Privacy Policy (GDPR‑Compliant)

Effective Date: July 14, 2025

1. Introduction

JobF3.com (“JobF3,” “we,” “our,” or “us”) is committed to protecting the privacy and personal data of our users—including job seekers, employers, visitors, partners, and other third parties (“you,” “your”)—in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) (EU Regulation 2016/679).

This Privacy Policy explains:

• The categories of personal data we collect,

• How and why we collect and process it,

• The legal basis for those processes,

• How long we retain your data,

• Your rights under GDPR,

• Our security measures,

• Conditions for transferring data internationally,

• Details about automated decision-making,

• And how to contact us.

Please read it carefully. By accessing or using JobF3.com or its affiliated services, you accept this Privacy Policy. If you do not agree, please discontinue use of the website and services.

2. Definitions

For clarity, some key terms are defined here:

• Personal Data: Any information relating to an identified or identifiable natural person.

• Data Controller: The entity that determines the purposes and means of processing personal data. JobF3 is the Data Controller.

• Processing: Any operation performed on personal data—collection, storage, retrieval, use, disclosure, deletion, analysis, etc.

• Data Subject: An identified or identifiable natural person whose data is processed.

• Data Processor: A third party that processes personal data on behalf of JobF3.

3. Scope & Applicability

This Privacy Policy applies to:

• Users who register on or use JobF3.com (job seekers, employers, recruiters, partners);

• Visitors who browse our public pages;

• Affiliates and contractors involved in services connected to JobF3;

• Third parties such as recruiters or educational partners who engage with our platform.

It covers all aspects of personal data you provide directly, we collect from you, or we receive from third parties when interacting with JobF3’s services.

4. Categories of Personal Data Collected

We collect and process the following types of data:

4.1 Registration and Profile Data

• Full name

• Email address

• Password (hashed)

• Telephone or mobile number

• Job titles, skills, CV/resume, education, experience, certifications

• Company details for employer accounts

• Profile photo (optional)

4.2 Usage Data

• IP address, device type, browser type

• Operating system, geolocation (country and city level)

• Device identifiers

• Referral and navigation data, session duration

• Job search keywords, filters used, job views, applications made

• Communications with support or other users

4.3 Transactional Data

• Payment method, billing address, invoice or receipt details

• Subscription plan, start/end dates, transaction history

• Card or bank account information (handled by third-party payment processors)

4.4 Communications

• Support/help inquiries, chat or email records

• Feedback, survey responses

4.5 Third‑Party Data

• When using social logins or importing resumes from external services

• Data via integrated partners (e.g. identity verification)

4.6 Derived or Analytical Data

• Processed information like matched job recommendations

• Usage statistics, preference models, anonymized analytics

5. Purpose & Legal Bases of Processing

We process your personal data for specific, lawful purposes under GDPR. Our legal bases include:

Where marketing emails are sent, these are done only if you have opted in (double opt‑in). You may withdraw consent at any time.

6. Cookies & Automated Tracking

We and our service providers use cookies and tracking technologies (e.g., Google Analytics, session cookies, local storage):

• Essential cookies for functionality and session control

• Performance/analytics cookies for usage insights

• Preferences cookies for language and display settings

• Marketing cookies for targeting

You can manage cookie settings via your browser. Consent for analytics/marketing cookies is requested on first visit. Turning certain cookies off may limit website functionality.

7. Sharing and Disclosure of Personal Data

7.1 Within JobF3

Access is limited to trained staff who need it for their roles (e.g., support, engineering).

7.2 Third‑Party Service Providers

We share data with:

• Cloud hosts and servers

• Email and customer support platforms

• Payment processors

• Analytics providers

• Communication tools

• Identity verification partners

These providers are bound by Data Processing Agreements and must meet equivalent GDPR standards.

7.3 Business Transfers

If JobF3 is acquired or merged, personal data may be transferred to the new entity, subject to confidentiality agreements.

7.4 Legal Requirements

We may share data when required by law enforcement, courts, or regulatory authorities—only to the extent legally required.

