When visiting the Website http://distribution.severstal.com (hereinafter the Website), please be advised that SIA Severstal Distribution, registration No. 40003001968, address: Starta iela 13, Riga, Latvia, email: email@example.com, acting as the Controller (hereinafter the Controller), processes Your personal data to maintain operation of the Website, particularly, by collecting and preparing information on connection as well as by organising turnover of cookies.
 Processing of the above information corresponds to the Controller’s legitimate interest to maintain the Website, inform the public on events that are important for the enterprise’s activities and cooperation opportunities as well as to ensure safety of the Website, i.e. to reveal, evaluate, establish and eliminate technical problems of other person’s illegal activities.
 The Website may contain information on various offers that may provide for request that You as a data subject transfer Your personal data to the Controller. A typical situation in case of such data processing is:
1. Transfer of data to apply for an announced vacancy or if the Controller has an appropriate vacancy; the above also covers requests for organising placements. When transferring data for such a purpose, You have to take the following into account:
· Your consent serves as a legal ground for data handling. If You do not consent with Your personal data processing, Your or Your lawful ward's application shall not be evaluated in the course of selection of personnel or trainees. At any point you may withdraw Your consent with data processing, however, if the data processing has already been commenced, it is possible that the Controller has a legitimate interest in processing Your data for another purpose, e.g. if the Controller has a legitimate interest to ensure evidences for legal proceedings or out-of-court proceedings.
· Your obligation is to provide only valid and accurate personal data and only such data that corresponds to and is needed for the purpose of processing. Of course, You do not have to provide such information as Your family status, religious views, financial status, age. In some cases, depending on the type of vacancy or placement, we may request additional information from you, e.g. information on a driver’s license and other special permits. If you provide information that is not needed for the process of personnel or trainee selection, it shall not be taken into account.
· Please note that You may independently apply for a vacancy or placement if you have attained full legal capacity within the meaning of regulations of the Republic of Latvia, which usually occurs once You turn 18. Persons under 18 are represented by their legal guardians as well as in other cases of limited legal capacity.
· We shall process Your personal data if we receive a relative application from You; if You submit a relevant application or create a profile at any of our partner - recruiting company's website; if information about You is transferred to us by any employment promotion or training organisation institution, e.g. State Employment Agency; if we, after having requested Your consent with further data processing, apply to You at any career promotion social network, e.g. LinkedIn.
· We need the following information for a selection process:
o Your and/or Your legal guardian’s name and surname and contact details (email, phone number);
o Information on your education (including finished courses, obtained certificates) or in case of placement, information on the qualification to be obtained;
o Your professional experience or, in case of placement, information on a necessary placement program;
o Vacancies (placements), for which you apply, or desirable;
o Other skills that are relevant to a vacancy, to which You apply, e.g. language skills, IT skills, skills relating to operation of installations, machines and special rights to operate those, etc.
· Your personal data shall be usually handled within the following periods:
o If unfortunately we cannot offer You a relevant vacancy, placement or another candidate seems to be more relevant - 7 months from the expiry of announced vacancy (placement) or if You send an application at Your discretion, and not in response to a certain announcement; the purpose of data processing and legal grounds secure our legal interests in case of possible legal proceedings or out-of-court proceedings;
o If we build labour legal relations with You or legal relations with You as a trainee, information shall be processed in accordance with the data processing period provided for in the Labour Law and other regulations for us to fulfil obligations provided for in the law.
2. Transfer of data to make an order or transfer of data to ensure delivery - in this case, You as a customer or supplier transfer Your data to obtain information from the Controller, make and order, file a claim on the existing order. When transferring data for such a purpose, You have to take the following into account:
· The legal grounds for data handling is fulfilment of contractual obligations or Your intention to enter into such an agreement (e.g. purchase agreement, supply agreement, etc.); if You represent a legal entity, Your personal data processing is ensured to secure our legitimate interests and those of an enterprise that You represent, i.e. for You as a legal representative to enter into a lawful transaction; if You are a contact person, Your data is processed due to our obligation to fulfil the agreement and based on Your lawful mutual relations , e.g. labour agreement with a certain legal entity.
