SIGN IN
REGISTER
M
SIGN IN
ARE YOU A COMPANY?

cocoroco privacy policy

Cocoroco (“we”) strives to be transparent and clear in our treatment of personal data as well as in our privacy practices. Accordingly, we’ve created our Privacy Policy in a way that’s clear and user-friendly. Our goal is to treat our customers’ and employee’s information carefully and with respect.
We’ve created our Privacy Policy to explain how we use personal data online. “Personal data”, as defined by Article 4 of the General Data Protection Regulation (“GDPR”), is any information relating to an identified or identifiable natural person (one who can be identified, directly or indirectly). This includes things such as names, email addresses, ID numbers, or location data.
HOMEPAGE

COCOROCO

privacy policy

  1. Introduction
  2. Personal Data that we process, purpose of processing and the legal basis
  3. Data Transfers
  4. Data Security
  5. Data Subject’s Rights
  6. Cookie Policy
  7. Amendments to this Privacy Policy

Cocoroco’s Privacy Policy

1. Introduction


Cocoroco B.V., Stationsstraat 154, 3511 EK Utrecht (hereinafter “Cocoroco“, “we“, “our” or “us“) strives to be transparent and clear in processing your personal data.

This Privacy Policy explains our online information practices applicable to the available websites (https://cocoroco.com/), all Cocoroco services including our digital platform (https://my.cocoroco.com/) (the “Sites“), that enables Client and Candidate (as defined in our General Terms and Conditions) to find each other (“Platform“), and other products made available to you on, through or in association with the Platform (the “Services“). We will only process your personal data in accordance with this Privacy Policy.

Processing” means any operation or set of operations performed on personal data or on sets of personal data, whether by non-automated or automated means. This is, for example, the collection, use, recording, disclosure, maintenance, organization, storage, and deletion of your personal data.

Personal data” means any information relating to an identified or identifiable natural person. For example, we may collect your first name, last name and email address.

This also means that from the moment of the collection of your personal data, you are a “Data Subject” in the meaning of Privacy Law that applies to you.

Your personal data under this Privacy Policy is processed under the General Data Protection Regulation (GDPR) and other data protection and privacy legislation that applies depending on which country or region you create account, interact with us, or simply visit our website (Privacy Law). We follow general privacy principles of lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity and confidentiality, and accountability.

If you have any questions about this Privacy Policy, including any requests to exercise your legal and privacy rights, contact us via: support@cocoroco.com

2. Personal Data that we process, purpose of processing and the legal basis


A. Personal data that we process:

Cocoroco’s Candidates

We may collect information needed for you to create and maintain your Candidate profile, and for you to apply to jobs via our Platform posted by Client. Such data may include:

  • Full name (at least first and last name);
  • Phone number;
    • Profile picture (optional);
    • Nationality;
    • Date of birth;
  • Address (including postal address, city, and current country of residence);
  • Timezone;
  • Spoken languages;
  • Email address;
  • Geographic location;
  • Job title;
  • Cover letter, C.V. / résumé;
  • Whether your age is above 18;
  • Cookies data (see section 6), and the security logs about your actions on the Platform (for example information that you updated your profile at a certain date and time);
  • Video recording for the application;
  • Data needed for employment/freelance contract signature and other data available to you to enrich your profile for the application;
  • Any other personal data provided by you voluntarily via Platform by interacting with other Candidates, Clients or us directly, use, or via job’s suitability assessments.


Cocoroco’s Clients

We process the following personal data when you register on behalf of Cocoroco’s Client:

  • Full name (at least first and last name);
  • Email address;
  • Phone number;
  • Address (including postal address, city, and country);
  • Client details (including industry, (estimated) number of employees and (estimated) annual revenue;
  • Chamber of commerce and VAT number (may be requested for verification purposes if there is an agreement);
  • Banking details (needed to process payments if there is an agreement);
  • Legally required information including but not limited to signatures (when we sign agreements);
  • Cookies data (see section 6), and the security logs about your actions on the Platform (for example information that you updated your profile at a certain date and time;
  • Any other personal data you provided via Platform.


