Privacy Policy
1. Introduction
Strata Talent (“StratA”, “us” or “we”) appreciates your interest in our services. Your privacy is important to us and we want you to feel comfortable using our services and visiting our website. It is a major concern for StratA that your personal data is treated in a responsible manner and in compliance with legal requirements. To this end, we take a number of precautions, such as implementing robust technical and organizational security measures (e.g., password encryptions, firewalls, authentication technologies, access management, employee awareness-raising, and training.
This privacy policy (together with the website policy, cooky policy, and any other document referred to herein, “Privacy Policy”) describes the way we process your personal data when you use our services, visit our website, or register for any service, providing information about yourself.
Please read our Privacy Policy carefully before registering for, or using any of our services and, in particular, before entering any personal data, to understand our views and practices regarding your personal data, how we will treat it, and the basis on which it could be disclosed to third parties. By registering for, or using any of our services you are confirming and consenting to the data privacy practices described in the Privacy Policy. If you do not agree to this statement, do not register for, or use any StratA services and do not use our website.
Additional provisions apply to certain kinds of data processing e.g. our social media presence. However, the corresponding provisions are available on the relevant websites.
2. Processing personal data
2.1 Categories of personal data
StratA processes different categories of personal data (such as data of clients, prospects, website users, or other third parties), it limits its processing of these to a necessary minimum and in accordance with the applicable laws and regulations. This is understood as referring to the following:
- Master data (e.g., name, address, e-mail address, phone number, date of birth, account and contract number, other account information, concluded transactions or third parties, e.g., family members, authorized representatives, advisors who might also be affected by the data processing, and other data transmitted to us if a person voluntarily completes a registration form or comment field for a newsletter or uses certain services).
- Technical data (e.g., IP addresses, browser plug-in types and versions, cookies, internal and external identifiers, logging data, a record of access and changes, content accessed by the website user, including time and date of access, business/account number).
- Marketing data (e.g., preferences, wishes, requested reference material).
However, StratA’s intention is not to seek any sensitive data (also called special category data) unless legally required for recruiting purposes. Sensitive data includes a number of types of data relating to, e.g., race or ethnic origin, political opinions, religious or other similar beliefs, trade union membership, physical or mental health, sexual life, or criminal records. StratA suggests that you do not provide sensitive data of this nature. Should you wish to provide sensitive data for any reason, StratA accepts this as your explicit consent to use that data in the way described in this Privacy Policy or as described at the point where you choose to disclose sensitive data. In this respect, your explicit consent will be required in a separate procedure at the point where you choose to disclose such sensitive data.
2.2 Origin of personal data
In line with the purposes of paragraph 2.3, we may collect personal data – to the extent legally permitted – from the following sources, in particular:
- Personal data that is given to us by the data subject, namely for the recruitment purposes, during an advisory discussion, for signing up for a newsletter and/or event, participating in discussion boards or other social media functions on our websites, or any information relating to a job application registration.
- Personal data that is necessary for the facilitation of services and that is transmitted to us via the technical infrastructure (e.g., via our website, or collaborations with IT service providers or market places).
- Personal data from third parties, such as authorities, Worldcheck, rating agencies, analytics providers, or search information providers.
- Personal data that is publicly assessable (e.g., public register information, public social media platforms).
2.3 Purpose and usage of data
We may process personal data as described above for the provision of our services and/or for our own legally prescribed purposes and to the extent legally permitted. This is understood as referring to the following, in particular:
- Processing, improving, managing, and executing our services (e.g., recruitment, market mapping, market advising) as well as to update the data of individuals with whom we maintain a business relationship.
- Service development, statistics, business decisions (e.g., developing ideas for new or assessing existing services, procedures, technologies, establishing key figures for the use of services and utilization figures).
- Managing, controlling, and monitoring business-related decisions and risks, processing business in good time.
- System administration and reporting aggregated statistical information about browsing patterns and action which does not identify any individual.
- Market research, marketing, comprehensive client service, advise and information regarding a range of services, etc. (e.g., events for clients, prospects and interested third parties, cultural events, sponsorship, assessment of a client, market or product potential, information regarding changes, determination of client satisfaction, online and hardcopy advertisement).
- Protection of our interest and rights in case of claims against us or our employees and clients.
- Anonymous information (e.g., data collected through the use of cookies) will only be used for statistical purposes and for the purpose of improving our website. Such data will subsequently be deleted. We will also use such non-personal information to make your use of our website easier (we may use cookies to store your selected country of residence for the duration of a session so that you do not have to repeatedly enter the information).
In this connection, we wish to expressly point out that we (further) evaluate any non-anonymous personal data submitted voluntarily by you and, in particular, can use this data to collect additional personal information about you from publicly accessible sources or publicly accessible collections of data. You herewith give your express consent to this process. If you do not then please do not register for, or use any StratA Services and do not use our website.
