Privacy Policy

We at Jobylon AB (“Jobylon”) are committed to protecting and respecting your privacy. This policy describes how we, as a data controller, collect and use personal data about our potential, current and former customers, suppliers and business partners including your rights regarding your personal data.

Please do not hesitate to reach out to us if you have any questions or comments regarding your personal data or this privacy policy. You can also reach us by sending an email to privacy@jobylon.com or contact us at Jobylon AB, Sankt Eriksgatan 63B, 112 34, Stockholm, Sverige.

If you wish to enforce your rights or otherwise contact our privacy team, you can reach us by sending an email to privacy@jobylon.com. If you wish to specifically talk to our data protection officer, send an email to dpo@jobylon.com.

The recruiting tool Jobylon (the “Service”) is provided by Jobylon, which also is responsible for the processing of your personal data as described herein, as a data controller.

This privacy policy may be updated to reflect changes in our collection and use of your personal data. You will be informed of any significant changes (e.g. by email, in the Service or at our website), but we also recommend that you review this privacy policy from time to time to ensure that you are aware of any amendments.

If you are seeking a job at a company that uses our Service, we process your personal data as a data processor, meaning on behalf of and according to instructions from our customer. That processing is not included in this privacy policy since this policy describes the processing we do as a data controller. Therefore, “you” hereinafter refers to you who visits our website, uses the Service or otherwise is in contact with us, e.g. as an attendee at an event or as a representative of a company. The “Company” refers to the legal entity which you are representing as an employee, consultant or similar.

 

PERSONAL DATA THAT WE PROCESS

• Contact details. E.g. your name, email address, telephone number and postal address.
• Company-related data. This means information regarding the company you work for, including company name, job title, workplace and sometimes information regarding your right to represent your company. This applies when you are in contact with us in the role of company representative.
• Personal identification number. If you are a sole trader, we will process your personal identification number as it is the same as your company registration number.
• Communications data. We will collect and store your communication with us, and any information provided to us in such communication, for example if you fill in open comment-fields or use the chat-function on our website or in the Service or when otherwise contacting us. 
  
  To be able to provide you as a visitor of our website with an easy channel for contacting us and to provide an excellent customer support for the users of the Service we use a chat interface that provides us with additional information about previous contacts between us, and browser data such as, time zone and language-preferences when you contact us via the chat-function. 
• Billing data. If you are a sole trader, we will process the personal data needed to invoice you or handle an invoice from you. Otherwise, we may if necessary, put you as a billing reference.
• Technical, statistical and behavioral data.We will, depending on the consent you give us, collect technical, statistical and behavioral data from your computer (or mobile device) in connection with your use of our websites, other connected websites and/or our Services such as IP address, browser type and version, session behavior, traffic source, screen resolution, preferred language, geographic location, operating system and computer platform.
• Survey data. If you are a customer to Jobylon, we may contact you to participate in online customer satisfaction surveys. If you decide to participate, you may be asked to provide certain information which may include personal information. 

• Sensitive data. We will only process sensitive data about you if you provide us with such information and only to the extent necessary and justified, e.g. if you provide us with information regarding your allergies or other health data for an event we host.

ONLY APPLICABLE TO OUR CUSTOMERS THAT USE THE SERVICE:

• User activity logs. We save information about your activity in the Service in order to analyze users’ use of the Service for improving the Service, but also to enable customer support.

• User account data. Your username and e-mail address will be processed to provide you with the Service. Furthermore, you will have the opportunity to provide us with your profile picture and phone number. This information enables us to auto-fill some of the fields of information when you create a new job ad.

 

HOW WE GATHER YOUR PERSONAL DATA

Information you give to us. Most of the information we process about you is received from you. You may directly or indirectly give us information about yourself in different ways, for example when you contact us to request a demo of the Service, subscribe to our publications and/or newsletters, register for and/or attend our events or use the Service. You can always choose not to provide us with certain information. However, some personal data is necessary in order for us to provide you with the service you have requested. Not providing such personal data may prevent us from performing what you expect from us.

