Last updated: 24 November 2022

We Selects Privacy Policy

Why and for whom?

At The We Select Company AB, company registration number 556841-1671, ("We Select","we","us","our") we care about personal privacy. This means that we respect and safeguard your privacy and your right to control and transparency in the processing of your Personal Data.

This Privacy Policy (the"Policy") applies to the processing operations for which We Select is the Controller. The Policy describes in general terms the purposes for which we need your Personal Data, the legal basis on which we rely and the measures we take to protect Personal Data. We also provide information on how you can exercise the rights you have in relation to our processing of your Personal Data.

The Policy sets out our treatment of Personal Data where you communicate with us, use the Service or visit our weselect.com website (together"Features").

‍

Definitions

"Processing"of Personal Data means anything that can be done with Personal Data, such as storing, modifying, reading, transmitting, etc.

"Applicable law" means the law applicable to the processing of Personal Data including the General Data Protection Regulation (GDPR), complementary national legislation, as well as practices, guidance and recommendations issued by a national or European supervisory authority.

"Personal data" is any information that can be linked to an identifiable, living person.

"Controller" means the company/organisation that determines the purposes for which and the manner in which Personal Data is processed and is therefore also responsible for ensuring that Personal Data is processed in accordance with Applicable Law.

"Processor" means the company/organisation that processes Personal Data on behalf of the Controller and may therefore only process the Personal Data in accordance with the Controller's instructions and Applicable Law.

"Data Subject" means the living, natural person whose Personal Data is processed.

The "Service" is a service for managing candidates and marketing to potential candidates.

‍

We Select's data protection responsibilities

The information in this Policy covers the Processing of Personal Data for which We Select is the Controller, i.e. the Processing for which we determine the purpose (why a processing is done) and means (in what way, what personal data, for how long, etc.). The Policy does not describe how we process Personal Data in our role as a Data Processor - that is, when we process Personal Data on behalf of our customers.

VI provides an advertising and platform service to attract talent and manage candidates for recruitment. We therefore need to process your personal data in order to handle your application. We may also use your personal data for marketing purposes through recruitment advertising.

‍

We Select's processing of personal data

We have a responsibility to describe and demonstrate how we meet the requirements placed on us when processing your Personal Data. This section aims to give you an understanding of the types of Personal Data we process about you and for what purposes.

‍

Recorded and storage time

  • Users of the Service
    Users' personal data will be stored for the duration of their use of the Service and for the performance of legal obligations such as dealing with alleged errors in the Service.

Cookies

Personal data of visitors to our website will be processed in accordance with our cookie policy.
We Select uses cookies and similar tracking technologies to, among other things, analyse how Features are used so that we can provide you with the very best user experience. For more information on how we use cookies, please see our Cookie Policy (https://www.weselect.com/legal/cookie-policy).

‍

Processing and purposes

The main purpose of the personal data processing we carry out is to provide, perform and improve our services to you. There are several reasons why we may need to collect, process and store your data.

We mainly process personal data for the following purposes:

  • Contact and identification details to confirm your identity, verify your details and communicate with you
  • Information about your use of the service or product in order to improve your customer experience
  • Contact details for marketing recruitment ads

‍

How do we access your personal data?

We collect your personal data in a number of ways. We primarily access your personal data:

  • By providing us with your personal data yourself

‍

Legal grounds

In order for us to process your personal data, we must have a legal basis for the respective processing. In our operations, we process your personal data mainly on the following grounds:

Contracts - The processing is necessary for us to perform obligations under a contract between us or to prepare to enter into a contract with the Data Subject.

Balancing of interests - We Select may process personal data if we consider that there is a legitimate interest that outweighs the protection of the privacy of the Data Subject and if the Processing is necessary for the purpose in question, e.g. in direct marketing.

If you would like further information about the legal basis(s) on which we process your personal data, you always have the right to request a so-called register extract. Read more under "How to use your rights" below.

‍

Your rights

You are the controller of your Personal Data. We always strive to ensure that you can exercise your rights as effectively and smoothly as possible.

Access - You always have the right to obtain information about the Personal Data processing operations that concern you in a so-called register extract. The register extract shows, among other things, which of your personal data we have stored and for what purposes and on what legal basis. We only disclose data if we have been able to ensure that it is actually you who is asking for the data.

Rectification - If you discover that the Personal Data we are processing about you is incorrect, please contact us and we will fix it!

