Fair Processing Notice

At Harri, we respect your privacy, and we understand the importance of the information you entrust to us. This Fair Processing Notice describes our practices concerning the information we collect from you when you visit our website and how we will use your personal data when you create profile on Harri.

  • This policy describes:


    • The types of information we collect when you use our service;
    • How we use, share, and protect that information;
    • How long we retain that information; and
    • Your rights and options regarding the information we collect.

  • OUR CONTACT DETAILS


    Harri US LLC
    665 Broadway
    Suite 402
    New York
    NY 10013
    844-427-7443

    Our Data Protection Officer is Kristy Gouldsmith and she can be contacted at DPO@harri.com.

  • Personal data that we collect


    Harri Profile

    We collect and process your personal data when you create a profile on Harri. We are the controller for your Harri profile at all times. We are not the controller for data that is created or processed by any employer; we are the processor for that data.

    In order to create a profile, we need your name, email address, phone number, your employment details, if you have them (employer, position, duties, dates) and education (institution, location, qualification, dates). We ask you to describe yourself in three words and to write a bit about yourself for your profile. We ask for your references, if you have any. You also have the option to upload your CV and a photograph of yourself. Providing this additional information is entirely voluntary but will greatly assist you in your job search.

    When you create a Harri profile, you will be automatically included in our Talent Community. Being part of our Talent Community allows us to send you jobs that you might be interested in and it also makes your profile searchable and contactable by employers who can invite you to apply for positions. You can’t create a Harri profile without being included in the Talent Community

    When you visit our website, we will record your computer's IP address, unique mobile device identifier, browser type, ISP or carrier name, and the URL of the last webpage you visited before visiting our website. This information gives us insights on how our users use our site and our services. We use this information to ensure that our service continues to appeal to our users and to monitor overall usage trends, metrics, page views, etc.


    Applying for jobs

    You can use your Harri profile to apply for jobs on our platform or to apply for a job with an employer. When you apply for a job, the employer becomes the controller for any of your personal data that they use or create during the employment process. Please read the Fair Processing Notice (Privacy Notice) of each employer to see how they will handle your personal data.

    As the controller for the recruitment/ employment process, the employer will have access to your application and will be able to use it to assess your suitability as a candidate with them. For example, the employer can use Harri to schedule interviews, make recruitment notes and to ask you specific questions during the recruitment process.

  • How we use your personal data


    Harri is a platform that allows you to create a Harri profile. We use your personal data to create this profile for you and to send you communications regarding that profile. Harri is the controller for this profile.

    Employers will use Harri in the recruitment/ employment process and we are a processor for the employer. The employer is the controller of the process once you choose to apply for a job with them.

    We will share your personal data with organisations that perform services or functions on our behalf, including cloud storage and web hosting providers, email service providers, and software maintenance service providers. We must necessarily share your information with these organisations for them to perform their functions.

    If requested or required by law enforcement authorities, courts, or regulators, we may disclose any information we have collected from you. We also may disclose your information to exercise or protect our legal rights or to defend against legal claims.

    In some cases, we may choose to buy or sell assets. In these business transfers, customer information is typically one of the business assets that are transferred. Moreover, if all or substantially all of our business assets were acquired, or in the unlikely event that we go out of business or enter into bankruptcy, customer information would be one of the assets that is transferred or acquired by a third party.

    We share your personal data between our UK entity, our Ramallah entity and our US parent in order to provide the software service and for administrative reasons. The sharing of your personal data is protected by the use of Standard Contractual Clauses (EU Model Contracts).

  • Our legal basis for processing your personal data


    We need a legal basis in order to process your personal data. Creating a Harri profile is entirely your choice, so our legal basis for its processing is with your consent. You can put in as much or as little information as you like. You can withdraw your consent at any time by requesting that your profile be deleted and that you are removed from the Talent Community. If you have applied for a job, we will pass your deletion request over to the employers. They will then handle your request.

    We share your data between our UK, USA and Ramallah entities using the legal basis of legitimate interest as the sharing is for administrative purposes.

    We share your data with organisations that perform services for us and this is a legitimate activity.

    We will use your technical data for analytical purposes and to improve our services and this is a legitimate activity.

    We will disclose your data if we are required to do so in response to a legal obligation.

    We will disclose your data to our advisors, as required, and this is a legitimate interest.

  • Automated decision making


    Harri does not use any automated decision making. However, an employer might use automated decision-making in their recruitment questions. Please read their Fair Processing Notice for more information on their recruitment process.