Cocoroco’s vendors

We process the following personal data when we correspond via email or the Platform:

  • Full name (at least first and last name);
  • Email address;
  • Phone number;
  • Legally required information including but not limited to signatures (when we sign agreements);
  • Company details; 
  • Banking details (needed to process payments if there is an agreement);
  • Cookies data (see section 6), and the security logs about your actions on the Platform (for example information that you updated your profile at a certain date and time);
  • Any other personal data you provided via Platform.


Website Visitors 

Cookies 

When you use different types of cookies in accordance with our Cookie Policy (see section 6), we or other websites may process personal data as listed below:

  • Information about the type and version of your internet browser;
  • The operating system of your computer or smartphone;
  • Your internet service provider;
  • Your IP address;
  • Date and time of your access;
  • Geographic location;
  • Usage of the website.


Requesters (persons using “Contact Us” form or contacting us directly via email)

If you contact us or like our website (for example through our social media channels or by using our “Contact Us” form, we may have access to the personal data you share (for other websites this will depend on your privacy settings). We collect data as listed below:

  • First name;
  • Last name;
  • E-mail;
  • Cookie information via reCAPTCHA button placed to verify if you are a human;
  • Any other personal data that Requester finds relevant to provide via “Message (Optional)”.


Participants (persons participating in contests, raffles, or promotions and/or persons subscribing to the newsletter)

If you participate in any contest, raffle or promotion that we may organize, or if you subscribe to our newsletter, we may ask for the data as listed below:

  • First name;
  • Last name;
  • Company name;
  • Telephone number;
  • Email address;
  • Other data relevant to the contest, raffles, promotions, newsletter, collected via consent form, or data you voluntarily share with us.

B. Purpose and legal ground of the processing 

Applies to all users:

  • To comply with our legal obligations, for example to respond to legally binding requests from regulators, law enforcement authorities or other government authorities. The legal ground is the necessity to comply with legal obligations.
  • Security, technical maintenance and service improvement of our Sites and Platform. The legal ground is our legitimate interest. Failure to process this data constitutes the impossibility to proceed with registering, maintaining and keeping the quality of our Platform and Sites,
  • Exercising our legal rights where necessary, e.g., to detect, prevent, and respond to fraud, violations of law, or intellectual property infringement. The legal ground is our legitimate interest.

For Candidates, Clients, vendors:

We process your personal data when you accept the Terms and Conditions of our Platform: 

  • To share, enter and sign any related agreement with you such as Terms and Conditions/GTC/SOW/employment/freelance contract as applicable. 
  • To create your account and allow you to use/interact with our Platform. 
  • To interact with Candidate or Client to find a suitable job for Candidate.

The legal ground is the necessity to perform the contract.

For Candidates:

  • When you apply for a position on our Platform or contact us directly on this matter, we process your personal data to connect you with Client and find a suitable job. The legal ground is the necessity to perform the contract.
  • Depending on the job opportunity you apply for and our legitimate interest, we may ask you to perform an assessment to assess if you are fit for a certain position. Cocoroco will always inform you prior to any assessment taking place. Failure to process this data makes it impossible to proceed with your application. The legal ground is the necessity to perform the contract
  • We may also contact you for further opportunities in relation to the Platform or a Client. This is based on our legitimate interest and there are no negative consequences for you if we cannot process such personal data.
  • We may use information about your location to check for relevant jobs, job offer conditions and verification of local compliance requirements. The legal ground is our legitimate interest and there are no negative consequences for you if we cannot process such personal data.
  • You may also decide to update and enrich your profile with additional information so that our Clients can consider you for the application as well as take a video recording. This is voluntary and based on your consent. You may change this information at any time.

