Site name
Download Center Contact us Portal for clients Find an agent Claim Status

A A A

SR

Site name

Želiš da među prvima dobijaš informacije o popustima i korisne savete?

Prijavi se

Privacy Notice for Job Applicants

Generali Osiguranje Srbija processes your personal data*

Generali Osiguranje Srbija a.d.o. (hereinafter: Company, with its registered office at Vladimira Popovića 8 processes your personal data as Data Controller*.

If you wish to receive more information, you can use the following mailing address: Generali Osiguranje Srbija a.d.o., Vladimira Popovića 8, 11070 Novi Beograd, Srbija.

For any questions or if you wish to exercise a right in respect of the processing of your personal data, you can contact our Data Protection Officer*:

By e-mail: dpo@generali.rs

By traditional mail:
Generali Osiguranje Srbija a.d.o., Vladimira Popovića 8, 11070 Novi Beograd, to the attention of the Data Protection Officer (Lice za zaštitu podataka)

 

Why the provision of your personal data is required

We process your personal data collected through questionnaires, Internet portal and other communication channels:

  • for the purpose of recruitment, selection and notification of applicants about new positions at the Company;
  • for the purpose of meeting legal requirements under the laws of the Republic of Serbia

The processing of personal data for the purposes specified under the point 1, is based on your consent.

Processing of personal data for the purposes indicated under the point 2 is necessary to allow the Company to comply with the legal obligations to which it is subject.

 

Why the provision of your personal data is required

Processing of your personal data is required for the process of selection of candidates for an open position in order to enter into an employment contract, and for the purpose of sending notifications on the new positions.

Failure to provide the requested personal data, or providing partially accurate or incomplete data, could result in an unfavorable outcome in the selection process.

 

Which personal data we use

We process only the personal data* strictly necessary to achieve the purposes above indicated:

  • Biographical and identification data;
  • Contact details;
  • Educational background and qualifications data;
  • Psychological test data and English language skills data (only from the candidates who meet the job requirements);
  • Criminal record data; and
  • Data proving no conviction of a criminal offense of illegal proceeds or criminal offenses related to terrorism (only for certain positions/ functions at the Company, for which provisions of the Law on the Prevention of Money Laundering and the Financing of Terrorism apply).

We collect personal data from you directly, or through third parties (employment agencies and third-party referrals).

 

With whom we share your personal data

Access to your personal data will be allowed only to the employees whose job description requires data access, and the platform for candidate selection process management. The company treats these data as confidential and applies adequate technical and organizational data protection measures in accordance with the law and the Company’s internal regulations. The Company also implements the international standard for information security ISO27001.

Our staff and third parties who process your personal data receive proper instructions about the correct modalities of the processing.

 

Where we transfer your personal data

As a general rule, we do not transfer your personal data outside the Republic of Serbia and the countries of the European Economic Area.

In exceptional cases, only for the purposes indicated above and upon request, we may transfer your personal data to a third party or an authority outside the Republic of Serbia and the European Economic Area.

In any case, the transfer of your personal data is performed in compliance with the applicable laws and international agreements, implementing suitable safeguards (such as standard contractual clauses, binding business rules, approved codes of conduct, issued certificates, contractual provisions between the Data Controller and Data Processor, approved by the Commissioner).

 

The rights you can exercise in respect of the processing of your personal data

 

Access

You may request access to your personal data to receive information, for example, about the categories of personal data that the Company is currently processing, but you must note that the request refers to the data of a customer or a person interested in your products.

 

Rectify or update

You may ask the Company to correct or update personal data that are inaccurate or incomplete;

 

Erase

You may ask the Company to erase personal data where one of the following applies:

  • The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
  • You withdraw consent on which the processing is based and where there is no other legal ground for the processing;
  • You object to automated decision-making and there are no overriding legitimate grounds for the processing, or you object to the processing for direct marketing purposes;
  • The personal data have been unlawfully processed;
  • The personal data have to be erased in compliance with the Company’s legal obligations;
  • The personal data have been collected in relation to the information society services.

