Protecting your data, privacy and personal information is very important to Thanks Anna ApS .(“Anna”, “our”, “us” or “we”).
When visiting Anna’s website at https://anna.co or any of its affiliated websites (our “Website”), using our application “Anna” (our “App”) or using any of the services offered via the Website or the App (the “Services”), you acknowledge, and where applicable consent to, the practices described in this policy.
Anna builds and operates an Applicant Tracking Systems and a connected Shared Talent Pool for businesses and employees in the Hospitality sector.
Shared Talent Pool: Our Services connect you with Job Seekers, Jobs, or Employers (as applicable), giving you the ability to search for, browse, and communicate with Job Seekers, Jobs, or Employers (as applicable). However, we also use automated matching processes facilitated by algorithms within the Services which seek to match you with the most appropriate Job Seekers, Jobs, or Employers (as applicable) by reference to the data you have provided to us along with any criteria specified by the Job Seeker or Employer (as applicable). This may result in decisions being made automatically. For example, we may limit the Job Seekers that are visible to Employers based on the qualifications and expertise required for that job. In relation to this automated processing, we ensure there are safeguards in place to protect your rights and freedoms and legitimate interests and you have the right to contest any automated decisions made and obtain human intervention to alter decisions made, where possible. We may also use non-algorithmic methods to match you with Job Seekers who we believe would be suitable candidates or Employers who we believe have a suitable role for you (as applicable). These will always be recommendations and we will not commence any job applications without your involvement and/or consent.
We may collect and process the following data about you:
Information that you provide to us.
We will ask you to provide us with your information when you:
The information you may be asked to provide to us for these purposes might include your name, address, date of birth, email address, phone number, picture, video, audio, county of location, job title, work history, school attended, references, preferences, opinions, intentions, interests, likes, dislikes, life history, major events, social network, friends, connections, associations, national identification number, and/or driving license number.
Information we collect about you.
With regard to each of your visits to our Website or App we may automatically collect the following information:
Information we may collect about others. We may collect and process data about others that you provide us with, including (but not limited to) information that you provide by filling in forms on our Website or App, or that you provide to us by email. This information might include, but is not limited to, opinions, ratings and reviews you provide us with on other users you have interacted with, whether Job Seekers or Employers.
Information we receive from other sources. When using our Services, we will be in contact with third parties who may provide us with certain information about you in order to enable your use of the Services. This includes information from service providers such as Facebook or Google if you access our App through your Facebook or Google+ account.
Use of personal information under EU data protection laws must be justified under one of a number of legal “grounds” and we are required to set out the ground in respect of each use of your personal data in this policy. These are the principal grounds that justify our use of your information:
We use information held about you (and information about others that you have provided us with) in the following ways:
Applicable to job seekers
Anna and each Employer acts as a data controller in their own right, which means both independently determine the purpose and means of processing the personal data of the relevant Job Seeker. Where an Employer receives personal data relating to a Job Seeker it will be responsible for how it processes personal data.
Applicable to employers
Where an Employer receives personal data relating to a Job Seeker pursuant to using our Services, the Employer will be responsible for how it processes such personal data and the Employer will be a data controller in its own right and must comply with all applicable data protection legislation.
Art. 6(1) lit. a GDPR serves as the legal basis for processing operations for which we obtain Consent for a specific processing purpose. If the processing of Personal Data is necessary for the performance of a contract to which the Data Subject is party, the processing is based on Article 6(1) lit. b GDPR. If the processing of Personal Data is necessary to pursue the Data Controller’s legitimate business interests of answering an enquiry submitted by the Data Subject or providing information to the Data Subject, the processing is based on Article 6(1) lit. f GDPR.
We may disclose your personal information to our service providers and business partners, including Google, Firebase, Intercom, Typeform, Twilio, Sendgrid, Cronofy, our network of Employers and third party Employers (with your consent) (to assist us in performing any contract we enter into with them or you, including providing the Website, App and the Services it enables), analytics providers, including Google, and Facebook.