For Clients:

  • We may contact you to inform about new Candidates. The legal ground is the necessity to perform the contract.
  • We may use your company details to perform verification before Cocoroco signs the Terms and Conditions/SOW with the Client. The legal ground is the necessity to perform the contract.
  • We process company information and job information to publish a job to find relevant Candidates. The legal ground is the necessity to perform the contract.

For Website Visitors:

See our Cookie Policy (see section 6).

For Requesters:

  • When you contact us, we process your personal data to solve issues, reply to any questions and to cooperate further, e.g., if you want to be our new Client, Candidate or vendor. This activity is necessary to support the Platform. The legal ground is our legitimate interest and/or the necessity to perform the contract..

For Participants:

  • When you voluntarily sign up for our newsletter, respond to a survey, use other site features, participate in our campaigns such as to:
    • Personalize your experience, allowing us to deliver content and product offerings that interest you most;
    • Improve our website in order to better serve you;
    • Follow up with you after correspondence (live chat, email, or phone inquiries);
    • Update you regarding features on our website or changes to our Privacy Policy;
    • Send you newsletters and periodic emails. You may opt-out at any time by following the unsubscribe instructions located at the bottom of each communication.

The legal ground is your consent. We may also obtain your consent to collect and use certain types of personal data depending on the consent form and the purpose. If we ask for your consent to process your personal data, you may withdraw your consent at any time by contacting us using the details at the end of this Policy. There will be no negative consequences when you decide to withdraw the consent. However, this will not affect the lawfulness of our processing operations in the time when we had your valid consent. 



C. Retention Period

Cocoroco will save your data for as long as it is necessary for the purpose for which it was provided. We regularly go through our systems to check if your personal data is still necessary for the purposes for which they were provided.

Specifically: 

  • Platform Account is stored for as long as the user keeps the account active. After the user closes the account and requests to remove their data, all platform data is removed within 30 days after the request.

The contractual and financial data related to Terms and Conditions/ SOW/ employment/ freelance contract is stored for 7 years after the relevant contract expired/was terminated.

Please refer to our Cookie section below (see section 6) to learn more about how long we store your information collected through cookies.

In addition to the above, in some circumstances we may store your personal data for longer periods, for example:

(i) where we are required to do so in accordance with legal, regulatory, tax or accounting requirements, or

(ii) for us to have an accurate record of your dealings with us in the event of any complaints or challenges, or

(iii) if we reasonably believe there is a prospect of litigation relating to your personal data or dealings.

3. Data Transfers

Cocoroco operates around the world and may transfer your personal data to other offices or third-party locations around the world – which may be outside the European Economic Area (EEA) – for the purposes that have been set out in this Privacy Policy. Your personal data is processed exclusively by authorized associates of Cocoroco, its affiliates and/or by external companies:

Depending on the activity, we will process personal data with our carefully selected partners and service providers as listed below:

