulations:

  • ISO 27001: Joble's data security measures align with the ISO 27001 standard.
  • Regional Data Localization: Data does not flow out of the region, complying with regional data protection laws.
  • Two-Step Verification and Encryption: Additional security layers for all data transfers.
  • Continuous Monitoring: Advanced security tools monitor for suspicious activities and potential breaches.

9. User Rights and Control

Joble recognizes and respects the rights of users concerning their personal information:

  • Right to Access: Users can request a copy of their data through their user profile or by contacting support.
  • Right to Rectification: Users can correct inaccurate or incomplete personal information directly within their profiles.
  • Right to Erasure: Users can request deletion of their personal information in certain circumstances.
  • Right to Restriction: Users can request restrictions on the processing of their personal information.
  • Right to Data Portability: Users can request their data in a commonly used electronic format.
  • Right to Object: Users can object to processing of their personal information.

10. Compliance with Legal Regulations

Joble is committed to compliance with all applicable laws and regulations, including GDPR, Dutch data protection law, and sector-specific regulations. Users may file complaints with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).

11. Children's Privacy

Joble's services are not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us at legal@joble.app immediately.

12. Updates and Notifications

Changes to this policy will be communicated in accordance with Dutch law, ensuring transparency and alignment with users' rights and expectations. Material changes will be notified via email or in-product notification at least 30 days before they take effect.

13. Dispute Resolution

Any disputes regarding this privacy policy should first be submitted to legal@joble.app. If unresolved, disputes are subject to Dutch jurisdiction. Users also have the right to lodge a complaint with the Dutch Data Protection Authority.

14. Miscellaneous

If any provision of this privacy policy is found to be unenforceable, the remaining provisions will continue in full force and effect. This privacy policy constitutes the entire agreement between you and Joble with respect to your privacy. Contact: legal@joble.app

15. Cookies and Tracking Technologies

Joble uses cookies and similar technologies to improve user experience, analyze site traffic, and deliver personalized content. You can control cookie preferences through your browser settings. We use essential, functional, analytics, and marketing cookies.

16. Health and Sensitive Information

Where sensitive personal data is processed (such as health information), this is done only with explicit consent, or where required by law. Such data receives additional protections including enhanced encryption and stricter access controls.

17. Employee and B2B Data Processing

In B2B contexts, Joble processes data of employees and business contacts on behalf of its business customers. In these cases, the business customer acts as the data controller and Joble as the data processor, governed by a Data Processing Agreement (DPA).

18. Accessibility

Joble is committed to making this privacy policy accessible. If you need this document in an alternative format, please contact legal@joble.app.

19. Marketing Preferences and Opt-Out

You can opt out of marketing communications at any time by clicking the unsubscribe link in any email, or by contacting legal@joble.app. Opting out of marketing does not affect transactional or service communications.

20. Vendor and Supplier Obligations

All vendors and suppliers processing personal data on behalf of Joble are required to enter into a Data Processing Agreement and comply with GDPR and applicable Dutch law. Vendors are assessed for data security practices as part of the procurement process.