Information we collect about you.We may also obtain personal data about you from your employer, the website of your employer and external sources such as LinkedIn or our business partners. If you are invited to the Service by your Company, the Company will provide us with your name and e-mail address in order for us to set up your account and send an invitation.We will furthermore automatically receive information and statistics about your use of the website and/or the Service.

 

PURPOSES OF PROCESSING AND LEGAL GROUNDS

Communication. Your contact details will be used to communicate with you. This processing can either be necessary for us under our contract with you or your employer or for our legitimate interest in effective communication with our customers, potential customers, suppliers and business partners.

Sending you requested information. Your contact details will be used to send you the information you have requested from us, e.g. if you have signed up for a subscription, our newsletter or a publication such as an e-book, based on our legitimate interest in being able to provide you with the requested information.

Marketing. Your personal data may, depending on our relationship, be used to market our services, e.g. to contact you on LinkedIn or sending information about our different services, products and events that is relevant for you. This processing is based on our legitimate interest in being able to market our services to potential, existing and former customers.

If you have registered for our newsletter, a subscription, publication, or an event, we use your information to, besides providing the content you have requested, if relevant, to contact you, tell you about our other publications, the Service or just keep you up to date with what’s going on with us, our products, services and events. This processing is based on our legitimate interest in being able to market us, but only to those who have shown an interest in us.

If you have signed up for an event or similar such as a publication that we host or create together with a business partner, we may also share your contact details with that relevant partner to deliver the requested content, and for both of us to be able to contact you with offers, content and other information that is deemed relevant for you based on our legitimate interest in delivering requested content as well as offers and similar that we deem of interest to you (as you have shown an interest in us and the business partner).

If you do not wish to receive any direct marketing from us, you can opt out at any time by clicking the unsubscribe button in our email or contact us directly at privacy@jobylon.com.

Information collected from cookies and similar technologies when you visit our websites, other connected websites and/or use our Services will be used to market Jobylon and our offerings through for example re-targeting, showing you relevant product recommendations, ads and offerings on different social media platforms (e.g. Facebook/LinkedIn), in accordance with the consent you have given us for cookies.

Administering events. We will, for our legitimate interest in being able to host events for our current, former and potential customers, invite you to an event and subsequently process the personal data necessary to plan and administer that event. Generally, the categories of personal data involved are your contact details, company data and - if we serve food - food preferences and/or allergies. If you provide us with any health data such data will be processed based on your consent.

Improving our offerings, services and marketing. If you have given us your consent for analytical cookies, we will use the information collected from those cookies to improve our offerings, services and marketing efforts.

Identification of you and your company, if you are a sole trader. We process your personal identification number as a part of the information we keep about your company and to identify you as the representative of such company. This is necessary for the identification process and for our legitimate interest of being able to identify our customers, suppliers and business partners.

Fulfillment of legal obligations. Jobylon are obligated to follow Swedish law. This means that your personal data will be processed to the extent necessary for us to fulfil our legal obligations, for example with regard to tax and book-keeping rules.

Protection of our legitimate business interests and legal rights. We will use information about you where we believe it is necessary to protect and enforce our legal rights, interests and the interests of others, for example in connection with legal claims, compliance, regulatory and audit functions.

Merger or acquisition. In connection with, due to strategical or business-oriented reasons, a potential merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company, the personal data we retain about you may be processed, shared or transferred, to parties involved in the process. This processing is based on our legitimate interest of being able to develop our business.

Publish customer reviews. If you are one of our customers, we might contact you asking for your consent to publish a customer review by you for the purpose of marketing our services. The contact is made in our legitimate interest in being able to ask you for a review, however the review is based on your consent.

Billing. If you or your employer have ordered services from us or we have bought services from you, your personal data may be used for billing purposes. This includes having you as an invoice-reference. This processing is necessary and is based on our legitimate interest of being able to bill our customers under the agreement we have entered into with your company.

