Privacy Policy

We at Jobylon AB (“Jobylon”) are committed to protecting and respecting your privacy. This policy describes how we collect and use personal data about our potential, former and current customers, suppliers and business partners including your rights regarding your personal data.

Please do not hesitate to reach out to us if you have any questions or comments regarding your personal data or this privacy policy. You can also reach us by sending an email to privacy@jobylon.com or contact us at Jobylon AB, Sankt Eriksgatan 63B, 112 34, Stockholm, Sverige.

If you wish to enforce your rights or otherwise contact our privacy team, you can reach us by sending an email to privacy@jobylon.com. If you wish to specifically talk to our data protection officer, send an email to dpo@jobylon.com.
The recruiting tool Jobylon (the “Service”) is owned and provided by Jobylon, which also is responsible for the processing of your personal data as described herein, as a data controller.
This privacy policy may be updated to reflect changes in our collection and use of your personal data. You will be informed of any significant changes (e.g. by email, in the Service or at our website), but we also recommend that you review this privacy policy from time to time to ensure that you are aware of any amendments.

If you are a job seeker using the Service, we process your data on behalf of our customers as a data processor. We will process personal data in accordance with the instructions we have received under the personal data processing agreement we have entered into with your possible future employer who manages the recruitment process. That processing is not included in this privacy policy since this policy describes the processing we do as a data controller.

Therefore, “you” hereinafter refers to you who visits our website, use the Service or is in contact with us on behalf of a legal entity who, for example, might be your employer. The “Company” refers to the legal entity which you are representing as an employee, consultant or similar.

PERSONAL DATA THAT WE PROCESS

• Contact details. Your name, email address, telephone number and postal address.
• Company-related data. This means information regarding the company you work for, including company name, job title, workplace and sometimes information regarding your right to represent your company. This is applicable when you are in contact with us in the role of representative of a company.
• Personal identification number. If you are a sole trader, we will process your personal identification number as it is the same as your company registration number.
• Communications data. We will collect and store your communication with us, and any information provided to us in such communication, for example if you fill in open comment-fields or use the chat-function on our website or in the Service or when otherwise contacting us.
  
  To be able to provide you as a visitor of our website with an easy channel for contacting us and to provide an excellent customer support for the users of the Service we use a chat interface that provides us with additional information about previous contacts between us, and browser data such as, time zone and language-preferences when you contact us via the chat-function.

• Billing data. If you are a sole trader, we will process the personal data needed to invoice you or handle an invoice from you. Otherwise, we may if necessary, put you as a billing reference.
• Technical and statistical data. We will collect technical and statistical data from your computer (or mobile device) in connection with your use of our website and/or Service such as IP address, browser type and version, screen resolution, preferred language, geographic location, operating system and computer platform. To read more about the cookies we use, please see our cookie policy.
• Survey data. If you are a customer to Jobylon, we may contact you to participate in online customer satisfaction surveys. If you decide to participate, you may be asked to provide certain information which may include personal information.
• Sensitive data. We will only process sensitive data about you if you provide us with such information and only to the extent necessary and justified, , e.g. if you provide us with information regarding your allergies or other health data for an event we host.

ONLY APPLICABLE TO OUR CUSTOMERS THAT USE THE SERVICE:

• User activity logs. We save information about your activity in the Service in order to analyze users’ use of the Service for improving the Service, but also to enable customer support.
• User account data. Your username and e-mail address will be processed to provide you with the Service. Furthermore, you will have the opportunity to provide us with your profile picture and phone number. This information enables us to auto-fill some of the fields of information when you create a new job ad.

HOW WE GATHER YOUR PERSONAL DATA

Information you give to us. Most of the information we process about you is received from you. You may directly or indirectly give us information about yourself in different ways, for example when you contact us to request a demo of the Service, subscribe to our publications and/or newsletters, register for and/or attend our events or use the Service. You can always choose not to provide us with certain information. However, some personal data is necessary in order for us to provide you with the service you have requested. Not providing such personal data may prevent us from performing what you expect from us.

Information we collect about you. We may also obtain personal data about you from your employer, the website of your employer, external public sources or providers of contact information for marketing purposes. If you are invited to the Service by your Company, the Company will provide us with your name and e-mail address in order for us to set up your account and send an invitation.

We will furthermore automatically receive information and statistics about your use of the website and/or the Service.

PURPOSES OF PROCESSING AND LEGAL GROUNDS

Communication. Your contact details will be used to communicate with you. This processing can either be necessary for us under our contract with you or your employer or for our legitimate interest in effective communication with our customers, potential customers, suppliers and business partners.

Sending you requested information. Your contact details will be used to send you the information you have requested from us, e.g. if you have signed up for our newsletter, or a publication such as an e-book, based on your consent.

Marketing. Your personal data may, depending on our relationship, be used to market us, e.g. contact you on LinkedIn, send information about our different services and products relevant for you and invite you to our events. This processing is based on our legitimate interest in being able to market us and our services to potential customers.

