In this Privacy Policy, we explain how Teamtailor processes your personal data if you:
On behalf of a Teamtailor customer use a service provided by Teamtailor, i.e. either i) our ATS and employer branding services; or ii) Aboard HR (each a “Service”, and you a “User”).
Otherwise represent a Teamtailor customer in relation to Teamtailor, for example by signing the agreement between Teamtailor and our customer (“Customer’s Contact Person”).
Represent a company that Teamtailor has identified as a potential customer (“Potential User”).
Represent a company that is Teamtailor’s supplier or partner when providing a service (“Partner’s Contact Person”).
Contact Teamtailor, for example via our website or our customer support, but don’t belong to any of the groups listed above (“Other Contact Person”).
This Privacy Policy also describes what rights you have, and how you can exercise these rights.
If your personal data has been collected by a company that uses Teamtailor’s Service, i.e. you are a (prospective) candidate of that company, this privacy policy does not describe or apply to the company’s processing of your personal data. To get information about how the company processes your personal data, you can visit the company’s career site. There, you will find a Data & Privacy section, and their privacy policy for employer branding and recruitment purposes.
If your personal data has been collected by Teamtailor in the context that you are a (prospective) candidate for Teamtailor, this privacy policy does not describe or apply to our processing of your personal data. To get information about how we process your personal data as a (prospective) candidate, you can visit our career site, where you will find a Data & Privacy section, and our privacy policy for employer branding and recruitment purposes.
When we mention "Teamtailor", "we" or "us", we are referring to Teamtailor AB, Östgötagatan 16, 11621 Stockholm, Sweden, registered with the Swedish Companies Registration Office under company number 556936-6668.
1. About processing of personal data
Personal data is all information that can be directly or indirectly linked to a living, physical person. Examples of personal data are: name, email address, telephone number and IP address. Processing of personal data is any automated use of personal data - such as collecting, creating, analyzing, sharing, and deleting personal data.
There are laws and regulations on how companies may process personal data, so-called data protection laws. Different data protection laws apply to different types of use of personal data, and in different parts of the world. An important example of a data protection law that is relevant for Teamtailor’s use of your personal data, as described in this Privacy Policy, is the EU Data Protection Regulation (2016/679, GDPR).
Most obligations under data protection laws apply to the so-called data controller. A data controller is the entity that decides for which purposes personal data will be processed, and how the processing will be executed. The data controller can use a so-called data processor. A data processor is an entity that may only process personal data based on instructions from the data controller, and may not use the personal data for its own purposes.
2. Is Teamtailor a data controller or data processor?
Users
Teamtailor processes personal data about Users both as a data processor and as a data controller.
When the company you represent signs up for and lets you use a Service, the company is the data controller for the processing of personal data that happens in the Service. Teamtailor acts as its data processor. Teamtailor acts as its data processor. To get information about how the company you represent handles your personal data when you use a Service, or to exercise your rights, please contact your employer.
However, when the company you represent signs up for and uses a Service, Teamtailor also collects a limited amount of personal data about you, and uses it for its own purposes. When doing so, we act as a data controller. This use of your personal data is what’s described in this Privacy Policy.
2.2 All other groups
Teamtailor processes a limited amount of personal data about the other groups of individuals listed above. When doing so, we act as a data controller. This use of your personal data is what’s described in this privacy policy.
3. What personal data do we process?
Contact and identification data - Such as name, title, gender, company email address, company mobile phone number.
Company-related data - information about the company you work for and its agreement with Teamtailor, such as company name, information about your right to represent your company, financial and billing data.
Technical and statistical data - we will collect technical and statistical data from the Service and our websites, such as IP address and information about your activity in the Service.
Device information - we will collect technical and statistical data from your computer (or mobile device) in connection with your use of our websites, such as IP address, browser type and version, session behaviour, traffic source, screen resolution, preferred language, geographic location, operating system and similar information about your device and device settings/usage.
Your communication with Teamtailor - such as your input in forms on our website, chat conversations, email communication with our contact persons and customer support. If you provide us with or publish a review of the Service, and give us the right to use it, this is also considered part of your communication with Teamtailor.
4. Where do we receive your personal data from?
4.1 All groups
You. A large part of the information we process about you we receive from you. You may give us information about yourself in different ways, for example when you use the Service, attend an event, contact us for a demo of the Service or contact our customer support. You can always choose not to provide us with your information. However, in that case, we aren’t able to support you on some things, like provide a demo, invite you to an event or answer your support question.
