Updated: June 2020
Click on one of the links below to jump to the listed section:
- Information We Collect
- How We Use the Information We Collect
- Use of Automated Data Collection Methods
- Legitimate Interest
- How We Process and Protect Personal Information
- How Long We Store Data We Collect
- Information We Share
- Data Transfers
- Your Rights as a Data Subject
- Updates to Our Privacy Notice
- Our Policy Towards Children
- Applicable Law and Dispute Resolution
- How to Contact Us
“Applicable Laws” means the Israeli Data Protection Legislation, the GDPR and any data protection, privacy and other laws and regulations applicable to MLS.
“GDPR” means the EU General Data Protection Regulation 679/2016.
“Israeli Data Protection Legislation” means the Privacy Protection Law 5741-1981, any regulations promulgated thereto and the guidelines of the Privacy Protection Authority.
The terms “Personal Information”, “Data Subjects” “Controller”, “Processor”, “processing”, shall have the meanings ascribed to them or to similar terms in the Applicable Laws.
Information We Collect
We collect Personal Information about you on our Website through our “Contact Us” webpage and online form. We may collect the following types of Personal Information (as permitted under Applicable Laws):
- contact information (such as name, email address, telephone number, the services you are interested in and the organization you work for);
- other information you may provide us in the in the free text section on the “Contact Us” webpage. Please do not provide us with any information which is not necessary in order for us to contact you.
If you are a job candidate, and you apply for a position by sending your CV to the dedicated email address in the “Jobs” section on the Website, we may collect the following types of Personal Information (as permitted under Applicable Laws) in order to consider your job application:
- employment and education history;
- language proficiencies and other work-related skills;
- information provided by references; and
- information contained in your resume or C.V., information you provide regarding your career interests, and other information about your qualifications for employment.
In addition, we may receive from job candidates, if they choose to provide us, other categories of Personal Information such as:
- Social Security number, national identifier or other government-issued identification number;
- date of birth;
- citizenship and work authorization status;
We may also collect the following types of Personal Information upon receiving your explicit consent (where required by applicable law):
- disabilities and health-related information; and
- results of drug tests, criminal and other background checks.
How We Use the Information We Collect
The Data Controller collects and uses the data gathered for the following purposes (as permitted under Applicable Laws):
a. processing your job application materials, engaging you as an employee or contractor
b. initiating and managing our business partner, client and vendor relationships;
d. where permitted under Applicable Laws, for communicating about, and administering participation in, special events, promotions, programs, offers, surveys, contests and market research;
e. responding to individuals’ inquiries;
f. operating, evaluating and improving our Website (including developing, enhancing, analyzing and improving our Website; managing our communications; performing data analytics;
g. protecting against, identifying and seeking to prevent fraud and other unlawful activity, claims and other liabilities; and
h. complying with and enforcing applicable legal requirements, relevant industry standards, contractual obligations and our policies.
All processing of will be carried out based on adequate legal grounds (as required by Applicable Laws) which may fall into a number of categories, including:
- consent or explicit consent from the Data Subject, where required by Applicable Laws;
- to ensure that we comply with a statutory or contractual requirement, or a requirement necessary to enter into a contract; or
- it is essential and necessary for the legitimate interest of the Data Controller, as described in more detail below (e.g. allowing access to a website in order to provide the services offered).
Use of Automated Data Collection Methods
When you visit our Website, we may collect certain information by automated means, such as cookies, web beacons and web server logs. The information we may collect in this manner includes IP address, unique device identifier, browser characteristics, device characteristics, operating system, language preferences, referring URLs, information on actions taken on our Website, dates and times of visits to our Website and other usage statistics.
Our Website are not designed to respond to “do not track” signals from browsers.
Information collected through third-party plug-ins and widgets on the Website (such as information relating to your use of a social media sharing tool) is collected directly by the providers of the plug-ins and widgets. This information is subject to the privacy policies of the providers of the plug-ins and widgets, and MLS is not responsible for those providers’ information practices.
The Data Controller may process Personal Information for certain legitimate business purposes, which includes some of all of the following:
- where the process enables us to enhance, modify, personalise or otherwise improve our services/communications for the benefit of our visitors;
- to identify and prevent fraud;
- to enhance security of our network and information systems;
- to better understand how people interact with our Website;
- for direct marketing purposes (except were consent is required for such activity in which case we will obtain the Data Subject’s consent prior to sending such communications);
- to provide postal communications to you which we think will be of interest to you; and
- to determine the effectiveness of promotional campaigns and advertising.
Whenever we process data for these purposes we will ensure that we take account of your rights. If you are an EU resident, you have the right to object to such processing, and may do so by contacting us as described below. Please bear in mind that if you exercise your right to object, this may affect our ability to carry out and deliver services to you for your benefit.