Erasure - Do you want us to forget you completely? You have the right to request erasure of your Personal Data when it is no longer necessary for the purpose for which it was collected. If we are required to keep your data by law or a contract we have entered into with you, we will ensure that it is only processed for the specific purpose set out in the law or contract. We will then ensure that the data is deleted as soon as possible.

Objection - Do you disagree with us that our interest in processing your Personal Data outweighs your interest in privacy protection? Don't worry - if so, we'll review our balance of interests and make sure it still holds. We will, of course, take your objection into account when we reassess to evaluate whether we can still justify our Processing of your Personal Data. If you object to direct marketing, we will remove your Personal Data immediately without reviewing our assessment.

Restriction - You can also ask us to restrict our processing of your data:

  • While we are processing a request from you for any of your other rights.
  • If, instead of requesting erasure, you would like us to indicate that the data will not be processed for a particular purpose. For example, if you do not want us to send you advertising in the future, we still need to keep your name to know that we will not contact you.
  • Where we no longer need the data for the purpose for which it was collected, provided you do not have an interest in us retaining the data to pursue a legal claim.

Data portability - We may provide you with the data you have provided to us or that we have received from you in connection with entering into a contract with you. You will receive your data in a commonly used and machine-readable format that you can then take with you to another Data Controller.

Withdraw consent - If you have consented to one or more specific processing operations of your Personal Data, you have the right to withdraw your consent at any time and thereby ask us to cease the Processing immediately. Please note that you can only withdraw your consent for future Processing(s) of Personal Data and not for any Processing that has already taken place.

‍

How to use your rights

Contact us at support@weselect.com and we will help you.

‍

Transfer of Personal Data

In order to carry out our activities, we use the services of others who process Personal Data on our behalf, known as Processors.
We always aim to process Personal Data within the EU/EEA but have Processors in the following countries outside the EU/EEA

  • the United States, to which we transfer personal data under the EU Commission's standard contractual clauses for third country transfers.

We have entered into Personal Data Processing Agreements (PDPAs) with all our Processors. The PUB Agreement governs how the Processor may process the Personal Data and the security measures required for the processing of the Personal Data.

We may also need to disclose your Personal Data to certain designated authorities in order to comply with legal obligations or governmental orders.

‍

Our categories of Processors

Below are the categories of recipients with whom we may share your data.

  • IT providers for business systems and case management, for example. In order to carry out our assignments and services, we store your data in our business systems (a system that manages our customers and contacts).
  • Systems to conduct customer analysis and produce statistics to contribute to industry statistics and to improve the customer experience.

Security

We Select has put in place technical and organisational measures to ensure that your personal data is processed securely and that it is protected from loss, misuse and unauthorised or unauthorised access.

‍

Our security measures

Organisational security measures are measures that are implemented in working practices and procedures within the organisation. Our organisational security measures are:

  • Internal governance documents (policies/instructions)
  • Login and password management
  • Information Security Policy
  • Physical security (premises, etc.)

Technical security measures are measures implemented through technical solutions. Our technical security measures are:

  • Encryption
  • Pseudonymisation
  • Access list
  • Secure network
  • Firewall
  • Backup
  • Regular check of safety level

‍

If we don't keep our promises

If you feel that we are processing your Personal Data incorrectly, even after you have alerted us, you always have the right to lodge your complaint with the Privacy Authority.

More information about our obligations and your rights can be found on the Privacy Authority's website(https://www.imy.se/). You can also contact the Authority at imy@imy.se.

‍

Changes to this policy

We reserve the right to make changes to this Policy. Where the change affects our obligations or your rights, we will provide advance notice of the changes so that you have an opportunity to review the updated Policy.

‍

Contact information

We have appointed a Data Protection Officer who can answer questions about your rights and other issues relating to how we process your personal data.

Contact details for We Select's Data Protection Officer:
Rickard RydstrΓΆm
rickard.rydstrom@weselect.com

‍

Purpose of the processing

Legal basis

Identification of potential candidates

Legitimate interest

Collection of statements from references

Legitimate interest

Sale of recruitment services

Legitimate interest

Implementing and evaluating personality and skills

Legitimate interest

Performing and offering services in the We Select candidate portal

Performance of contracts, consent

Accounting obligation

Fulfilling a legal obligation

Introducing candidates to clients and other services

Performance of contract, legitimate interest

Responding to individual requests and demands

Legitimate interest

Keeping statistics for audience optimization

Legitimate interest

Manage any disputes or cases regarding alleged discrimination

Legal obligation