PRIVACY POLICY FOR RECRUITMENT USING TEAMTAILOR
The service for handling recruitments and simplifying the hiring process is powered by Teamtailor on behalf of NA-KD ("Controller”).
NAKDCOM ONE WORLD AB is committed to respecting and protecting your privacy. Our goal is to be clear about what information we collect and how we use and protect your personal information.
The below Privacy Policy outlines how we may collect, use, store and process your personal information in our recruitment process.
A LITTLE REMINDER ABOUT NA-KD
The Controller is NAKDCOM ONEWORLD AB, a company organized under the laws of Sweden, with registration number 556971-2002 and its registered address at Gamlestadsvägen 4 B 15, 415 02 - Göteborg, Sweden.
PRINCIPLES
This Policy is based on the following principles:
- Personal data shall be processed lawfully, fairly and transparently;
- Personal data shall only be collected for specific, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes;
- Personal data shall be adequate, relevant and limited to what is necessary for processing;
- Personal data shall be accurate and, where necessary, kept up to date with every effort to erase or rectify without delay;
- Personal data shall be kept in a form such that the data subject can be identified only as long as is necessary for processing;
- Personal data shall be processed in a manner that ensures the appropriate security;
- Personal data shall not be shared with third parties except when necessary in order for them to provide services upon agreement;
- Data subjects must easily exercise their rights.
WHAT PERSONAL INFORMATION ARE COLLECTED?
Personal information is data that can be used to identify or contact you.
Under the EU’s General Data Protection Regulation (GDPR) personal data is defined as: “any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.
If we do collect personal data, we will nevertheless never collect sensitive personal data about you. The EU’s General Data Protection Regulation (GDPR) defines sensitive personal data as “categories of personal data related to racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning health or data concerning a natural person's sex life or sexual orientation.”
When you use our career platform, we may gather various information. In any event, we are committed to ensuring that the information we receive and use are appropriate for the below purposes.
When and how we collect personal data
We collect personal data about when you:
- make an application through the platform or otherwise, adding personal data about yourself either personally or by using a third-party source such as Facebook or LinkedIn; and
- use the platform to connect with our staff, adding personal data about yourself either personally or by using a third-party source such as Facebook or LinkedIn.
- provides identifiable data in the chat (provided through the platform) and such data is of relevance to the application procedure;
We collect data from third parties, such as Facebook, Linkedin and through other public sources. This is referred to as “Sourcing” and be manually performed by our employees or automatically in the Platform.
In some cases, existing employees can make recommendations about potential applicants. Such employees will add personal data about such potential applicants. In the cases where this is made, the potential applicant is considered a user of the platform ser in the context of this Privacy Policy and will be informed about the processing.
The types of personal data collected and processed
The categories of personal data that can be collected through the platform can be used to identify natural persons from names, e-mails, phone number, CV, cover letter, pictures and videos, information from Facebook and LinkedIn-accounts, answers to questions asked through the recruiting, titles, education and other information that the applicant or others have provided through the platform. Only data that is relevant for the recruitment process is collected and processed.
Purpose and lawfulness of processing
The purpose of the collecting and processing of personal data is to manage recruitment by contacting/communicating with the candidate, correctly identify the candidate and to hire the most suited candidate. The lawfulness of the processing of personal data is (i) the necessity to process information in order to take steps at the request of the data subject prior to entering into an employment contract and (ii) our legal obligation for instance, according to the Swedish Discrimination Act.
Personal data that is processed with the purpose of aggregated analysis or market research is always made unidentifiable. Such personal data cannot be used to identify a certain User. Thus, such data is not considered personal data.
SHARING YOUR INFORMATION
We will never sell your personal data to any third party.
However, we may share your personal information with companies who are experts in their field and assist us in operating the website, conducting our business or servicing you.
Do not worry though! Each of our service providers have been selected by us for their ability to provide the particular services needed, including their ability to handle your personal information. All those providers provide sufficient guarantees to implement the technical and organizational measures necessary to meet the requirements of the GDPR and our own.
We share your personal information in the following cases:
- To any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries;
- In the event that we sell or buy any business or assets, data may be disclosed to the prospective seller or buyer of such business or assets;
- If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms and conditions and other agreements; or to protect the rights, property, or safety of NA-KD, our customers, or others.