If you have registered for our newsletter or publications or an event we use your information to, besides sending the content you have requested, if relevant, contact you on LinkedIn, tell you about our other publications, the Service or just keep you up to date with what’s going on with us, our products, services and events. This processing is based on your consent.

If you do not wish to receive any direct marketing, you can opt out at any time by clicking the unsubscribe button in our email or contact us directly at privacy@jobylon.com.

Information collected from cookies and similar technologies when you visit our website and/or use our Services will be used to market Jobylon and our services by showing you relevant product recommendations, ads and offerings on different social media platforms (e.g. Facebook/LinkedIn), in accordance with the consent you have given us for cookies. For more information about this data processing and how to adjust your privacy settings for cookies, please view our cookie policy here.

Administering events. We will, for our legitimate interest in being able to host events for our current, former and potential customers, invite you to an event and subsequently process the personal data necessary to plan and administer that event. Generally, the categories of personal data involved are your contact details, company data and - if we serve food - food preferences and/or allergies. If you provide us with any health data such data will be processed based on your consent.

Identification of you and your company, if you are a sole trader. We process your personal identification number as a part of the information we keep about your company and to identify you as the representative of such company. This is necessary for the identification process and for our legitimate interest of being able to identify our customers, suppliers and business partners.

Fulfilment of legal obligations. Jobylon are obligated to follow Swedish law. This means that your personal data will be processed to the extent necessary for us to fulfil our legal obligations, for example with regard to tax and book-keeping rules.

Protection of our legitimate business interests and legal rights. We will use information about you where we believe it is necessary to protect and enforce our legal rights, interests and the interests of others, for example in connection with legal claims, compliance, regulatory and audit functions.

Merger or acquisition. In connection with, due to strategical or business-oriented reasons, a potential merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company, the personal data we retain about you may be processed, shared or transferred, to parties involved in the process. This processing is based on our legitimate interest of being able to develop our business.

Publish customer reviews. If you are one of our customers, we might contact you asking for your consent to publish a customer review by you for the purpose of marketing our services. The contact is made in our legitimate interest in being able to ask you for a review, however the review is based on your consent.

Billing. If you or your employer have ordered services from us or we have bought services from you, your personal data may be used for billing purposes. This includes having you as an invoice-reference. This processing is necessary and is based on our legitimate interest of being able to bill our customers under the agreement we have entered into with your company.

Administration of our agreements. If you are our customer, personal data will be processed when we enter into and during the agreements with you or your employer. This is necessary for us to be able to enter into and fulfil agreements with you or your employer and for our legitimate interest in being able to enter into and fulfil different types of agreements and to have a contact person in connection with the agreement.

Other processing based on your consent. Your personal data may be used for other purposes than stated above if you ask us to or you give us your consent.

ONLY APPLICABLE TO OUR CUSTOMERS THAT USE THE SERVICE:

Providing the Service. If your Company is our customer, we will process your personal data to manage our customer relationship and to provide you with our Service. This is necessary for upholding our obligations according to the contract we have entered into with you or your employer.

Notwithstanding anything else in this Privacy Policy, if you provide the Service access to your Google data, the Service’s use of that data will be subject to these additional restrictions:

• The Service will only use access to read, write, modify or control Gmail message bodies (including attachments), metadata, headers, and settings to provide a web email client that allows users to compose, send, read, and process emails and will not transfer this Gmail data to others unless doing so is necessary to provide and improve these features, comply with applicable law, or as part of a merger, acquisition, or sale of assets.
• The Service will not use this Gmail data for serving advertisements.
• The Service will not allow humans to read this data unless we have your affirmative agreement for specific messages, doing so is necessary for security purposes such as investigating abuse, to comply with applicable law, or for the Service’s internal operations and even then only when the data have been aggregated and anonymized.

Customer surveys. Your contact information may be used to conduct customer surveys, e.g. about Jobylon and the Service. We will contact you based on our legitimate interest in improving our business and services. Participation is however voluntary in case personal data is included in your answers, we process such personal data based on your consent.

Creating aggregated statistics. Your personal data may be processed to create aggregated statistics meaning the information will no longer be identifiable. This processing is based on our legitimate interest in being able to have statistics as a base for developing and improving our business and services.

Developing our business and services. Statistics and information from customer surveys and use of the Service will be used as material for us in our work towards developing and improving our business and services, which also is our legitimate interest that we base this processing on.

HOW WE SHARE YOUR PERSONAL DATA

Sometimes, we need to share your personal information with other trusted individuals and companies. Your personal information is shared with:

External consultants. Your personal data will, when appropriate, be shared with some of our consultants. However, we will restrict access to those of our consultants who need it to perform their jobs, for example to provide you with customer support. Our consultants are of course subject to strict confidentiality.

Other users of the Service within your Company.

Facebook, Twitter and/or LinkedIn. For further information on how each of these third parties process your personal data, please read their respective privacy information.