8. International Data Transfers

JobF3 is global and may store/process data in locations that may not meet EU adequacy standards.

We rely on:

• Standard Contractual Clauses (SCCs)

• Binding corporate rules or EU-approved mechanisms

• Adequate protection policies

These ensure proper safeguards and enforceable rights for EU/UK data subjects.

9. Data Retention

We retain personal data only as long as necessary for:

• Contract fulfillment

• Legal compliance (finance/tax laws)

• Legitimate interests (e.g., defense against claims)

Typical retention periods:

After retention periods expire, data is securely deleted or anonymized.

10. Data Subject Rights

Under GDPR, you have the right to:

1. Access – Obtain a copy of your personal data.

2. Rectification – Correct inaccurate or incomplete data.

3. Erasure (“Right to be forgotten”) – Delete your data (subject to legal exceptions).

4. Restriction of Processing – Temporarily limit certain uses of your data.

5. Data Portability – Receive your data in structured, common format.

6. Object to Processing – Challenge processing on grounds of legitimate interests.

7. Withdraw Consent – For marketing or tracking where relevant.

8. Complain – Contact supervisory authority (e.g., an EU Member State’s DPA).

To exercise your rights, contact us using the details below. We may ask for ID to verify identity. We respond within 1 month (extendable to 3 months for complex requests).

11. Children’s Privacy

JobF3 is not intended for individuals under 16 years old. We do not knowingly collect data from minors. If we inadvertently receive information from a minor, we will promptly erase it. If you’re a parent or guardian believing your child provided us data, contact us to request removal.

12. Security of Personal Data

We prioritize data security by using:

• Encryption (HTTPS, SSL/TLS for data transfer)

• Encrypted storage (at rest)

• Access controls and unique credentials

• Regular security audits and vulnerability testing

• Data minimization and anonymization

• Incident response plan with breach notification procedures as per GDPR Article 33

Despite safeguards, no system is entirely secure. We encourage users to protect credentials and report suspicious activity.

13. Automated Decision-Making

JobF3 uses automated systems (e.g., matching algorithms, job recommendations). These processes analyze:

• Your profile

• Stated preferences

• Behavioral data

The decisions are based on pre-programmed rules and do not involve human input at every stage. If you want human review, please contact support at support@jobf3.com. If automated processes significantly affect you, you have the right to object or request human intervention.

14. Changes to This Privacy Policy

We may update this policy to reflect legal developments or operational changes. Material updates will be accompanied by notifications via email, banners, or pop-up notices on the website. The “Effective Date” at the top will reflect changes. Continued use after updates constitutes acceptance.

15. Contact Us & Data Protection Officer

Data Protection Officer (DPO)

JobF3 has appointed a DPO responsible for guiding data protection compliance.

📧 Email: dpo@jobf3.com
📧 General Support: support@jobf3.com
📞 Phone: +92‑300‑000‑0000
📬 Address:
JobF3 Solutions (Pvt) Ltd.
123 Career Road
Lahore, Punjab
Pakistan

You may also reach out with data requests, complaints, or queries.

16. Supervisory Authority & Complaints

If you are in the EU or UK, you have the right to lodge a complaint with your data protection supervisory authority—for example:

• Ireland: Data Protection Commission

• Germany: Federal Commissioner for Data Protection and Freedom of Information (BfDI)

• France: Commission Nationale de l’Informatique et des Libertés (CNIL)

17. Additional Jurisdictional Notes

17.1 UK GDPR

We comply with the UK GDPR in the same way as the EU GDPR.

17.2 Non‑EU Users

Users in other regions (e.g., USA, Pakistan) are also covered under this policy. However, they may have only applicable rights under their local laws.

18. Third‑Party Links & Integration

JobF3 may link to external websites or services (e.g., social networks like LinkedIn, Company career pages). We are not responsible for their privacy practices. We recommend you review the privacy policy of any site you visit through us.