However, personal data that is not anonymous, such as postal and e-mail addresses provided when submitting inquiries or requesting information, will be used primarily for the purpose of corresponding with you or sending you relevant information, e.g., where any kind of newsletter and/or an event registration has been requested.
Additionally, non-anonymous personal data are only made available to those employees or third parties who need to have knowledge of this information in order to provide services, or if we are required by law or regulatory provisions to disclose this information. To the extent permitted by law, we may also forward non-anonymous personal data for the purposes described above to companies that provide services on our behalf. The data collected may be disclosed to service providers outside the Dubai, UAE, GCC, or outside the country in which the user is domiciled (see paragraph 5). These service providers are required to treat as confidential the information and all data collected and to use it exclusively for the purposes for which it is provided and are contractually bound by the applicable data privacy laws and regulations.
No personal data is sold to other parties for marketing or any other purposes.
2.4 Specific cases for automated individual decisions, including profiling
StratA reserves the right to analyze and evaluate your data (including data relating to affected third parties, see paragraph 2.1) in an automated manner in the future so as to identify significant personal characteristics for you or to predict future developments and to create relevant profiles. These are used in particular for business-related checks, individual services, and the provision of offers and information that we may make available to you.
StratA ensures that a suitable contact person is available to you if you wish to express a view on any automated individual decision where such opportunity to express a view is required by law.
2.5 Potential recipients, guarantees, and disclosure abroad
In the following cases we may give personal data to third parties, to the extent legally permitted:
- On some webpages, we request your consent to disclose data to third parties and to utilize data for advertising purposes. By completing the corresponding form, you give your consent that the data collected by us may be used to maintain StratA-wide client relationships and to provide information about new services that might be of interest to you. In addition, you consent to your personal data being processed and utilized by us and other companies of StratA for advertising or market research purposes or to structure services according to client needs.
- In view of contractual relationships between a company of StratA and a third party, whereas such third party processes personal data on behalf of StratA. If personal data is disclosed to such third parties they are only permitted to process the data received to the extent StratA itself does. We select these third parties carefully and contractually require them to guarantee confidentiality, data protection requirements, and the security of personal data.
If personal data is transferred to other countries, we ensure that the applicable laws and regulations are complied with (paragraph 5). Depending on the kind of service that is used, personal data might also be disclosed to third parties domiciled in countries which in general may not have an appropriate or equivalent level of data protection. However, if data is transferred to such a country, we take appropriate measures so that personal data continues to receive appropriate and robust protection (e.g., by agreeing on standard contractual clauses for data transfer internationally).
Certain countries may have more stringent data protection provisions that may not allow your non-anonymous personal data to be used in these countries to the extent described above. Such provisions may preclude, for example, the collection of additional personal data based on the provided information or the disclosure of your personal data to other parties or companies.
3. E-mail and newsletter communications
StratA may communicate with you via e-mail or physical newsletters containing and offering news, promotional offerings, event information, or services. If you would rather not receive marketing communication or newsletters from us, you may “opt-out” by following the “opt-out” instructions in each e-mail footer or by contacting us.
The Newsletter Services may be offered in collaboration with service providers. The information you provide for this purpose may be processed and stored on cloud servers operated by the service providers and located in data centers within, the EU/EEA or GCC. Service providers are contractually bound to maintain confidentiality (e.g., by agreeing on standard contractual clauses for data transfers between GCC or EU and non-EU countries) and must report any breaches of data protection requirements as soon as identified, so that personal data continues to receive appropriate protection.
4. Transfer of data via the Internet
Please be advised that data transferred across national borders over the Internet may not be subject to any control while in transit even if the sender and recipient are both located in the same country.
We cannot guarantee the security of data transferred over the Internet and accept no liability in respect thereof. Any notices emailed to us by you may not be secure. If you email any confidential information to us, you do so at your own risk. When contacting us, please send data via a secure mechanism, where appropriate, instead of over the Internet.
The sender and recipient can still be identified even when the information transmitted is encrypted. As a result, a third party could – inadvertently or otherwise – infer that there is a commercial relationship between you and StratA. Therefore, we recommend avoiding the transmission of any strictly confidential information via open networks.
5. Outsourcing
StratA is in certain circumstances bound to fully or partially outsource business or service providers outside StratA (e.g., payment transactions, printing, IT systems, and other support functions). We might also use such providers for services that are new and have not yet been provided by us.
If, in exceptional cases, services are outsourced to a provider abroad, StratA will disclose this in accordance with applicable rules and regulations.
6. Storage of data
Once you have transferred personal data to us, this data is stored securely for the purposes mentioned in this Privacy Policy as well as for which the information was provided.