Our service providers. We transfer to or share your personal data with our suppliers and subcontractors who help us provide the Service to you or supply other services to us which require the processing of personal data. The services include providing and facilitating the Service, services that handle necessary, technical support and maintenance of our IT-solutions including storage of your information by our web host, analysis of how the Service is used.

We provide personal data to third parties solely for the purpose of delivering our Service and to manage our daily operations including marketing. Our suppliers and subcontractors are not authorized by us to use or disclose your personal data except as necessary to perform services on our behalf or to comply with legal requirements.

If you explicitly request us to sync your email- and/or calendar account to the Service, we will access your email and/or calendar data. However, we will only access that data to read, write, modify or control message bodies (including attachments), metadata, headers, and settings to provide a web email client that allows us to compose, send, read, and process emails. We will not transfer this data to others unless doing so is necessary to provide and improve these features, comply with applicable law, or as part of a merger, acquisition, or sale of assets. We will not use this data for marketing purposes. We will furthermore not allow any employees or consultants with Jobylon to access your email and/or calendar data unless we have your consent for specific messages, it is necessary for security purposes, it is necessary for us to comply with applicable laws or for our internal operations (after your data has been aggregated and anonymized).

Public authorities and other actors. We may need to provide necessary information to parties who, by law, have the right to receive information about you, e.g. Police, Tax Authorities and courts.

Parties involved in a legal proceeding. Your personal data may be shared if necessary with parties involved in a legal proceeding, such as lawyers.

Parties involved in an acquisition, merger, or sale of business. We may, for strategic or commercial reasons, decide to sell or transfer all or parts of the company in the future. As part of a transaction, your personal information may need to be shared with parties involved in the transaction.

Other parties. We may also disclose your personal data to other companies, organizations or persons with your consent.

WHERE WE PROCESS YOUR PERSONAL DATA

Your personal information may in some cases be transferred to and stored at destinations outside the EU/EEA where the privacy laws may not be the same as, and in some cases may be less protective than, privacy laws in the EU/EEA. We will however take all the necessary steps to ensure that adequate safeguards (such as EU standard contractual clauses or an adequacy decision by the EU Commission) are in place to protect your personal information and to make sure it is treated securely and in accordance with the GDPR. Please contact us for more information about the applicable safeguard in a specific case.

THE RETENTION TIME FOR YOUR PERSONAL DATA

We keep your personal data only as long as necessary to fulfil the purposes for which it was collected. How long depends on the type of information and why we process it. We regularly review our need to keep data, taking into account applicable legislation.

If you are a user of the Service, your personal data will be stored in the Service for as long as you keep your user account. Upon termination of the account your data might be stored up until one (1) month after termination due to technical reasons.

Personal data processed on the basis of your consent (e.g. sensitive data), will be deleted when your consent is withdrawn or upon expiry of the purpose for which your consent was given.

Moreover, we store data to the extent we believe it is necessary to protect our legal rights, legitimate interests and the interests of others. Your data may also be stored for a longer period if required by applicable statutory retention periods (e.g. for tax and/or book-keeping purposes and applicable statutory retention periods).

YOUR RIGHTS

Right to object. You have right to object to processing based on legitimate interest. This means that we may no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests. You can always contact us for more information on the balance test that has been made. Upon an objection we might have to investigate the situation further prior to a decision. You furthermore have an unconditional right to forbid that your personal data will be processed for direct marketing purposes.

Right to access your data. You have the right to request a transcript of personal data processed by us, and additional information on how the data have been collected, processed, shared, etc. The first transcript may be requested free of charge, however if you make repeated and unreasonable requests for copies, we might charge you with an administrative fee.

Right to transfer your data. You have the right to transfer your personal data to another controller under certain conditions.

Right to rectification. You have the right to correct inaccurate or incomplete information about yourself. We might also update the same information if we consider that it contains factual errors or is out of date.

Right to erasure. You have the right to request that we delete personal data about you, for example if the data is no longer necessary in relation to the purposes for which it was collected or otherwise processed, or if there is no legal basis for processing the data. Please note that we might have to decline your request if we are legally obliged to keep the information or if the information is necessary to defend against or enforce legal claims.

Right to restriction. You are entitled to request that the processing of your personal data should be limited until inaccurate or incomplete information about you has been corrected, or until an objection from you have been handled.

Right to withdraw your consent. You may at any time withdraw any consent you have given us. However, please note that it will not affect any processing that has already taken place.

Right to complain. You have the right to lodge a complaint to the supervisory authority in the country you live or work in, if you believe that we have not complied with our obligations regarding your personal data. In Sweden the Supervisory Authority is Integritetsskyddsmyndigheten, which also is our lead supervisory authority, and you can find more information at their website: https://www.imy.se/

Please note that if you request restriction or erasure it might affect our abilities to provide our Service to you. Moreover, legal rights or obligations or a legal claim may prevent us from disclosing or transfer all or part of your information, or from deleting or transferring all or part of your information.

Last updated: 2021-07-09