19. Data Transfers Outside the EU/EEA

If you are located in the EU/EEA, your data may be transferred to countries without an EU adequacy decision (e.g., Pakistan). In such cases, we use:

• Standard Contractual Clauses (SCCs),

• Adequacy decisions, or

• Other legally recognized safeguards.

You can ask us for a copy of the mechanism used.

20. Data Minimization & Purpose Limitation

We collect only data necessary to deliver our services or comply with laws. We do not use your data for incompatible secondary purposes. Any further processing beyond disclosed purposes will be communicated and legally justified.

21. Data Anonymization & Aggregation

We may anonymize or pseudonymize data for analytics and research—which is not personal data. This helps improve our services while preserving your privacy.

22. Profiling

JobF3 uses profiling tools to deliver personalized job recommendations and marketing content. Profiling is based on your profile details, interaction history, and preferences. You have the right to object to profiling marketing and request human involvement if decisions significantly impact you.

23. Consent Management

Where GDPR requires your consent (e.g., for non-essential cookies or marketing communications), we:

• Display consent requests before setting these cookies,

• Store consent records securely,

• Enable you to withdraw consent at any time,

• Do not bundle your consent with other unrelated terms.

24. Behavioral Advertising

If we or our partners display ads based on your browsing behavior, we will:

• Use non-sensitive data (e.g. visits, time, pages viewed),

• Obtain valid consent before doing so,

• Provide opt-outs via cookie settings or links in emails.

25. Cross‑Device Recognition

We may link your usage across devices when logged in (web, mobile app). This is for functional equivalence (e.g., saved job views). It’s based on your consent signaled by login.

26. Data Breach Notification

Under GDPR Article 33, we must notify:

1. The relevant supervisory authority within 72 hours of breach discovery if it poses risk to rights and freedoms.

2. Affected data subjects promptly if likely to harm their rights and freedoms.

Notifications will describe nature, categories of data, estimated numbers affected, consequences, actions taken, mitigation steps, and contact info for queries.

27. Third‑Party Processor List

Here are key processors and their purposes:

• Amazon Web Services (AWS): Hosting and infrastructure

• Stripe/PayPal: Payment processing

• SendGrid/Mailgun: Transactional emails

• Google Analytics: Usage analytics

• Intercom/HelpScout: Customer support

• Cloudflare: Security and performance

We vet and contract all processors under GDPR frameworks.

28. Cooperation with Regulators

We cooperate with supervisory authorities in investigating complaints or inquiries, transparently sharing records or documents as permitted by law.

29. Data Transfer Impact Assessments

When transferring data internationally, we conduct Data Protection Impact Assessments (DPIAs) to evaluate risks and implement safeguards. Outcomes and mitigations are documented.

30. Link to GDPR Articles

For details on rights and obligations, consult relevant sections:

• Right to Access: Art. 15

• Right to Rectification: Art. 16

• Right to Erasure: Art. 17

• Right to Restriction: Art. 18

• Data Portability: Art. 20

• Right to Object: Art. 21

• Profiling: Art. 22

• Security: Art. 32

• Data Breach: Art. 33

• DPIAs: Art. 35

31. Website Age & Updates

This policy is reviewed annually or sooner if regulations change (e.g., GDPR updates, ePrivacy developments). The Effective Date will be updated upon each revision.

32. Contact & Feedback

Questions, complaints, or requests regarding this Privacy Policy or your personal data can be submitted to:

📧 dpo@jobf3.com
📞 +92‑300‑000‑0000
📬 JobF3 Solutions (Pvt) Ltd., 123 Career Road, Lahore, Punjab, Pakistan

We value your privacy and will engage promptly and transparently on your concerns.

Summary

JobF3.com is fully compliant with GDPR:

• Collects only necessary information for service delivery

• Processes under lawful grounds

• Enables access, correction, deletion, portability, and opt‑out

• Secures data with technical and organizational measures

• Notifies users and authorities in case of breach

• Provides clear contact avenues and keeps policy up to date

Thank you for trusting us with your data. We are committed to protecting your privacy and using your personal information responsibly as we empower career growth and hiring connections.