We have implemented appropriate and robust data security measures to ensure that this information is only accessible to a restricted number of authorized individuals and that it is protected against unauthorized access, misuse, loss, or damage.
In general, any data that we collect in any country is transferred and stored by us within Dubai in a central file. UAE is recognized as a country that offers an appropriate level of data protection.
7. Retention period
Even though the retention period for personal data depends on statutory retention provisions as well as on the applicable justification basis and the purpose of the data processing, StratA will only store your personal data for as long as necessary, taking into account our obligation to respond to requests or resolve problems, to provide improved and new services and to act in accordance with applicable laws and regulations.
In particular, this means that we are entitled to keep your personal data for a reasonable period of time after you last contacted us. If the personal data we collect is no longer needed in this way, we are obliged to delete it in a secure manner.
8. Data subject rights
You have a right to be informed whether personal data in relation to you is being processed by us. On request, we will disclose you the personal data in our databases, including available details about the origin of the data, the purpose and, where appropriate, the legal basis for the processing and the categories of the processed personal data, the parties involved in the data collection and the data recipients.
You may withdraw your consent to the process of your personal data and/or may wish to opt-out of the use of your information for advertising or marketing purposes at any time with future effect. You can exercise further rights, such as the right of rectification and you are also entitled to have any inaccuracies in your personal data corrected, or to have your data blocked or deleted, dependent on the lawful basis under which we are holding particular data.
Please let us also know, if we do not meet your expectations with respect to the processing of personal data or you wish to complain about our data protection practices; this gives us the opportunity to examine your issue and make improvements, where necessary.
In any of these cases, please send us a clear request in writing, together with a clearly legible copy of a valid official identification document (e.g., passport, ID card) so we can be sure as to your identity, by using the contact form provided on our website. We will acknowledge receipt as soon as received, examine your issue and reply in good time. If a full response will extend beyond one month, taking into account the complexity and number of the requests, we will advise you of this.
9. Note about children
StratA understands the importance of protecting children’s privacy, especially in an online environment. Therefore, our services are not directed to or intended for children under the age of 16 and we do not knowingly collect any personal information from such users, except when a child is applying for an apprenticeship or internship. In this case, we obtain a written declaration of consent for apprentices form the parents or the legal representatives.
10. Cookies and Web Analytics Services
Our website uses cookies to distinguish you from other users of our website. Every time an individual accesses our website and every time a data file is retrieved, data relating to this procedure will be stored temporarily in a data log and processed, e.g. by using cookie or web beacon technology. The specific data stored for each access/retrieval include IP address, web browser, domain name, the time and date, the page accessed/name of the file requested, the volume of data transferred, access status (i.e. if the access/request was successful).
We use web analysis tools to get information about how people use our sites and Internet offerings. These tools are usually provided by third parties. Typically, the information for this purpose is captured with cookies and sent to a third-party server. Depending on the provider, these servers are sometimes in other countries.
The transfer of information is done by using shortened IP addresses, which prevents the identification of individual end-user devices. Your IP address is not linked with other data from these third parties. Any onward transfer by third parties will only be based on legal regulations or as part of a data processing service agreement.
11. Retargeting
Our website might use re-targeting technologies, which we use to make our Internet presence more interesting for you. This technology makes it possible to show advertising on other websites to users that have already shown an interest in our products.
12. Onsite targeting
On our website, data may be collected by using cookie technology for use in optimizing our advertising and our overall online offering. This data is not used to identify you personally, but is instead used solely for anonymously analyzing the use of our website. This technology allows us to show you advertising and/or highlight specific offers and services. Our goal here is to make our online presence as attractive for you as possible and to provide you with advertising that corresponds to your interests.
13. Social Media
We may use so-called social plug-ins on our website that allow you to share the content of our website with other Internet users via these social media platforms or that enable you to link to our website on these platforms. The following information on the type and scope of the data collected is based on the notifications and information provided by the individual providers.
Facebook
Our website might include plug-ins from the social network of Facebook Inc, 1601 South California Avenue, Palo Alto, CA 94304, USA (“Facebook”). Among other things, we use the Facebook “LIKE” button (also known as the “Like Me” button). A Facebook page plug-in is also integrated into our site, which integrates parts of the content of our Facebook page into our website. When you visit a website of ours that contains such a plug-in, your browser establishes a direct connection to a server on Facebook. The contents of the plug-ins are transmitted directly to your browser and integrated into the website. Data is automatically transferred to Facebook and stored on its servers. These transmitted data include connection data (such as your IP address, date and time, the URL called up) as well as the browser and operating system used. Your visit to our websites can be tracked by Facebook, even if you do not actively use the plug-in functions.
