The service for handling recruitments and simplifying the hiring process is powered by Teamtailor on behalf of NA-KD ("Controller”).
NAKDCOM ONE WORLD AB is committed to respecting and protecting your privacy. Our goal is to be clear about what information we collect and how we use and protect your personal information.
We truly hope that you will take time to read it through as we have no other goal but to maintaining your privacy. Please remember that you can manage your information and protect your privacy anytime by, for instance, viewing and editing your information in your account or controlling what kind of cookies are used when you visit our website.
A LITTLE REMINDER ABOUT NA-KD
LAWS AND REGULATIONS
The information we gather, use and process are collected in accordance with:
- The Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, or “GDPR”)
- The Swedish Data Protection Act (Personuppgiftslag 1998:204).
This Policy is based on the following principles:
- Personal data shall be processed lawfully, fairly and transparently;
- Personal data shall only be collected for specific, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes;
- Personal data shall be adequate, relevant and limited to what is necessary for processing;
- Personal data shall be accurate and, where necessary, kept up to date with every effort to erase or rectify without delay;
- Personal data shall be kept in a form such that the data subject can be identified only as long as is necessary for processing;
- Personal data shall be processed in a manner that ensures the appropriate security;
- Personal data shall not be shared with third parties except when necessary in order for them to provide services upon agreement;
- Data subjects must easily exercise their rights.
WHAT PERSONAL INFORMATION ARE COLLECTED?
Personal information is data that can be used to identify or contact you.
Under the EU’s General Data Protection Regulation (GDPR) personal data is defined as: “any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.
If we do collect personal data, we will nevertheless never collect sensitive personal data about you. The EU’s General Data Protection Regulation (GDPR) defines sensitive personal data as “categories of personal data related to racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning health or data concerning a natural person's sex life or sexual orientation.”
When you use our career platform, we may gather various information. In any event, we are committed to ensuring that the information we receive and use are appropriate for the below purposes.
When and how we collect personal data
We collect personal data about when you:
- make an application through the platform or otherwise, adding personal data about yourself either personally or by using a third-party source such as Facebook or LinkedIn; and
- use the platform to connect with our staff, adding personal data about yourself either personally or by using a third-party source such as Facebook or LinkedIn.
- provides identifiable data in the chat (provided through the platform) and such data is of relevance to the application procedure;
We collect data from third parties, such as Facebook, Linkedin and through other public sources. This is referred to as “Sourcing” and be manually performed by our employees or automatically in the Platform.
The types of personal data collected and processed
The categories of personal data that can be collected through the platform can be used to identify natural persons from names, e-mails, phone number, CV, cover letter, pictures and videos, information from Facebook and LinkedIn-accounts, answers to questions asked through the recruiting, titles, education and other information that the applicant or others have provided through the platform. Only data that is relevant for the recruitment process is collected and processed.
Purpose and lawfulness of processing
The purpose of the collecting and processing of personal data is to manage recruitment. The lawfulness of the processing of personal data is our legitimate interest to simplify, facilitate recruitment and hire the most suited applicant.
Personal data that is processed with the purpose of aggregated analysis or market research is always made unidentifiable. Such personal data cannot be used to identify a certain User. Thus, such data is not considered personal data.
Consent of the data subject
You consent to the processing of its personal data with the purpose of Controller’s handling recruiting. You consent that personal data is collected through the platform, when you;
- make an application through the platform, adding personal data about tyourself either personally or by using a third-party source as Facebook or LinkedIn, and that Controller may use external sourcing-tools to add additional information; and
- when you use the platform to connect to Controller’s recruitment department, adding personal data about yourself either personally or by using a third-party source such as Facebook or LinkedIn.
You also consent to the Controller collecting publicly available information about you and compiles them for use in recruitment purposes.
