Last updated May 23rd, 2018
GDPR. Means the new European General Data Protection Regulation which regulates the protection of personal data and privacy for all European citizens.
Personal Data. Means any information that directly or indirectly (indirectly means data that together with other information, such as an IP-address) can be related to an identifiable private individual, such as name, personal security number, picture, email address and job application documents.
Processor. Means for example a company which processes personal data on behalf of the controller. The company who provides us with the system for handling your job application is a processor in relation to us.
In the course of our recruitment process, we always look for new potential talents. We collect and process data about you if you are a potential recruit contacting us by your own initiative and if you are a potential recruit who we scout on our initiative.
Depending on the circumstances, we may process the following types of personal data about you:
Information you give to us. Most of the information we collect comes directly from you, provided by you in your communications with us, in person, by email or in your application documents. You can always choose not to provide us with certain information. However, not providing requested personal data may affect or prevent us from evaluating your application or consider you as a candidate.
Information we collect about you. Sometimes we obtain information in other ways, such as from previous employers, references, social media networks such as LinkedIn or from publicly available external sources and authorities.
Potential recruits. To make the initial contact, we normally obtain your name, email and phone number from sites such as LinkedIn, publicly available sources or from someone in our network who thinks you are a star. Most of the information we collect thereafter comes directly from you.
We process your personal data in a regular recruitment manner and based on the legal bases listed below. The key steps are collection, evaluation, making contact, storage for a limited period of time and deletion. Please note that the examples are not exhaustive and that they may vary depending on the circumstances.
To communicate with you. We will communicate with you before, during and after the recruitment process for example to schedule interviews and tests, provide you with feedback and information and inform you of new, open positions.
To manage all aspects of the recruitment process. We will receive and manage your job application to assess qualifications and evaluate performance in interviews and tests, determine the eligibility for initial employment, including the verification of references, qualifications and performance.
Future recruitment purposes. We will store and process your data for a limited period of time to consider you for other positions than the one you are applying for if you consent.
To compile statistics and make analyses. We may compile statistics on an anonymised basis related to, for example, demographic analyses of applicants and the number of applications received to a certain position in order to improve our employment ads and gain a better understanding of the profiles of the applicants.
To conduct polls and surveys. We may contact you to ask how you have experienced the recruitment process in order to improve if we can.
To comply with legal obligations and legal process. We may need to process data to ensure that we are complying with our legal obligations. For example, we may need to check a successful applicant’s eligibility to work in Sweden before the employment starts. We may also need your personal data in order to respond to and defend us against legal claims.
Other purposes with your consent. We may also use information about you when you have given us consent to do so for a specific purpose not listed above.
Enter into a contractual relationship. We process your personal data based on your request to enter into a contractual relationship when we communicate with you on your initiative and to manage all aspects of the recruitment process.
Consent. We process your personal data based on consent regarding future recruitment purposes. You have the right to change your mind at any time about your given consent but please note that this will not affect any processing that has already taken place.
Legitimate interest. We process your personal data based on our legitimate interests when we communicate with you on our initiative, when we compile statistics and make analyses, when we conduct polls and surveys and when we store your data due to, for example, being able to defend ourselves against potential claims such as discrimination.
Where we use your data because we have a legitimate interest to do so, you have the right to object to such use.
Legal obligation. We process your personal data based on legal obligation when we are required by law or for example by collective agreements.
We only keep your personal data as long as it is necessary for the recruitment process. However, we may keep your personal data for up to two years after the position you applied for has been filled. The reason for this is that we may need to show that the hiring process was non-discriminatory.
We may also save your application in our pool of potential recruits and use the data to consider you for future, open positions if you consent. Your application will be saved for this purpose as long as you are considered an interesting candidate, but no longer than one year from application. We may however contact you to ask if you want to review and update your application and continue to be included in our pool of potential recruits.
In order to administer the recruitment process and establish new employments, we share your personal data with our employees and trusted third parties, to the extent required to manage the recruitment process.
Our employees. We share your personal data internally with our employees for the purposes of the recruitment process and to manage our daily business operations. However, we restrict access to those of our employees who need it to perform their jobs, such as the employees in our People & Culture department and other members of the the staff involved in the recruitment process.
Group Companies. We sometimes share your personal data with companies within our company group for purposes connected with your application or the recruitment process.
Service Providers and suppliers. We may transfer or share your personal data with service providers and suppliers that provide services to us which require the processing of your personal data. For example, we may use recruiting software systems and we may engage recruitment service providers, marketing agencies, legal and other professional advisers.
We only transfer personal data to third parties for the purposes related to the administration of our recruitment process. Our service providers and suppliers are not authorised to use or disclose your personal data except as necessary to perform services on our behalf or to comply with legal obligations.
Legal purposes. Sometimes legal purposes may require us to share information about you, for example if we are required by law, a legal process or due to responding to lawful requests from law enforcement agencies, regulatory agencies and other public and government authorities.
Other parties. We may also share your personal information where you ask or permit us to. For example, we may share necessary information about you with the references you have provided, to make any necessary reference checks.
With your consent. We may share your personal information where you ask us to, for example where we make a referral to another company. We may also share information about you with third parties when you have given us your consent to do so.
We always strive to process and store your data within the EU/EEA. However, in some cases your personal data may be transferred to, and stored at, a destination outside of the EU/EEA by companies within the Adfenix company group, suppliers or subcontractors.
Please note that the privacy laws in countries outside of the EU/EEA may not be the same as, and in some cases less protective than, the privacy laws in your country. Before transferring personal data outside of the EU/EEA area, we will make sure to protect your data by taking all steps reasonably necessary to ensure that adequate safeguards (for example Binding Corporate Rules, EU Standard Model Clauses and/or Privacy Shield) are in place to protect your personal information and to make sure it is treated securely. You can contact us for details of the applicable safeguards.
We have great respect for your integrity and protecting your privacy is a key objective for us. We work continuously with the GDPR and guidelines from authorities to protect your personal data. We conduct routine vulnerability scans and penetration tests of our platform and systems. We also have thorough internal rules and policies in place to protect your data. For example, we take technical safeguard measures on all technical devices, monitor that all information is sent in secure manners and we apply access control in order only to allow staff access to data on a need-to-know basis. We also educate our employees and consultants on a regular basis on the topics of security, privacy and applicable laws and regulations.
This is a short summary of your rights:
Please note that our legal rights or obligations, such as privacy and confidentiality legislation, may prevent us from disclosing or transferring all or a part of your information, or from immediately deleting your personal data.
If you feel that we have not complied with the requirements of applicable laws and the GDPR when it comes to your personal data, please contact us first, and we will help you in every way that we can. Please observe that you also have the right to reach out to the Swedish Supervisory Authority - Datainspektionen.
Adfenix AB, company registration number 556951-2451, is a Swedish liability company incorporated under the laws of Sweden, with its registered office at Vallgatan 14, 411 16 Gothenburg, Sweden. We are the responsible legal entity (controller) of your personal data as described above. We comply with Swedish personal data protection laws, including the General Data Protection Regulation (GDPR).