Administration of our agreements. If you are our customer, personal data will be processed when we enter into and during the agreements with you or your employer. This is necessary for us to be able to enter into and fulfil agreements with you or your employer and for our legitimate interest in being able to enter into and fulfil different types of agreements and to have a contact person in connection with the agreement.

Other processing based on your consent. Your personal data may be used for other purposes than stated above if you ask us to or you give us your consent.

 

ONLY APPLICABLE TO OUR CUSTOMERS THAT USE THE SERVICE:

Providing the Service. If your Company is our customer, we will process your personal data to manage our customer relationship and to provide you with our Service. This is necessary for our legitimate interest to uphold our obligations according to the contract we have entered into with you or your employer. This includes the processing that we do to provide functions in the Service that you have requested, e.g. synching your email account and/or calendar.

Notwithstanding anything else in this Privacy Policy, if you provide the Service access to e.g. your Google data, the Service’s use of that data will be subject to these additional restrictions:

• The Service will only use access to read, write, modify or control message bodies (including attachments), metadata, headers, and settings to provide a web email client that allows users to compose, send, read, and process emails and will not transfer this data to others unless doing so is necessary to provide and improve these features, comply with applicable law, or as part of a merger, acquisition, or sale of assets.
• The Service will not use this data for serving advertisements.
• The Service will not allow humans to read this data unless we have your affirmative agreement for specific messages, doing so is necessary for security purposes such as investigating abuse, to comply with applicable law, or for the Service’s internal operations and even then only when the data have been aggregated and anonymized.

Customer surveys. Your contact information may be used to conduct customer surveys, e.g. about Jobylon and the Service. We will contact you based on our legitimate interest in improving our business and services. Participation is however voluntary and in case personal data is included in your answers, we process such personal data based on your consent.

Creating aggregated statistics. Your personal data may be processed to create aggregated statistics meaning the information will no longer be identifiable. This processing is based on our legitimate interest in being able to have statistics as a base for developing and improving our business and services. 

 

HOW WE SHARE YOUR PERSONAL DATA

Sometimes, we need to share your personal information with other trusted individuals and companies. Your personal information is shared with:

External consultants. Your personal data will, when appropriate, be shared with some of our consultants. However, we will restrict access to those of our consultants who need it to perform their jobs, for example to provide us with legal advice. Our consultants are of course subject to strict confidentiality. 

Other users of the Service within your Company.

Facebook, Twitter and/or LinkedIn. For further information on how each of these third parties process your personal data, please read their respective privacy information.

Our service providers. We share your personal data with our suppliers and subcontractors who help us with providing the Service or supply other services to us which require the processing of personal data. The services include marketing services, analytics services, providing and facilitating the Service,services that handle technical support and maintenance of our IT-solutions such as hosting data.

We provide personal data to third parties solely for the purpose of delivering our Service and to manage our daily operations including marketing. Our suppliers and subcontractors are not authorized by us to use or disclose your personal data except as necessary to perform services on our behalf or to comply with legal requirements. 

Our business partners, if you have shown an interest in an event/offering/publication or similar that we have e.g. co-hosted or co-created. We may share the contact details of e.g. attendees at an event with the relevant business partner that has co-hosted that event. That business partner will be a separate data controller, thus we recommend that you read their privacy policy/notice as well (most commonly found in the applicable form e.g. for signing up or downloading).

If you explicitly request us to sync your email- and/or calendar account to the Service, we will access your email and/or calendar data. However, we will only access that data to read, write, modify or control message bodies (including attachments), metadata, headers, and settings to provide a web email client that allows us to compose, send, read, and process emails. We will not transfer this data to others unless doing so is necessary to provide and improve these features, comply with applicable law, or as part of a merger, acquisition, or sale of assets. We will not use this data for marketing purposes. We will furthermore not allow any employees or consultants with Jobylon to access your email and/or calendar data unless we have your consent for specific messages, it is necessary for security purposes, it is necessary for us to comply with applicable laws or for our internal operations (after your data has been aggregated and anonymized).