 

Restrict

You may ask the Company to restrict how it processes your personal data, where one of the following applies:

  • You contest the accuracy of your personal data, for a period enabling the Company to verify the accuracy of your personal data.
  • The processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead.
  • The Company no longer needs the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defense of legal claims.
  • You have objected to processing pursuant to the right to object and automated decision-making, pending the verification of whether the legitimate grounds for the Company override those of you.

 

Portability

You can request that you receive the data processed by the Company under the contract or based on your consent in a structured, commonly used, machine-readable format and that you transfer this data to another organization, or that it be transferred by the Company, if technically feasible.

In case you provided your consent to the processing of personal data, you may withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

If your personal data are transferred outside the European Economic Area, you have the right to obtain a copy of such data as well as an indication of the Country/Countries where the personal data have been made available.

You can exercise your personal data processing rights by sending a request by e-mail or traditional mail. Sending a request is free of charge, unless it turns out to be unfounded or excessive.

By e-mail: dpo@generali.rs
Traditional mail: Generali Osiguranje Srbija a.d.o., Vladimira Popovića 8, 11070 Novi Beograd

 

Your right to object to the processing of your personal data

An objection to the processing of personal data will be automatically accepted only if we process your data based on consent.

In other cases, an assessment is made to decide whether the objection is accepted or not, and you will be informed in writing.

 

Your right to file a complaint with a competent authority

If you believe that the personal data processing was carried out against the Law on Personal Data Protection, you have the right to file a complaint to the Commissioner for Information of Public Importance and Personal Data Protection* to the address listed on the website https://www.poverenik.rs/sr

 

How long we retain your personal data

Your personal data can be retained for different periods of time, depending on the purposes of the processing, in compliance with the applicable privacy laws.

We store data collected based on consent for 3 years, or until consent is revoked - whichever comes first. We store data collected under law according to the storage periods required by law.

 

Changes and updates of the Privacy Notice

The Company may update, wholly or partially, this Privacy Notice due to possible amendments to the applicable privacy laws. Any changes or updates will be posted on the Company’s website www.generali.rs

 

Glossary

Processing means any operation or set of operations which is performed on personal data or sets of personal data, such as collection, recording, classification, grouping or structuring, storage, adaptation or alteration, disclosure, access, use, disclosure by transmission, i.e. delivery, copying, dissemination or otherwise making available, comparison, restriction, erasure or destruction, whether or not by automated means.

Personal data means any information relating to an individual identified or identifiable, directly or directly, especially based on an identifier, such as a name and an identification number, location data, an online identifier, or one or more characteristics of their physical, physiological, genetic, mental, economic, cultural or social identity.

Special categories of data mean the personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership as well as genetic data, biometric data where they uniquely identify a person, data concerning health, or data concerning a person’s sex life or sexual orientation.

Health data means the personal data relating to the physical or mental health of an individual, including those about medical services, disclosing information about their health.

Data subject means the person whose personal data are processed.

Data controller means the individual or legal person, i.e. an authority which, alone or jointly with others, determines the purpose and means of processing. The law that determines the purpose and means of processing can also determine the data controller or set the terms of their assignment.

Joint controller means the individual or legal person, public authority, agency or other body which, jointly with other data controllers, determines the purposes and means of the processing of personal data.

Data processor means the individual or legal person, public authority, agency or other body which processes personal data on behalf of the data controller.

Consent of the data subject is any data subject’s wish that is freely given, specific, informed and unequivocal, by which that person, via statement or by a clear affirmative action, agrees to the processing of personal data relating to him or her.

Personal data breach means a breach of personal data security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed.

Data Protection Officer means a person in charge of support activities for the company functions and control activities in respect of the processing of personal data. It is also in charge of cooperating with the Supervisory Authority and it represents the contact point, also for the data subjects, for any matters connected with the processing of personal data. 

The Commissioner for Information of Public Importance and Personal Data Protection is an independent and autonomous authority established under the law, responsible for supervising the implementation of the Law on Personal Data Protection and performing other tasks required under the law.