Notice on the Processing of Personal Data
(in accordance with Articles 13 & 14 of Regulation (EU) 2016/679)

Entersoft-Softone responsibly manages the personal data of applicants, complying with the General Data Protection Regulation (GDPR - Regulation (EU) 2016/679) and national legislation.

1. Data Controller & Legal Framework
The Company acts as the Data Controller and fully complies with the provisions of the GDPR and applicable Greek legislation regarding personal data protection. In this context, the Company is committed to ensuring the security of applicants' data by implementing all necessary technical and organizational measures required by the relevant legal framework.

2. Sources of Personal Data Collection
As a rule, data is collected directly from you. However, in certain cases, personal data may also be obtained from authorized third parties, such as:
• recruitment companies,
• professional online platforms (e.g., LinkedIn),
• Career Offices of Universities/Schools.

3. Disclosure to Third Parties & Categories of Recipients
Your personal data may be shared:
• with the relevant departments within the Company and other companies of the Entersoft-Softone Group,
• with third-party entities, whether public or private, when required by law or necessary for the legitimate interests of the Company.

Specifically, data may be disclosed:
• to external providers of human resources services (e.g., headhunters),
• to professional platforms (e.g., LinkedIn),
• to the provider of the associated digital assessment platform.

The Company ensures that all third parties processing personal data on its behalf comply with Article 28 of the GDPR and are contractually committed to adhering to data protection standards.

4. Data Security
• The Company takes all appropriate organizational and technical measures to protect your personal data from accidental or unlawful destruction, loss, alteration, unauthorized access or disclosure, and any other form of unlawful processing.
• During the recruitment process, automated pre-screening systems (Applicant Tracking Systems - ATS) may be used, which may involve artificial intelligence (AI) algorithms to classify and pre-select submitted profiles based on objective, predefined criteria (e.g., educational qualifications, professional experience, technical skills).
• The use of such tools does not involve automated decision-making as defined in Article 22 of the GDPR. The final decision to approach candidates is always made under the supervision and judgment of a human resources staff member.

5. Data Subject Rights
• Right to Rectification: You have the right to request the correction of your personal data if it is inaccurate or incomplete, in accordance with the Company's internal policies and procedures.
• Right to Erasure: You can request the deletion of your data when it is no longer necessary for the purposes for which it was collected, or if there is no longer a legitimate basis for processing it. The right to erasure is subject to exceptions, if there is a legal obligation or another legitimate interest requiring the retention of your data.

6. Data Retention Period
Upon completion of the hiring process for the position you applied for, and no later than two (2) years from the date of submission, your personal data, including your resume and cover letter, will be deleted from our records.