Simployer Group: Privacy policy
What services does the Privacy Policy apply to?
Within the Simployer-group, we process personal data in several contexts. The three main areas are:
- Open websites (such as simployer.no, simployer.se, simployer.com). On these websites, we are the data controller. Information processed about you in this context will be usage data when visiting our websites and information that you submit via forms on our websites. Please refer to the Cookie Policy for how we collect and process usage data on our websites.
- Other online services (including “Faghjelp”/”Servicepaket” and “Læringsportalen”/”Lärandeportalen”). Here we are the data controller. This means that the Privacy Policy below is applicable to how we process personal data about users of the Services. Any specific terms are contained in this Privacy Policy and in the Terms of Use-agreement applicable to the individual service.
- Software as a Service (Simployer HRM). In this situation, your employer is the data controller and we, by the company Simployer Solutions AS, a sister company in the Simployer group, is a data processor. In these cases, your employer's own privacy policy applies. If you would like more information about how your employer processes personal data about you in our software, you must therefore contact the person responsible for this type of information at your employer.
This Privacy Policy applies to websites/services referred to in sections 1 and 2 above, in the further known "Services". For section 3, your employer's privacy policy applies. Simployer AS, org. no. 986 419 454 ("we", "us") is the data controller for personal data processed when you use the Services.
What personal data we process
When you use our Services without logging in, we process information based on cookies. As a general rule we will not be able to associate this information with you as a person unless you log in. You can read further about that in our Cookie Policy.
When you log in to use our Services, we in process the following information
- Name
- Contact details
- Company address/invoicing address
- Customer relationship information
- Your specific preferences, notifications- and communication-settings
- Login information
- Your communication with us
- Other relevant information you may need to provide to us
Why we process this information
We process the data:
- to provide and manage our services to you. The legal basis for this is GDPR Article 6 b (necessary to enter into, and fulfil, an agreement).
- to improve and further develop our services. The legal basis for this is GDPR Article 6 f (necessary to fulfill our legitimate interest in product-development and innovation). When it is possible, we will use anonymous information for this purpose.
- to send or show you newsletters, event invitations and marketing for our services that correspond to those on which our customer relationship is based. The legal basis for this is GDPR Article 6 f (necessary to fulfill our legitimate interest in communicating about our products and offerings). We will be able to adapt such marketing to your choices and our knowledge of you, unless you have asked us to receive only general, non-customized marketing.
- we may also process information about you if you have applied for a job with us, a person has recommended you in a job search process or a job seeker has indicated you as a reference
We may also process information for other purposes if you have consented to it.
We may also process personal data for purposes not incompatible with the original purpose for which it was collected, such as storing for account-purposes, the use of information in connection with the handling of claims and disputes, and in connection with any purchase or sale of our business.
Job seekers
If you apply for a job at Simployer, we need to process information about you in order to assess your application. Simployer uses a job search portal called Jobylon to manage submitted applications.
Information about you can either come to us by choosing to submit it in the form of an application for a specific position or open application, or by us entering contact information about you based on that you have been recommended (you will then be notified by e-mail, and will be able to consent to-, or refuse further processing).
In order to assess submitted information, conduct interviews and call references, the legal basis for processing is Article 6 (1) (b) of the General Data Protection Regulation (GDPR). This provision allows us to process personal data when necessary to take steps at the applicant's request prior to entering into an agreement. By applying for the position and uploading documents, we consider that the job seeker asks us to consider submitted documentation, conduct interviews and call references with an understanding to concluding an employment contract. In other cases, our basis for processing is Article 6 (1) (a) of the General Data Protection Regulation, i.e., your explicit consent, cf. Article 9 (2) (a). You may at any time withdraw your consent.
If we carry out our own inquiries beyond this, such as contacting someone who has issued a diploma or certifications, or adding contact information about you to the system on the basis of a recommendation, the basis for such investigations is Article 6 (1) (f) of the General Data Protection Regulation, which allows us to process information necessary to support a legitimate interest that outweighs the interests of the individual or fundamental rights and freedoms. The legitimate interest is to find the right candidate for the position.
Job applications are stored in our job search system. After you have submitted an application to us or accepted further processing of your application based on that you have first been recommended by others and added to our system, we store information about you for up to 36 months, unless you request that your information be deleted sooner.
For how long do we store information about you?
We store the personal data for as long as necessary to fulfil the purposes for which it was collected. Our criteria for determining how long we store the information are:
- The duration of your customer relationship with us. We will typically store all information for as long as your customer relationship persists, and contact details and information about your customer relationship for up to five years thereafter.
- Some data is subject to statutory storage requirements. For example, we will store transactional information and support-documentation in accordance with the relevant Accounting Act.
- We may store and use anonymized information regardless of the above storage/deletion criteria. You can ask us to delete your personal data at any time.
You do this by contacting our Customer Center or via functionality for deletion in the individual service.
Disclosure of information to third parties
We do not share information about you with outside third parties.
Use of subprocessors
We only process and transfer information about you to our subprocessors to the extent necessary for them to provide their services to us. We have data processing agreements in place with all subcontractors to ensure proper processing of the data.
We may share customer-information with other companies within our company-group for internal administrative purposes, such as analysis, reporting and customer administration.
Your rights
You have several rights under the privacy regulation, GDPR. An overview of these follows below. Please contact us if you wish to exercise your rights. We will respond to your inquiry as soon as possible, and within one month at the latest. Please note that certain conditions and exceptions to these rights apply.
Access: You have the right to access what personal data we have registered about you.
Correction or erasure (deletion): You have the right to ask us to correct erroneous information about you and to ask us to delete personal information about you.
Limitation (of processing): You have the right to ask us to stop ("freeze") the processing of your personal data, i.e. where you believe that we are processing personal data about you unlawfully and you do not want us to delete such data in accordance with our deletion procedures until this is clarified.
Data Portability: Where we process information about you based on consent or agreement, you have the right to request that personal data about you is transferred in a standard, machine-readable format.
Object: You have the right to object to our processing of personal data about you if your special situation requires it. You may also object to our use of your information for marketing purposes, which you can do, using the link included in each marketing email (to “unsubscribe” for such mailings and use).
Complaint to the Norwegian Data Protection Authority: If you believe that we have not complied with your rights under the applicable privacy regulation, you have the right to complain to the Norwegian Data Protection Authority. We will appreciate if you contact us first so that we can clear up any misunderstandings.
Changes to the Privacy Policy
We will update this Privacy Policy if necessary. You will always find the latest version of our Privacy Policy on our website.
Contact information
Phone +47 69 97 17 00
[email protected]
Simployer AS, Kalnesveien 5, 1712 Grålum
If you have any questions about how we handle your privacy or about this Privacy Policy, please contact our Data Protection Officer at [email protected] or send regular mail to Simployer AS, Att: Data Protection Officer – Morten Lier Svendsen, Kalnesveien 5, 1712 Grålum.