1. INTRODUCTION
This Privacy Policy explains how Chaser ("Chaser", "we", "us", "our") collects, uses, discloses, and protects personal data of candidates, representatives of client companies, and visitors of our website www.itchaser.org (the "Website").
We act as an independent data controller when we process personal data in connection with the provision of our recruitment and related services.
By using our Website or by providing your personal data to us, you acknowledge that you have read this Privacy Policy.
2. DATA CONTROLLER AND CONTACT DETAILS
The data controller responsible for the processing of your personal data is:
Chaser
Registered office: Office 201, TOLMI BUILDING, Athinon 7, Paphos, Cyprus, 8035
Contact email for privacy matters: alex.dvornik@chaser.one
For all questions, requests, or complaints regarding this Privacy Policy or our handling of your personal data, you may contact our designated contact person for data protection matters:
Data Protection Contact Person:
Mr. Alexey Dvornik
Email: alex.dvornik@chaser.one
3. CATEGORIES OF PERSONAL DATA WE PROCESS
We may collect and process the following categories of personal data, depending on your relationship with us and the way you interact with us:
3.1. Candidate data
Identification data: first name, last name, title.
Contact data: email address, telephone number, links to professional and social media profiles (e.g., LinkedIn, GitHub, portfolio links).
Professional data: CV/resume, cover letters, details of education, qualifications, skills, languages, work experience, references, salary expectations, and other information relevant to assessing suitability for roles.
Communication data: information contained in emails, messages, interview notes, and other communications with you.
Technical data: IP address, browser type, device identifiers, and data derived from cookies and similar technologies when you visit our Website (see section 7).
3.2. Client and prospective client data
Identification and role data: name, position, department.
Company data: name of employing or engaging entity, business address.
Contact data: business email address, business telephone number, and other business contact details.
Communication data: correspondence, meeting notes, information about open roles and hiring needs.
We do not intentionally collect or process special categories of personal data within the meaning of Article 9 GDPR (such as health data, biometric data, political opinions, religious beliefs, trade union membership, sexual orientation). We kindly ask you not to include such information in your CV or to any other materials you share with us. If, in exceptional cases, such data is relevant and you decide to provide it, we will process it only where required or permitted by applicable law and, where necessary, based on your explicit consent.
4. SOURCES OF PERSONAL DATA
We may obtain your personal data from the following sources:
Directly from you, for example when you submit your CV via the Website, by email, or during interviews and calls;
From publicly available sources, such as LinkedIn or other professional networks and websites, where this is allowed by the platform and applicable law;
From our client companies, where they have shared your details as a potential candidate or contact person;
From our Website and communication systems through cookies and similar technologies.
5. PURPOSES AND LEGAL BASES FOR PROCESSING
We process personal data only where we have a valid legal basis under data protection law. Depending on the context, we may process your personal data for the following purposes and on the following legal bases:
5.1. Provision of recruitment and related services
Purpose: to assess your suitability for roles, to match you with vacancies, to present your profile and CV to our client companies, to arrange interviews and to manage the recruitment process.
Legal bases:
Article 6(1)(b) GDPR – processing is necessary in order to take steps at your request prior to entering into a contract or for the performance of a contract with you; and/or
Article 6(1)(a) GDPR – your consent, for example where we share your CV and profile with a specific client company.
5.2. Relationship management with candidates and clients
Purpose: to maintain our database of candidates and client contacts, to respond to your inquiries, to keep in touch with you regarding suitable opportunities or services.
Legal bases:
Article 6(1)(b) GDPR – performance of a contract or taking steps at your request; and/or
Article 6(1)(f) GDPR – our legitimate interest in managing relationships with candidates and clients and operating our business.
5.3. Website operation, analytics, and improvement
Purpose: to operate and secure the Website, to analyze its use, and to improve our services and user experience.
Legal bases:
Article 6(1)(f) GDPR – our legitimate interest in ensuring the proper functioning, security, and improvement of our Website and services; and
Where required for non-essential cookies and similar technologies – Article 6(1)(a) GDPR – your consent (see section 7).
5.4. Compliance with legal obligations and protection of rights
Purpose: to comply with statutory obligations (for example in the field of tax or corporate law), to respond to lawful requests of public authorities, to establish, exercise or defend legal claims.
Legal basis:
Article 6(1)(c) GDPR – compliance with a legal obligation to which we are subject;
Article 6(1)(f) GDPR – our legitimate interest in protecting our rights, property, and interests.
We do not use your personal data for direct marketing or unsolicited promotional communications.
6. DISCLOSURE OF PERSONAL DATA
We do not sell your personal data. We share personal data only to the extent necessary and in accordance with data protection law.