How We Process and Protect Personal Information
We process the Personal Information we collect, also by automated means, for the purposes defined above and for a specific period of time, which complies with our internal retention policy, in order to ensure that the personal data are not kept longer than necessary.
We maintain administrative, technical and physical safeguards designed to protect the Personal Information you provide against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use.
How Long We Store Data We Collect
We store in our systems the Personal Information we collect in a way that allows the identification of the Data Subjects for no longer than it is necessary in light of the purposes for which the data was collected, or for which that data is further processed.
- The necessity to retain the Personal Information collected, in order to offer services established with the user;
- The legitimate interest of the Data Controller, as described in the purposes above; and
- The existence of specific legal obligations that make the processing and related storage necessary for specific period of times.
Information We Share
In addition, we may disclose Personal Information about you (i) if we are required to do so by law or legal process; (ii) to law enforcement authorities or other government officials based on a lawful disclosure request; and (iii) when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss, or in connection with an investigation of suspected or actual fraudulent or illegal activity. We also reserve the right to transfer Personal Information we have about you in the event we sell or transfer all or a portion of our business or assets (including in the event of a reorganization, dissolution or liquidation).
The countries to which we may transfer the Personal Information we collect about you may be:
- Within the European Union
- Outside the European Union
When we transfer Personal Information from within the European Union to countries or international organizations that are based outside the European Union the transfer takes place on the basis of:
a. An adequacy decision by the European Commission; or
b. In the absence of an adequacy decision, other legally permitted grounds: (a) a legally binding and enforceable instrument between public authorities or bodies; (b) binding corporate rules; or (c) standard data protection clauses (formerly called the Model Clauses) promulgated by the European
Your Rights as a Data Subject
In all of the above cases in which we collect, use or store your Personal Informtion, you may have the following rights and, in most cases, you can exercise them free of charge. At any time, you may contact us at: firstname.lastname@example.org and request to know what Personal Information we keep about you. We will make good-faith efforts to locate the data that you request to access. Where we are a Processor, we shall comply with your request only subject to the written instructions of the Controller of your Personal Information.
When you ask us to exercise any of your rights under this Policy and the applicable law, we may need to ask you to provide us certain credentials to make sure that you are who you claim you are, to avoid disclosure to you of Personal Data related to others and to ask you questions to better understand the nature and scope of data that you request to access.
We may redact from the data which we will make available to you, any Personal Data related to others. In addition, we may delete information if required by Applicable Laws.
Where the GDPR, and when authorized by Applicable Laws, a Data Subject which is an EU resident may exercise certain specific rights, such as:
1. Right of access: A Data Subject may access his or her Personal Information in order to verify that his or her Personal Information is processed in accordance with the Applicable Law
2. Right to rectification: A Data Subject may request the rectification of any inaccurate or incomplete data held about him or her, in order to protect the accuracy of such information and to adapt it to the data processing.
3. Right to erasure: A Data Subject may request that the Data Controller erases information about him or her and to no longer process that data.
4. Right to restriction of processing: A Data Subject may request that the Data Controller restricts the processing of his or her data.
5. Right to data portability: A Data Subject may request data portability, meaning that the Data Subject can receive the originally provided Personal Information in a structured and commonly used format or that the Data Subject can request the transfer of the data to another data controller.
6. Right to object: A Data Subject who provide a Data Controller with Personal Information may object, at any time, to the data processing on a number of grounds as set out under GDPR without needing to justify his or her decision.
7. Right not to be subject of automated individual decision-making: A Data Subject may request not to be subject to a decision based solely on automated processing, including profiling, if such profiling produces a legal effect concerning the Data Subject or similarly significantly affects him or her.
8. Right to lodge a complaint with a supervisory authority: A Data Subject may have the right to lodge a complaint with an applicable data protection supervisory authority; in particular in the EU Member State of his or her habitual residence, place of work or place of the alleged infringement if the Data Subject considers that the processing of Personal Information relating to him or her infringes GDPR.
Whenever data processing is based on consent as described in Article 7 of the GDPR, the Data Subject may withdraw his or her consent at any time.
If you require more information about the processing of your Personal Information, please refer to the How to Contact Us section below.
Updates to Our Privacy Notice
Our Policy Towards Children
Our Website is not meant to be used by or for persons under 18, as such, we do not knowingly collect Personal Information from minors younger than 18. Insofar as Personal Information may be collected based on your consent, the Data Subject must be above the age of 16 (or above the age of 13 if this is the legal requirement in your country). If these age requirements are not met, you are required to obtain the consent of the parent or guardian to provide and process information in accordance with this Policy; lacking such consent, please do not use the Website.
Applicable Law and Dispute Resolution
How To Contact Us
17 Ha’Mefalsim St.
Petah Tikva 49514
Tel: +972 3 9244410
Fax: +972 3 9244420
Submission of data subject request: Here