If you are logged in with your Facebook account while visiting our website, Facebook can directly associate the visit of our websites with your user account. If you want to prevent this immediate assignment, you must log out of Facebook before visiting our website. Facebook decides at its own discretion for what purposes and to what extent the transmitted data will be processed and used on its servers. Information on the purpose and scope of data collection and the further processing and use of the transmitted data by Facebook is contained in Facebook’s data protection guidelines. They also contain information about your rights and the possibilities of settings to protect your privacy. For further details, please consult Facebook’s specific data protection policy.
Twitter
Our website might include plug-ins from Twitter, Inc, 1355 Market St, Suite 900, San Francisco, CA 94103, USA (“Twitter”). We use Twitter buttons to access our Twitter account and Twitter share buttons to share the content of our website via your Twitter account. We also use a Twitter widget to integrate the timeline of our latest tweets into our website and make it visible. When you visit our website, your browser establishes a direct connection to a Twitter server and the contents of the plug-ins are transmitted directly to your browser and integrated into the website. Certain data is automatically transferred to Twitter in the USA and stored there. This data includes connection data (your IP address, date and time, the URL called up), the browser type and the operating system.
If you are logged in to Twitter when you visit our website using the plug-ins mentioned above, your account information is transferred to Twitter, which enables Twitter to identify you directly via your profile and link you to your visit to our site. If you press a button, additional data will be transmitted to Twitter and saved to your profile. Twitter’s privacy policy contains information about the nature, scope and purpose of Twitter’s data processing. If you want to prevent Twitter from receiving this information in the future and being able to associate it with your Twitter profile, you must log out of Twitter before visiting our website. For further details, please consult Twitter’s specific data protection policy.
Instagram
Our website might include plug-ins of the Instagram service. These are offered by Instagram Inc, 1601 Willow Road, Menlo Park, CA, 94025, USA (“Instagram”). We use the integrated Instagram buttons to link to our Instagram profile. A widget is also integrated, which enables us to display certain photos and videos of our Instagram profile on our website. When you visit a website that contains such a plug-in, your browser connects directly to an Instagram server. The contents of the plug-ins are transmitted directly to your browser and integrated into the website. Data is automatically transferred to Instagram and stored on its servers. These transmitted data include connection data (such as your IP address, date and time, the URL called up) as well as the browser and operating system used. This allows Instagram to track your visit to our site even if you are not actively using the plug-in features.
If you are logged into your Instagram account, you can link the contents of our websites to your Instagram profile by clicking the Instagram button. This allows Instagram to associate the visit to our websites with your user account. If you wish to disable this immediate assignment, you must log out of Instagram before visiting our website. For further details, please consult Instagram’s specific data protection policy.
LinkedIn
Our website might include plug-ins from the LinkedIn social network of LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA (“LinkedIn”). For this purpose, we use the “in” button for sharing content and as a link to our LinkedIn profile. LinkedIn collects information that our corresponding pages have been loaded into your web browser using the LinkedIn plug-ins. LinkedIn also automatically receives the URL of the website from which you came or from the page to which you are redirected. LinkedIn also receives the IP address of your computer or proxy server from which you access the Internet, information about your computer’s operating system and web browser, your mobile device (including the mobile device identifier available through your mobile device’s operating system), your mobile device’s operating system (if you access LinkedIn from a mobile device), and the name of your Internet service or mobile service provider. LinkedIn may also receive location data transmitted from GPS-enabled devices you have enabled if you have not prevented LinkedIn from receiving location data in real-time in your mobile device settings. Please note that SlideShare.net, Pulse.me and the Pulse app are part of the LinkedIn services and not part of our websites.
Information on the purpose and scope of data collection and the further processing and use of the transmitted data by using the LinkedIn plug-ins is contained in LinkedIn’s data protection declaration.
14. Links
Our website may contain links to the websites of other companies (“third-party websites”) that are not operated or monitored by us. Please be aware that such third-party websites are not bound by this Privacy Policy nor by our Cookie Policy and that we are not responsible for their content or their principles regarding the handling of personal data. We, therefore, recommend consulting and checking the individual privacy and cookie policies of third-party websites.
Despite careful content control, we assume no liability for the content of external links referring to third-party websites. The content of the linked third-party websites is the sole responsibility of their operators. We hereby expressly distance ourselves from all content of third-party websites linked to on our website and do not adopt such content as our own.
15. Contact
Please let us know if we do not meet your expectations with respect to the processing of personal data or you wish to complain about our data protection practices; this gives us the opportunity to examine your issue and make improvements, where necessary. In any of these cases, please send us a clear request in writing, to the entity or send us an email directly on contacts below:
Strata Talent DMCC
JLT, Dubai
United Arab Emirates
Phone: +971505274467
E-mail: [email protected]
16. Changes to the Privacy Policy
We reserve the right to amend this Privacy Policy without giving prior notification. We, therefore, advise you to check our Privacy Policy on our website on a regular basis. This Privacy Policy was last updated on the 7th of February 2021.