6.1. Disclosure to client companies
With your consent and only in the context of recruitment activities, we may disclose your CV, profile, and other relevant information to client companies that are considering you for a particular role or future roles.
6.2. Service providers (processors)
We may engage third-party service providers who process personal data on our behalf, for example providers of IT infrastructure, hosting, email, communication, and collaboration tools, and professional advisers. Such service providers act as data processors and are bound by contractual obligations to process personal data only on our documented instructions and to implement appropriate technical and organizational security measures.
6.3. Legal and regulatory disclosure
We may disclose personal data where this is required by applicable law, court order or at the request of public authorities, or where such disclosure is necessary to establish, exercise or defend legal claims.
7. COOKIES AND SIMILAR TECHNOLOGIES
Our Website uses cookies and similar technologies to ensure its proper functioning, to remember your preferences and to perform statistical analysis of the use of the Website.
Where required by law, we will obtain your consent before placing non-essential cookies on your device. You can manage your cookie preferences at any time through the cookie banner or settings made available on the Website, as well as through your browser settings.
For more detailed information about the cookies used on the Website, the purposes of their use, and your choices, please refer to our separate Cookie Policy.
8. INTERNATIONAL DATA TRANSFERS
As a company established in Cyprus, we primarily process and store personal data within the European Economic Area ("EEA").
To the extent we transfer personal data to recipients located outside the EEA or in countries that are not subject to an adequacy decision of the European Commission, we will ensure that appropriate safeguards are in place, such as:
the use of Standard Contractual Clauses adopted by the European Commission; and/or
other safeguards recognized by the GDPR.
You may contact us using the details in section 2 to obtain more information about such safeguards.
9. DATA RETENTION
We retain personal data only for as long as necessary for the purposes for which it was collected, in accordance with our internal retention policies and applicable law.
For candidates, we generally retain your personal data for the duration of an active recruitment process and for a period of up to 12 (twelve) months thereafter, in order to be able to consider you for future opportunities and maintain an accurate record of our interactions. We may retain certain data for a longer period where required by law or where necessary to establish, exercise or defend legal claims.
You may request the deletion of your data at any time (see section 10). We will honor such requests unless we have a compelling legitimate ground or a legal obligation to retain certain data.
10. YOUR RIGHTS AS A DATA SUBJECT
Subject to the conditions and limitations set out in the GDPR and other applicable laws, you have the following rights in relation to your personal data:
Right of access – to obtain confirmation as to whether we process your personal data and to receive a copy of such data.
Right to rectification – to have inaccurate or incomplete personal data corrected.
Right to erasure – to request the deletion of your personal data ("right to be forgotten") where there is no valid reason for us to continue processing it.
Right to restriction of processing – to request that we limit the processing of your personal data in certain circumstances.
Right to data portability – to receive the personal data that you have provided to us in a structured, commonly used and machine-readable format and to transmit it to another controller, where processing is based on consent or contract and carried out by automated means.
Right to object – to object, on grounds relating to your particular situation, to processing carried out on the basis of our legitimate interests.
Right to withdraw consent – where processing is based on your consent, you may withdraw it at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
To exercise any of your rights, please contact us at privacy@itchaser.org. We may need to verify your identity before responding to your request. We will respond without undue delay and in any event within the time limits provided by law (usually within one month).
You also have the right to lodge a complaint with the competent supervisory authority. In Cyprus, this is the Office of the Commissioner for Personal Data Protection (www.dataprotection.gov.cy). You may also have the right to complain to a supervisory authority in your country of residence or place of work.
11. DATA SECURITY
We implement appropriate technical and organizational measures designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data.
Such measures include, as appropriate: access controls, role-based authorization, secure storage, encryption or pseudonymization where reasonable, backup and recovery procedures, and regular review of our security practices. Despite our efforts, no system can be completely secure and we cannot guarantee absolute security of your data.
12. MINORS
Our services are not directed to children and we do not knowingly collect personal data from persons under the age of 18. If you believe that we may have collected personal data about a child, please contact us so that we can take appropriate steps to delete such data.
13. CHANGES TO THIS PRIVACY POLICY
We may update this Privacy Policy from time to time, for example to reflect changes in our processing activities or in applicable law. We will publish the updated version on the Website and indicate the date of the latest revision at the top of the document. We encourage you to review this Privacy Policy periodically.
14. CONTACT
If you have any questions, comments or requests regarding this Privacy Policy or our processing of your personal data, please contact us at:
Chaser
Registered office: Office 201, TOLMI BUILDING, Athinon 7, Paphos, Cyprus, 8035
Email: alex.dvornik@chaser.one
