BG

Information for Corporate Clients and Employers

1. Who we are
“JOBTIGER” Ltd.
UIC: 130175259
Address: 1 Tulovo Str., fl. 2, Sofia 1504, Bulgaria
E-mail: office@jobtiger.bg
Data Protection Contact: data_protection@jobtiger.bg

JobTiger is an online platform for job search and recruitment, employer profiles, career events, and B2B HR services.

2. Our roles under the GDPR

When you publish a job posting and receive applications
  • You (the Employer) act as the Data Controller
  • JobTiger acts as a Data Processor, processing data on your behalf
This applies to:
  • job applications (CVs, cover letters, contact details);
  • access to applications via the employer profile;
  • technical storage and provision of applications.
Processing is carried out in accordance with Article 28 of the GDPR and the Standard Contractual Clauses pursuant to Commission Implementing Decision (EU) 2021/915.

When JobTiger provides services to you as a client (B2B)
For the following activities, JobTiger acts as a Data Controller:
  • registration and maintenance of employer accounts;
  • CRM activities and communication with company representatives;
  • sending system and marketing communications;
  • invoicing, accounting, and contractual relations.
3. Our role as a Processor (Article 28 GDPR)
When processing applications on your behalf, JobTiger:
  • processes personal data solely for the purpose of providing the service;
  • does not use applications for its own purposes;
  • does not disclose data to third parties outside approved sub-processors;
  • implements appropriate technical and organizational security measures;
  • notifies you without undue delay in case of:
    • requests from candidates;
    • personal data breaches.
The retention period within the platform is up to 6 months after the job posting expires, unless otherwise required by law.

4. Your responsibilities as a Data Controller
As an employer and data controller, you:
  • determine the purposes and retention periods of processing;
  • respond to candidates’ requests (access, erasure, etc.);
  • provide your own privacy information (privacy notice);
  • remain responsible for processing after receiving the applications;
  • do not use applications for marketing purposes without separate consent.
5. Sub-processors and infrastructure
JobTiger uses carefully selected service providers:
  • Microsoft Azure (West Europe) – hosting and infrastructure
  • Brevo, Salesforce – transactional and marketing emails, CRM
  • Cookie Script – cookie consent management
  • Google (GTM, GA4, Ads, Ad Manager) – analytics and advertising (with consent only)
  • ESET – antivirus and security solutions
The full list is published in Annex IV to the DPA/SCC.

6. International data transfers
Primary data storage is located within the EU (Azure – West Europe).
When using global providers, transfers outside the EEA may occur, in which case the following safeguards are applied:
  • Standard Contractual Clauses;
  • additional protective measures proportionate to the risk.
7. Contractual framework
No separate DPA is required.
Personal data processing is governed by:
  • JobTiger’s General Terms and Conditions;
  • incorporated SCCs pursuant to Decision (EU) 2021/915;
  • Annexes (I–IV) published on the website.
Acceptance of the General Terms and Conditions and use of an employer profile constitute acceptance of this framework.

8. Processing of Personal Data when applying for Job Postings
When an employer publishes a job posting on JobTiger.bg and receives applications through the platform, the employer acts as the data controller, while “JOBTIGER” Ltd. acts as a data processor within the meaning of Regulation (EU) 2016/679.

The processing is carried out on the basis of Article 28 of the GDPR, under the terms of the Standard Contractual Clauses pursuant to Commission Implementing Decision (EU) 2021/915, which form an integral part of JobTiger’s General Terms and Conditions.

“JOBTIGER” Ltd.:
  • processes applications solely for the purpose of providing the service;
  • implements appropriate technical and organizational security measures;
  • informs the employer without undue delay of requests from data subjects;
  • stores applications in the system for up to 6 months after the expiration of the job posting.
The employer is responsible for:
  • the lawfulness of the processing;
  • responding to candidates’ requests;
  • its own retention periods after receiving the applications.
9. Contacts and support
E-mail: data_protection@jobtiger.bg – GDPR and data protection inquiries
E-mail: office@jobtiger.bg – contracts and services

JobTiger cooperates in good faith with its corporate clients to ensure GDPR compliance and the protection of personal data.