· To achieve that goal of data processing, we shall usually need the following personal data from You: Your name, surname, contact information, description of an order, supply, claim, etc. (e.g. Delivery address, needed quantity of goods, type, price, nature and description of claim, etc.); if You are a representative or contact person of a legal entity, additionally, information on a legal entity, Your position, rights to represent and other information related to the order, supply or claim shall be needed from You, and Your obligation is to provide only valid and accurate personal data and only such data that corresponds to and is needed for the purpose of processing.
· Then processing data for this purpose, we shall have a legitimate interest to ensure evidences for possible legal proceedings or out-of-court proceedings, and statutory obligation to store documents and information, confirming transactions for a certain period. Usually, the period for storing data shall not exceed 10 (ten) years;
3. Transfer of data to ask a question, submit a suggestion and in other cases, by using a form contained in the Contacts section of the Website. When transferring data for such a purpose, You have to take the following into account:
· Legal grounds for data processing is Your consent with provision of information about yourself and your contacts; the legal ground is our legitimate interest to become aware of Your opinion to adopt our home page, offers, communication, etc. to your intentions; contact information is needed for us to prepare Your response and for You to have an opportunity to exercise Your data subject’s rights; Your contact information shall not be used for other purposes.
· Taking the above into account, both You and us are interested in accuracy of submitted information.
· Generally, we shall provide an answer to Your question not later than within one month.
 Your personal data is processed by Controller’s employees as well as various service providers that are in contractual relations with the Controller, which provides for personal data protection and processing of Your data only in accordance with our instructions and prohibition to use those for other purposes; as well as to fulfil our legal obligation, we may disclose Your personal data to law enforcement institutions, governmental and self-governmental institutions upon their request. We may transfer Your personal data to law enforcement institutions, governmental and self-governmental institutions to protect our legal interests: to file, exercise or defend legal claims.
 The Controller does not process Your data automatically, in the course of decision-making Your data is always processed by a person.
 You shall have the following rights as a data subject:
· To access personal data - You may request that we confirm whether we process personal data related to You and, in this case, You may request access to personal data about You that we process. To exercise the above right, please file a written request;
· To correct personal data - If You believe that information about You is incorrect or incomplete, You may ask us to correct Your data. To exercise the above right, please file a written request;
· To withdraw consent - when we process Your personal data based on Your consent, You may withdraw Your consent with Your personal data processing at any time. To exercise the above right, please file a written request. Please note that withdrawal of consent shall not affect data processing that have been carried out prior to the withdrawal of consent as well as data processing might result in a legitimate interest or obligation based on the law to proceed with Your personal data processing.
· To object to processing based on legal interests - You may object to processing of personal data that we process based on our legal interests. However, we shall process Your data if You object if we have convincing reasons to proceed with data processing. To exercise the above right, please file a written request;
· To delete the data - You may request that we delete Your personal data, however, not in cases, where the law requires that we store the data. To exercise the above right, please file a written request;
· To limit processing - You may limit Your personal data processing. To exercise the above right, please file a written request;
· To data portability - You may obtain or forward Your personal data to another Controller (including “data portability”). Those rights include only the data that You have provided to use based on your consent or agreement if processing is not automated. To exercise the above right, please file us a written request.
 In case of any questions relating to Your personal data processing, please contact us at: firstname.lastname@example.org
 Your personal data, obtained or provided through the Site, may be transferred to a country outside the European Union - the Russian Federation, where information resources are located. Security guarantees of personal data are provided based on appropriate agreements, concluded between the Controller and the Processor (service provider) in accordance with standard contractual clauses, approved by the European Commission.
 If you have a valid reason to believe that your rights as a data subject have been violated or affected, you have the right to file a complaint with the nearest supervisory authority, in the case of Latvia, the Data State Inspectorate, using the contacts on the Data State Inspectorate website. (website address www.dvi.gov.lv).