  • Deel Inc. (425 1st San Francisco, CA 94105 USA). You can contact Deel Inc. and view their privacy policy here;
  • HubSpot, Inc. (Two Canal Park, Cambridge, MA 02141 USA). You can contact HubSpot, Inc. and view their privacy policy here;
  • Platform.sh SAS (22 rue de Palestro, 75002 Paris, France). You can contact Platform.sh SAS and view their privacy policy here;
  • Make it Max (Lochemseweg 33A, 7244 RR Barchem, Nederland). You can contact Make it Max and view their privacy policy here;
  • DocuSign International (EMEA) Ltd, (5 Hanover Quay, Ground Floor, Dublin 2, Ireland). You can contact DocuSign International (EMEA) Ltd, and view their privacy policy here;
  • Facebook (Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland). You can contact Meta Platforms Ireland Limited and view their privacy policy here;
  • LinkedIn Ireland Unlimited Company (Wilton Place, Dublin 2, Ireland). You can contact LinkedIn Ireland Unlimited Company and view their privacy policy here;
  • Google Ads, Google Analytics, Google Datastudio, Google Tagmanager, Google Bigquery (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). You can contact Google LLC and view their privacy policy here;
  • Hotjar Ltd. (Dragonara Business Centre, 5th Floor, Dragonara Road, Paceville St Julian’s STJ 3141, Malta). You can contact Hotjar Ltd. and view their privacy policy here;
  • Instagram (Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland). You can contact Meta Platforms Ireland Limited and view their privacy policy here;
  • TikTok (TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland and TikTok Information Technologies UK Limited, Kaleidoscope, 4 Lindsey Street, London, EC1A 9HP, United Kingdom). You can contact TikTok and view their privacy policy here;
  • Nylas, Inc. (3223 Hanover St, Suite 110, Palo Alto, CA 94304, USA). You can contact Nylas, Inc. and view their privacy policy here;
  • Willo Technologies Limited (20-23 Woodside Place, Glasgow G3 7QF, United Kingdom). You can contact Willo Technologies Limited and view their privacy policy here;
  • SHL Nederland BV (Secoya Building 5th Floor, Papendorpseweg, 99 3528 BJ Utrecht, the Netherlands). You can contact SHL Nederland BV and view their privacy policy here;
  • Brevo (Sendinblue SAS, 106 boulevard Haussmann, 75008 Paris, France). You can contact Sendinblue SAS and view their privacy policy here;
  • Slack Technologies Limited (Salesforce Tower, 60 R801, North Dock, Dublin, Ireland). You can contact Slack Technologies Limited and view their privacy policy here;
  • WordPress (Aut O’Mattic A8C Ireland Ltd., Grand Canal Dock, 25 Herbert Place, Dublin, D02 AY86, Ireland). You can contact Aut O’Mattic A8C Ireland Ltd. and view their privacy policy here;
  • Cookiebot (Usercentrics A/S, Havnegade 39, 1058 Copenhagen, Denmark). You can contact Usercentrics A/S and view their privacy policy here. .

The third parties listed above include hosting provider of our Platform (Platform.sh SAS), website (Make it Max), survey companies, social media platforms (such as LinkedIn) used to apply to our positions or contact us, parties that assist in performing eligibility, assessments, and other types of necessary checks per certain role, e-signature services (DocuSign), services used for advertising, cookie usage and marketing purposes (such as Hotjar and Google). Data of Website Visitors is hosted by our website hosting provider and processed as per our cookie section (see section 6). All the above-mentioned parties use their own systems and vendors to support performing the service for the purposes listed above. In such cases, these third parties may only use your personal data for the purposes described above and only in accordance with our instructions unless you’ve entered into any different relationship with them (e.g., you accepted separate terms and conditions of the Client or vendor).

We may share your personal data if required to do so by law or court order, for example with law enforcement agencies or other governmental agencies.

Your personal data may be transferred to the United States for processing by some of the service providers as listed above. In some countries outside the EEA, data protection laws may provide lower safeguards than those in the EEA, which is why we take specific additional measures to keep personal data safe as determined by GDPR, such as transferring to countries deemed adequate by the European Union or using standard contractual clauses (as approved by the European Commission).

4. Data Security

We have implemented commercially reasonable technical, organizational and security measures designed to protect your personal data. Ensuring the security of your personal data is particularly important to us, which is why we have taken different technical and organizational measures to ensure this. In particular:

  • We use regular prevention, detection, and response systems to scan and mitigate potential vulnerabilities and reduce security risks;
  • Your personal data is contained behind secured networks and is only accessible by a limited number of our staff, Clients, maintenance, and security teams on a need-to-know basis and who are required to keep the information confidential as per Zero Trust approach. In addition, the information is encrypted with Secure Socket Layer (SSL) technology;
  • We implement a variety of security measures when you enter, submit, or access your information to maintain the safety of your personal data.

If you have any concerns regarding our security, please contact us at support@cocoroco.com.