The personal data can also be passed on to subcontractors providing services on behalf of Thanks Anna ApS or acting under our instructions and authority, government bodies and in any and all cases where we are compelled to do so. In this regard and with the aim of protecting your privacy, we follow strict criteria for the selection of our service providers in order to comply with our data protection obligations. In this regard, we undertake to sign with them the corresponding Data Processing Agreement - in compliance with the requirements established by GDPR. This agreement will impose, among others, the following obligations: to apply appropriate technical and organisational measures; to process personal data for the agreed purposes, attending only to Anna's instructions and to delete or return the data once the provision of services has ended. All obligations that we impose on our service providers who access your personal data are aimed at ensuring maximum privacy.
We also inform you that some of the third party service providers mentioned may be located outside the European Union. More precisely, we have service providers located in the USA. In these cases, it is worth noting that these providers are adhered to the "Privacy Shield" between the European Union and the USA, thus providing an adequate level of protection for personal data.
In addition, we may also disclose your personal information to third parties in the following circumstances:
Our Services may contain links to third party services. If you click on a link to access any of those third-party services, please note that they have their own privacy policies and that we do not accept any responsibility or liability for their policies or processing of your personal information. Please check these policies before you submit any personal information to such third-party websites.
In the future, you will also be able to log on to the App via an account with various social media networks, such as Facebook. In that case, please note that we can gain access to certain data in your social media account, such as your name, profile photograph and contacts. Furthermore, in that case, your social media username and profile photograph may become automatically visible on the App and information may be published on your social media page.
No data transmission over the internet can be guaranteed to be secure from intrusion. However, we maintain commercially reasonable physical, electronic and procedural safeguards to protect your personal information in accordance with data protection legislative requirements.
Sensitive information between your browser and our Website and App is transferred in encrypted form using secure socket layer (“SSL”) or equivalent cryptographic protocols using certificates issued by a trusted third-party authority.
All information you provide to us is stored on our or our subcontractors’ secure servers and accessed and used subject to our security policies and standards.
We use hosted servers (such as Google Cloud Computing Services) in the course of our business, including for the permission of marketing and sales activity. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential, ensuring it is secure and strong, and for complying with any other security procedures that we notify you of. We ask you not to share your password with anyone.
We will hold all the data for so long as we have an obligation to the Customer to provide the Services, and thereafter until such time as we delete the Customer’s account in accordance with our Customer Terms and Conditions.
Your personal information will be deleted on one of the following occurrences:
Under the General Data Protection Regulation (EU) 2017/676, you have various rights in relation to your personal data. All of these rights can be exercised by contacting us firstname.lastname@example.org
In certain circumstances, you have the following rights in relation to your personal data:
Anna will not ordinarily charge you in respect of any requests we receive to exercise any of your rights detailed above; however, if you make excessive, repetitive or manifestly unfounded requests, we may charge you an administration fee in order to process such requests or refuse to act on such requests. Where we are required to provide a copy of the personal data undergoing processing this will be free of charge; however, any further copies requested may be subject to reasonable fees based on administrative costs. Asking us to stop processing your personal data or deleting your personal data will likely mean that you are no longer able to use Anna’s Services, or at least those aspects of the Services which require the processing of the types of personal data you have asked us to delete, which may result in you no longer being able to use the Services. Where you request Anna to rectify or erase your personal data or restrict any processing of such personal data, Anna may notify third parties to whom such personal data has been disclosed of such request. However, such third party may have the right to retain and continue to process such personal data in its own right.
For the purpose of the GDPR, the data controller is Anna ApS, registered under:
Corporate name: Thanks Anna ApS
Tax number: 40687963
Address: Strandvejen 75, 1 TV, 2100 Copenhagen, Denmark
In case of a data breach, Thanks Anna ApS will notify the proper supervisory authority without unnecessary delay after the data controller became aware of the breach within 72 hours unless there are legal reasons for an extension.