  • Security of personal data


    The security of your personal data is important to us and we strive to implement and maintain reasonable, commercially acceptable security procedures and practices appropriate to the nature of the information we store, in order to protect it from unauthorized access, destruction, use, modification, or disclosure. However, please be aware that no method of transmission over the internet, or method of electronic storage is 100% secure and we are unable to guarantee the absolute security of the personal data that we have collected from you.

  • International Transfer of personal data


    Your personal data will be transferred to — and maintained on — computers and servers located outside of your country where the data protection laws may differ from those in your jurisdiction. If you are located outside the United States and choose to provide personal data to us, please note that we transfer personal data to the United States and process it there pursuant to our Standard Contractual Clauses (EU Model Contracts). We also transfer personal data to Ramallah, Palestine, and process it there pursuant to our Standard Contractual Clauses (EU Model Contracts).

    European data protection laws permit the European Commission to make decisions about the adequacy of protection for personal data in respect of transfers which are binding on EU member states. These laws recognise that if a data exporter adopts the “standard contractual clauses” adopted by the European Commission, this will provide an adequate safeguard as required by law. We have Standard Contractual Clauses in place with our entity in Ramallah, Palestine and our entity in the USA.

    We commit to cooperate with EU data protection authorities and comply with the advice given by such authorities with regard to personal data and human resources data transferred from the EU in the context of the employment relationship.

    In particular, as further specified in this Fair Processing Notice, we will maintain compliance with data protection principles by adhering to the following practices:

    Notice

    When we collect your personal data, we’ll give you timely and appropriate notice describing what personal data we’re collecting, how we’ll use it, and the types of third parties with whom we may share it. This Fair Processing Notice serves as such notice, and any changes to our collection, use or disclosure of your personal data will be reflected in revisions to the Fair Processing Notice posted on our website.

    Choice

    As established and described in this Fair Processing Notice, we’ll give you choices about the ways we use and share your personal data, and we’ll respect the choices you make.

    Accountability for Onward Transfer

    If we transfer your personal data to another country, we may remain liable and will take appropriate measures to protect your privacy and the personal data we transfer.

    Security

    We’ll take appropriate physical, technical, and organizational measures to protect your personal data from loss, misuse, unauthorized access or disclosure, alteration, and destruction.

    Data Integrity and Purpose Limitation

    We’ll collect only as much personal data as we need for specific, identified purposes, and we won’t use it for other purposes without having a correct legal basis. We’ll take appropriate steps to make sure the personal data in our records is accurate.

    Access

    If you wish to confirm the accuracy of your personal data or have it removed from our systems and records, you may contact us at the email address, telephone number or postal address provided in this Fair Processing Notice.

    Recourse, Enforcement and Liability

    We’ll regularly review our continued adherence to these privacy obligations, and we’ll provide information in this Fair Processing Notice as a way to resolve complaints about our privacy practices.

    Further, we acknowledge our potential liability for misuse of your personal data by us or our third-party service providers, as set out in this Fair Processing Notice.

  • Retention of your personal data


    We retain your account information for as long as your account is active. We also retain your information, if required, as long necessary to comply with any legal obligations, to resolve disputes, to enforce our agreements, and to continue to develop and improve our services. Where we retain information for service improvement and development, it will be anonymized and used to uncover collective insights about the use of our services, not to specifically analyze personal characteristics about you.

    If the services are made available to you through an organization (e.g., your employer), we are the processor for that personal data. The retention period for this data is decided upon by the employer. If your account is deactivated, the information that you have given to your employer will remain (please see the employer’s Fair Processing Notice).

  • YOUR RIGHTS


    You have rights in respect of our processing of your personal data which are:

    • To access to your personal data and information about our processing of it. You also have the right to request a copy of your personal data (but we will need to remove information about other people).

    • To rectify incorrect personal data that we are processing

    • To request that we erase your personal data if:

      • • we no longer need it;

      • • if we are processing your personal data by consent and you withdraw that consent;

      • • if we no longer have a legitimate ground to process your personal data; or

      • • we are processing your personal data unlawfully

    • To object to our processing if it is by legitimate interest

    • To restrict our processing if it was by legitimate interest

    • To request that your personal data be transferred from us to another company if we were processing your data under a contract or with your consent and the processing is carried out automated means.

    • There is also the possibility, under certain conditions, for you to invoke binding arbitration


    If you want to exercise any of these rights, please contact us.


    If you have any questions or concerns, please email DPO@harri.com as most matters can be resolved informally in the first instance

    If you would like any of your personal data deleted, please submit a ticket on the following website: https://harri.force.com/support/s/


    You also have the right to lodge a complaint about our processing with the UK's Information Commissioner's Office.