In application of the provisions of the General European Data Protection Regulation of April 2016 (RGPD), the Organic Law 3/2018 of December 5, Protection of Personal Data and guarantee of digital rights (LOPDGDD), and Law 34/2002 of July 11, Services Information Society and Electronic Commerce (LSSICE), we inform you that TALENTOO WEB SOLUTIONS, SL, owner of the domains and (hereinafter, “Talentoo“), as well as their Users (Employers/Recruiters), responsible for personal data, maintain a commitment to strict compliance with current legislation on the processing of personal data and security of information in order to ensure to those affected that the collection and processing of data provided are carried out with full security guarantees.


1. Data Processing Responsibility
The person responsible for Recruiters’ and Candidates’ personal data will be the company that acts as an organization with real recruitment needs, which has offers or job vacancies (hereinafter, “Employers“). Employers’ contact details must be provided by each entity to the Recruiters and Candidates whose details they are processing. For these purposes, Talentoo will be responsible for the processing of data responsibility of the Employer, since it is the technological platform on which the relationship of communication and understanding between the Employers and the Recruiters takes place.
In this sense and in order to be able to register as a Talentoo user, an initial electronic form must be completed with the following data: commercial name, company name, CIF, contact person, contact person’s position and email, sector of the company, size of the company, country, telephone, fiscal address, postcode, website, description of the company and password. The data collected in this form must be truthful, adequate, relevant and not excessive in relation to the scope, purposes and determined, explicit and legitimate services.


2. Data Processing Purpose
The Employers process Recruiters’ and Candidates’ data for the purposes detailed below:

  1. Access to the Recruiters’ intermediation services, in particular the personnel search and selection service, which involves the management of vacancies and job vacancies.
  2. Management of the selection of Candidates by means of the registration by Recruiters of candidates’ CVs in the job offers.
  3. Sending of messages by the Employers, through the Talentoo communication platform to inform the Recruiter of the status of an application presented by them.
  4. The use of instant messaging. The Employers may initiate a conversation with the Recruiters via Talentoo’s instant messaging service.
  5. Transfer of data to public bodies and authorities, provided there is a requirement to do so in accordance with laws and regulations.

In order to ensure that information is always up to date and free from errors, those concerned are requested to communicate modifications and corrections to their personal data as soon as possible.


3. Data Retention Period
Recruiters’ and Candidates’ data will be kept for the duration of the contractual and commercial relationship with the Employers, or until any of those affected request its suppression, in compliance with the duration of the time necessary to comply with legal obligations.
The personal data of those affected will be kept for the time necessary to fulfill the purpose for which it was collected. If such data is used for several purposes which oblige the Employers to keep it for different periods of time, the longer period of storage shall apply.
In any case, access to the data of those concerned shall be limited only to those persons who need to use it for the performance of their duties.
Data retention periods are based on business needs, so access to personal data that is no longer necessary will either be limited to the fulfilment of strictly legal obligations or will be securely destroyed.
Regarding the use of information of Recruiters and Candidates for the management of any contractual obligation they may have with the Employer, the Employer shall keep such data for the duration of the contract and for the following five years. In the case of the latter period, such data shall remain blocked, and may only be used in order to be able to attend to possible subsequent queries or claims.
Certain information must be kept for the periods required by specific applicable regulations (tax, commercial, money laundering, etc.). During this period of time, such data will remain blocked, and may only be used in order to be able to deal with possible queries or subsequent claims.


4. Basis of Legitimation
It shall be understood that the Employers have the express, unequivocal and informed consent of the Recruiters to process their personal data in accordance with the provisions of the RGPD and it shall be considered that processing is based on a pre-contractual relationship such as the order for the selection of profiles or contractual in the event that the Employer and the Recruiter agree to hiring a candidate.
In the “Profiles” section, the Employers may only view the following personal data of the Candidate proposed by the Employer: age, province, economic aspirations, availability for incorporation to the job and CV. In the option, “see CV” you will be able to download the CVs received from the Recruiters. These CVs will be presented anonymously (neither the candidates’ identification nor contact details will appear) but the answers to the key questions formulated by the Employer will be provided.
In this respect, the Recruiters must previously have the respective authorization and express, unequivocal and informed consent of the Candidates to process the personal data of their CV as well as the information contained therein, in order to register them in the Talentoo offers that are of their interest and/or appropriate to their professional profile. This, in turn, can provide the Employers some initial information that can be viewed in their profile, namely: age, province, economic pretensions, availability for incorporation to the job and the candidate’s CV (anonymized), their interests and potentially at a later stage, complete contact information to coordinate direct interviews and possible hiring.