*When we rely on the ‘legitimate interests’ condition, NA-KD will always meet the following requirements:
- We must process the information for the purposes of our legitimate interests or for those of a third party to whom we disclose it;
- The above interests must be balances against your interests. The “legitimate interests” condition will not be met if the processing is unwarranted because of its prejudicial effect on your rights and freedoms, or legitimate interests. NA-KD’s legitimate interests do not need to be in harmony with those of the individual for the condition to be met. However, where there is a serious mismatch between competing interests, your legitimate interests will always come first.
SHARING YOUR INFORMATION
We will never sell your personal data to any third party.
However, we may share your personal information with companies who are experts in their field and assist us in operating the website, conducting our business or servicing you.
Do not worry though! Each of our service providers have been selected by us for their ability to provide the particular services needed, including their ability to handle your personal information. All those providers provide sufficient guarantees to implement the technical and organizational measures necessary to meet the requirements of the GDPR and our own.
We share your personal information in the following cases:
- To any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries;
- In the event that we sell or buy any business or assets, data may be disclosed to the prospective seller or buyer of such business or assets;
- If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms and conditions and other agreements; or to protect the rights, property, or safety of NA-KD, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction;
- If we are processing it on behalf of a customer;
- To our contractors and sub-contractors, acting as our Processors and Sub-Processors in accordance with our instructions
- authorities or legal advisors in case criminal or improper behavior is suspected.
TRANSFERS OF YOUR INFORMATION OUTSIDE THE EUROPEAN ECONOMIC AREA
Where a third-party provider is located outside the European Economic Area, we will always ensure that the transfer of personal data will be protected by appropriate safeguards, namely the use of standard data protection clauses adopted or approved by the European Commission where the data protection authority does not believe that the third country has adequate data protection laws or with companies that are Privacy Shield Certified.
WHAT ARE YOUR RIGHTS?
At any point while we are in possession of or processing your personal data, your rights are as follows:
You have the right to request information about the personal data that is processed by us, by notifying in writing, us using the contact details below. You have the right to one (1) copy of the processed personal data which belongs to you without any charge. For further demanded copies, Controller has a right to charge a reasonable fee on the basis of the administrative costs for such demand.
You have the right to, if necessary, rectification of inaccurate personal data concerning that you, via a written request, use the contact details below.
You have the right to demand deletion or restriction of processing, and the right to object to processing based on legitimate interest under certain circumstances.
You have the right to revoke any consent to processing that has been given by you to the Controller. Using this right may however, mean that you cannot apply for a specific job or otherwise use the platform.
You have under certain circumstances a right to data portability, which means a right to get the personal data and transfer these to another controller as long as this does not negatively affect the rights and freedoms of others.
You have the right to lodge a complaint to the supervisory authority regarding the processing of personal data relating to him or her, if you consider that the processing of personal data infringes the legal framework of privacy law.
To access what personal information is held: identification will be required.
Where you request access to your information, we are required to use all reasonable measures to verify your identity before doing so. These measures only exist to protect your information and to reduce risk of identity fraud, theft or unauthorized access to your information.
We therefore kindly ask you to send us original or certified copies of the following documentation: passport, identity card, birth certificate or driving licence. One of those above documents is required in order to request personal information.
We will endeavour to respond within one month. If you want to exercise one of the above rights, please contact us using the contact details provided below.
HOW LONG DO WE KEEP YOUR INFORMATION?
We will hold your personal data for as long as you are you have an account and for as long as is necessary to comply with our legal/ regulatory obligations, resolve disputes, prevent fraud and abuse or enforce our terms and conditions.
When we no longer need to retain your personal data, it will be deleted or be anonymised so that you can no longer be identified from it.
We securely destroy all financial information once we have used it and no longer need it.
HOW YOUR PERSONAL INFORMATION IS SECURED?
However, transfers of information over the internet and mobile networks can never occur without any risk, so all transfers are made on the own risk of the person transferring the data. It is important that you also take responsibility to ensure that your data is protected. It is your responsibility that yourlogin information is kept secret
COOKIES AND SIMILAR TECHNOLOGIES
LINKS TO OTHER WEBSITES OR SOCIAL MEDIA
HOW TO CONTACT US