Public authorities and other actors.  We may need to provide necessary information to parties who, by law, have the right to receive information about you, e.g. Police, Tax Authorities and courts. 

Parties involved in a legal proceeding. Your personal data may be shared if necessary with parties involved in a legal proceeding, such as lawyers. 

Parties involved in an acquisition, merger, or sale of business. We may, for strategic or commercial reasons, decide to sell or transfer all or parts of the company in the future. As part of a transaction, your personal information may need to be shared with parties involved in the transaction.

Other parties. We may also disclose your personal data to other companies, organizations or persons with your consent.

 

WHERE WE PROCESS YOUR PERSONAL DATA

We always strive to process your personal data strictly within the EU/EEA, however in certain cases there may be a risk of a transfer outside of the EU/EEA. As the privacy laws may not be the same as in the EU/EEA we will do everything we can to protect your data. We select our service providers carefully and take all the necessary steps to ensure that your personal data is processed with adequate safeguards in place in accordance with the GDPR. We always have a transfer mechanism in place, such as the EU Commission Standard Contractual Clauses or ensure that the service provider is established in a country that the EU Commission has deemed has adequate privacy protection, together with the necessary risk assessments and additional security measures where necessary.

Please contact us if you want information about the applicable countries and safeguards in specific cases.

 

THE RETENTION TIME FOR YOUR PERSONAL DATA

We keep your personal data only as long as necessary to fulfil the purposes for which it was collected. How long depends on the type of information and why we process it. We regularly review our need to keep data, taking into account applicable legislation.

If you are a user of the Service, your personal data will be stored in the Service for as long as you keep your user account. Upon termination of the account your data might be stored up until one (1) month after termination due to technical reasons.

Personal data processed on the basis of your consent (e.g. sensitive data), will be deleted when your consent is withdrawn or upon expiry of the purpose for which your consent was given.

Moreover, we store data to the extent we believe it is necessary to protect our legal rights, legitimate interests and the interests of others. Your data may also be stored for a longer period if required by applicable statutory retention periods (e.g. for tax and/or book-keeping purposes and applicable statutory retention periods).

 

YOUR RIGHTS

Right to object. You have right to object to processing based on legitimate interest. This means that we may no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests. You can always contact us for more information on the balance test that has been made. Upon an objection we might have to investigate the situation further prior to a decision. You furthermore have an unconditional right to forbid that your personal data will be processed for direct marketing purposes.

Right to access your data. You have the right to request a transcript of personal data processed by us, and additional information on how the data have been collected, processed, shared, etc. The first transcript may be requested free of charge, however if you make repeated and unreasonable requests for copies, we might charge you with an administrative fee. 

Right to transfer your data. You have the right to transfer your personal data to another controller under certain conditions.

Right to rectification. You have the right to correct inaccurate or incomplete information about yourself. We might also update the same information if we consider that it contains factual errors or is out of date.

Right to erasure. You have the right to request that we delete personal data about you, for example if the data is no longer necessary in relation to the purposes for which it was collected or otherwise processed, or if there is no legal basis for processing the data. Please note that we might have to decline your request if we are legally obliged to keep the information or if the information is necessary to defend against or enforce legal claims.

Right to restriction. You are entitled to request that the processing of your personal data should be limited until inaccurate or incomplete information about you has been corrected, or until an objection from you have been handled.

Right to withdraw your consent. You may at any time withdraw any consent you have given us. However, please note that it will not affect any processing that has already taken place. 

Right to complain. You have the right to lodge a complaint to the supervisory authority in the country you live or work in, if you believe that we have not complied with our obligations regarding your personal data. In Sweden the Supervisory Authority is Integritetsskyddsmyndigheten, which also is our lead supervisory authority, and you can find more information at their website: https://www.imy.se/ 

Please note that if you request restriction or erasure it might affect our abilities to provide our Service to you. Moreover, legal rights or obligations or a legal claim may prevent us from disclosing or transfer all or part of your information, or from deleting or transferring all or part of your information. 

Last updated: 2022-02-25