5. Data recipients
The personal data of those affected will be communicated to third parties in the following cases:

  1. The personal data collected of those affected is stored in Talentoo’s database, which guarantees the appropriate technical and organizational measures to protect the integrity and security of the personal information provided. The data collected is adequate, relevant and not excessive in relation to the scope, purposes and determined, explicit and legitimate services detailed in this privacy policy and collected at and
    Talentoo reserves the right to require Recruiters, at any time, to demonstrate the accuracy of the information provided on the platform, as well as the express, unequivocal and informed consent of candidates for the processing of their personal data.
  2. The personal data of those affected may also be transferred to the competent authorities in cases where there is a legal obligation.


6. Rights of the affected
Those affected may exercise the rights recognized by the RGPD at any time and free of charge to the person responsible for processing personal data in each case.
To this end, as explained above, the Employers and Data Processors must provide information regarding the trade name, company name, VAT number, contact person, contact person’s position and email, company sector, company size, country, telephone number, fiscal address, postal code, website, company description and password in order to register as a Talentoo user. This data will be essential for those affected to exercise their rights of access, rectification, deletion, limitation, portability and opposition against those responsible in this regard:

  1. Those affected have the right to access their personal data, as well as to request the rectification of inaccurate data or, where appropriate, to request its deletion when, among other reasons, the data is no longer necessary for the purposes for which it was collected.
  2. In certain circumstances, you may request the limitation of the processing of your data, in which case it will only be kept for the exercise or defense of claims.
  3. In certain circumstances and for reasons related to your particular situation, you may object to the processing of your data. The data controller shall cease to process the data, except for compelling legitimate reasons, the exercise or defense of possible claims.
  4. You may also exercise the right to the portability of the data, as well as withdraw the consents provided at any time, without this affecting the lawfulness of the processing based on consent prior to withdrawal.

Your exercise of these rights is subject to certain exceptions for reasons of general interest (e.g. prevention or detection of crime). If you exercise any of these rights, verifications will be made that you are entitled to do so, and you will receive an answer within the maximum period provided by Spanish legislation.
If you are not satisfied with the way your information is used or with the response to the exercise of any of these rights, you can file a complaint with the Spanish Data Protection Agency (


7. Security Measures
In order to ensure and maintain the protection, security, integrity and availability of your data, various security measures are carried out.
Although it is not possible to guarantee absolute protection against intrusions when transmitting data over the Internet or from a website, every effort is made to maintain the physical, electronic and procedural protection measures to guarantee the protection of your data in accordance with the applicable legal requirements in this area. The measures used include the following:
– limit access to data only to those persons who need to know it in view of the tasks they perform;
– as a general rule, transfer the data collected in encrypted format;
– always store the most sensitive data (such as credit card data) in encrypted format;
– install perimeter protection systems for computer infrastructures (“firewalls”) to prevent unauthorized access, e.g. “hackers”
– regularly monitor access to computer systems to detect and stop any misuse of personal data.


8. Use of Cookies
A cookie is a text file that a web server can store on a computer’s hard disk to store information about the user and can only be read by the website that sent it to the computer, as well as any device for storing and retrieving data on recipients’ terminal computers. The domains and use cookies to access website users’ information, whose details and information on the use of cookies are clearly and completely developed in our “Cookies Policy”, in compliance with the provisions of Article 22.2 of the LSSICE, amended by Royal Decree-Law 13/2012 of 30 March, which transposes into Spanish law Directive 2002/58/EC on the processing of personal data and the protection of privacy in the electronic communications sector.


9. Modification
This Privacy Policy may be modified in order to adapt to new legislation or jurisprudence as well as to future good practices. In such cases, changes will be announced on this page reasonably in advance of their implementation, and users will be informed of any updates or modifications to this privacy policy.


Start typing and press Enter to search

Shopping Cart