- If we are processing it on behalf of a customer;
- To our contractors and sub-contractors, acting as our Processors and Sub-Processors in accordance with our instructions
- authorities or legal advisors in case criminal or improper behavior is suspected.
TRANSFERS OF YOUR INFORMATION OUTSIDE THE EUROPEAN ECONOMIC AREA
Where a third-party provider is located outside the European Economic Area, we will always ensure that the transfer of personal data will be protected by appropriate safeguards, namely the use of standard data protection clauses adopted or approved by the European Commission where the data protection authority does not believe that the third country has adequate data protection laws or with companies that are Privacy Shield Certified.
WHAT ARE YOUR RIGHTS?
At any point while we are in possession of or processing your personal data, your rights are as follows:
- You have the right to request information about the personal data that is processed by us, by notifying in writing, us using the contact details below. You have the right to one (1) copy of the processed personal data which belongs to you without any charge. For further demanded copies, Controller has a right to charge a reasonable fee on the basis of the administrative costs for such demand
- You have the right to, if necessary, rectification of inaccurate personal data concerning that you, via a written request, use the contact details below
- You have the right to demand deletion or restriction of processing, and the right to object to processing based on legitimate interest under certain circumstances
- You have the right to revoke any consent to processing that has been given by you to the Controller. Using this right may however, mean that you cannot apply for a specific job or otherwise use the platform
- You have under certain circumstances a right to data portability, which means a right to get the personal data and transfer these to another controller as long as this does not negatively affect the rights and freedoms of others
- You have the right to lodge a complaint to the supervisory authority regarding the processing of personal data relating to him or her, if you consider that the processing of personal data infringes the legal framework of privacy law.
To access what personal information is held: identification will be required.
Where you request access to your information, we are required to use all reasonable measures to verify your identity before doing so. These measures only exist to protect your information and to reduce risk of identity fraud, theft or unauthorized access to your information.
We therefore kindly ask you to send us original or certified copies of the following documentation: passport, identity card, birth certificate or driving licence. One of those above documents is required in order to request personal information.
We will endeavour to respond within one month. If you want to exercise one of the above rights, please contact us using the contact details provided below.
HOW LONG DO WE KEEP YOUR INFORMATION?
We will hold your personal data for as long as you are you have an account and for as long as is necessary to comply with our legal/ regulatory obligations, resolve disputes, prevent fraud and abuse or enforce our terms and conditions.
When we no longer need to retain your personal data, it will be deleted or be anonymised so that you can no longer be identified from it.
We securely destroy all financial information once we have used it and no longer need it.
HOW YOUR PERSONAL INFORMATION IS SECURED?
We prioritize the personal integrity and therefore works actively so that your personal data are processed with utmost care. We take the measures that can be reasonably expected to the make sure that your personal data and others are processed safely and in accordance to this Privacy Policy and the GDPR-regulation.
However, transfers of information over the internet and mobile networks can never occur without any risk, so all transfers are made on the own risk of the person transferring the data. It is important that you also take responsibility to ensure that your data is protected. It is your responsibility that your login information is kept secret
COOKIES AND SIMILAR TECHNOLOGIES
When you use the platform, information about the usage may be stored as cookies. Cookies are passive text files that are stored in the internet browser on your device, such as computer, mobile phone or tablet, when using the platform. We use cookies to improve your usage of the platform and to gather information about, for example, statistics about the usage of the platform. This is done to secure, maintain and improve the website
Users can at any time disable the use of cookies by changing the local settings in their devices. Disabling of cookies can affect the experience of the Service, for example disabling some functions in the Service.
HOW TO CONTACT US
If you have any questions about this Privacy Policy and/or have any inquiry relating to your Personal Data, please a letter to Data Privacy, NAKDCOM One World AB, Gamlestadsvägen 4 B15, 415 02 - Göteborg, Sweden.
Or send an email to dataprivacy@na-kd.com
CHANGES TO OUR PRIVACY POLICY
We keep our Privacy Policy under regular review. We will post any updates on this webpage. If significant changes are made, we will directly contact you by email so you can review the changes. Please check back frequently to see any updates or changes to our Privacy Notice.
The Privacy Policy was last updated May 17th, 2018.