If Cocoroco were to experience a data breach and your information was affected, we will inform you if there is a risk of your data being misused and/or if there is a legal obligation to do so. In some situations, Cocoroco may be legally bound to contact the local data protection authorities in case a personal data breach happens.

5. Data Subject’s Rights

  • If you believe that your data protection rights may have been breached, you have the right to lodge a complaint with the applicable supervisory authority or to seek a remedy through the courts;
  • You have the right to object to profiling (if it is part of our activities);
  • You have the right to object, to or to request restriction of the processing;
  • You have the right to request that we rectify any personal data;
  • You also have a right to request certain details of the basis on which your personal data is transferred outside the European Economic Area and adequate safeguards we use for these data transfers;
  • You have the right to data portability as to request that some of your personal data is provided to you, or another data controller, in a commonly used, machine-readable format;
  • You have the right to request the erasure of your personal data when such personal data is no longer necessary for the purposes for which it was collected, or when, among other things, your personal data has been unlawfully
    processed. However, please keep in mind that we may not delete all your personal data as we may still need to keep it for our legitimate purposes such as establishment, exercise and defense of legal claims;
  • You have a right to access personal data held as to request a copy of the personal data that we hold about you. There are exceptions to this right, so that access may be denied if, for example, it does infringe upon the rights and freedom of others or if we are legally prevented from disclosing such information;
  • You have the right to withdraw your consent: If you have provided your consent to the collection, processing, and transfer of your personal data, you have the right to withdraw your consent fully or partly. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the
    purpose(s) to which you originally consented. This means we will not further process your personal data from the moment of withdrawal, but the processing activities performed beforehand will still be legitimate.

Subject to legal and other permissible considerations, we will make every reasonable effort to honor your request promptly in accordance with applicable law or inform you if we require further information to fulfil your request. When processing your request, we may ask you for additional information to confirm or verify your identity and for security purposes before processing and/or honoring your request. We reserve the right to charge a fee where permitted by law, for instance, if your request is manifestly unfounded or excessive. In the event that your request would adversely affect the rights and freedoms of others (for example, would impact the duty of confidentiality we owe to others) or if we are legally entitled to deal with your request in a different way than initially requested, we will address your request to the maximum extent possible, all in accordance with applicable law.

You can exercise your rights by submitting a request to support@cocoroco.com.

6. Cookie Policy

 

We use cookies.

 

Cookies are small files a website or its service provider transfers to your computer’s hard drive via your web browser if you allow. This enables the site’s or service provider’s systems to recognize your browser and capture and remember certain information. For instance, we use cookies to perform analytics of your usage of the website, advertising and website usage tracking.

 

Cookies are also used to help us understand your preferences based on previous or current site activity, enabling us to provide you with improved services. We also use cookies to help us compile aggregate data about site traffic and site interaction so that we can offer better on-site experiences and tools in the future.

 

We use cookies to:

  • Understand and save user’s preferences for future visits. 
  • Keep track of advertisements.
  • Compile aggregate data about site traffic and site interactions in order to offer better site experiences and tools in the future. We may also use trusted third-party services that track this information on our behalf. 

 

You can choose to have your computer warn you each time a cookie is being sent, or choose to turn off all cookies. You can do this through your browser settings. Since each browser is different, look at your browser’s Help Menu to learn the correct way to modify your cookies.

Please note that if you turn cookies off, some of the features that make your site experience more efficient may not function properly.

 

Via your browser settings you can choose to turn off your cookies.

7. Amendments to this Privacy Policy

 

This Policy might be updated from time to time, please make sure to check this page on a regular basis. When changes to this Policy are posted, the date at the top of this Policy will be revised.  

If you have any further questions regarding this privacy policy, or wish to exercise your privacy and data protection rights, such as right to object to processing of your personal data, deletion, rectification, withdraw prior consent, or if you have any other questions, please send an e-mail to support@cocoroco.com

This privacy policy was last updated on 26 July 2024.