The company you represent, for example to allow you to use the Service, to enter into the agreement with Teamtailor, or enable billing.
Social media and other public information, such as your public LinkedIn profile, and other media where you publish a public customer review of the Service.
4.2 Potential Users only
Our business partners, who send us your information as they know that you are, or believe you may be, interested in using the Service.
Lead generation services, who collect your contact details from public sources.
If you want more information about which exact sources we have received your personal data from, you can always contact us. You will find our contact details in Section 10 below.
5. What do we use your personal data for, on what legal basis, and for how long?
The sections below describe:
For what purpose(s) we use your personal data.
What categories of personal data we use for each purpose.
The so-called legal basis that we rely on when processing your personal data for a particular purpose. A legal basis is a reason for using the data that is justified under the GDPR.
For how long Teamtailor uses the personal data for each purpose.
5.1 All groups
Purpose | Categories of personal data used | Legal basis | How long is the personal data used for this purpose? |
---|---|---|---|
If you request to receive information from us, e.g. by signing up for a newsletter, a trial of the Service, or contact our customer support, we will use your personal data to provide you with the information you requested, and to document our response. | All the categories of personal data listed above may be used for this purpose, depending on what your request is. | A balancing of interests, based on our legitimate interest in being able to provide external parties with information they have requested. | For Users, Customer's Contact Persons and Partner's Contact Persons: For as long as the company you represent has an agreement with Teamtailor, and up to three (3) years thereafter. For Potential Users and Other Contact Persons: For two (2) years from our last contact with you. |
If you sign up for an event or publication that we host or create together with a business partner, we may share your information with that partner. Both Teamtailor and the partner may then contact you with offers, content and other information. For more information about how the partner processes your personal data, we refer to the partner’s privacy policy. | Contact and identification data Company-related data Your communication with Teamtailor | A balancing of interests, based on our legitimate interest in being able to provide external parties with information they have requested. | For Users, Customer's Contact Persons and Partner's Contact Persons: For as long as the company you represent has an agreement with Teamtailor, and up to three (3) years thereafter. For Potential Users and Other Contact Persons: For two (2) years from our last contact with you. |
If you sign up for an event we host: Administer events for our current, former and potential customers and contact persons. | All the categories of personal data listed above may be used for this purpose. | A balancing of interests, based on our legitimate interest in being able to market our products, Services and events to our prospective, current and previous customers and contact persons. | For Users, Customer’s Contact Persons and Partner’s Contact Persons: For as long as the company you represent has an agreement with Teamtailor, and up to three (3) years thereafter. For Potential Users and Other Contact Persons: For two (2) years from our last contact with you. |
Maintain, develop, test, and otherwise ensure the security of our websites and Services. This also includes detection, investigation, and prevention of fraud and other illegal activities. | All the categories of personal data listed above may be used for this purpose. | A balancing of interests, based on our legitimate interest in being able to provide a safe, secure and compliant website and Services to our customers. | For Users, Customer's Contact Persons and Partner's Contact Persons: For as long as the company you represent has an agreement with Teamtailor, and up to three (3) years thereafter. For Potential Users and Other Contact Persons: For one (1) year after you visited our website resp. used the Service. |
Create aggregate analytics of how a Service, our websites and customer support is being used and is performing, for statistical and product improvement purposes. | All the categories of personal data listed above may be used for this purpose. | A balancing of interests, based on our legitimate interest in being able to develop our services to our customers. | For the duration of the anonymization process. |
Collect information about your use of the websites for our ATS and employer branding services, using cookies and other tracking technologies. You can read more about how we use cookies on our websites in our Website Cookie Policy. | Technical and statistical data Device information | Necessary cookies: A balancing of interests, based on our legitimate interest in being able to provide our website to those visiting it. Cookies used for all other purposes: Your consent. | For information on how long we keep the information we collect using cookies, see our Website Cookie Policy. |
In connection with a potential merger, sale of company assets, financing, or acquisition of all or part of our business to another company, your personal data may be processed, shared or transferred, to parties involved in the process. | All the categories of personal data listed above may be used for this purpose. | A balancing of interests, based on our legitimate interest in being able to develop our business. | For the duration of the due diligence process. |
If a public authority requests information about you, and we are required by law to provide the information, we will do so. | All the categories of personal data listed above may be used for this purpose. | This is necessary for Teamtailor to comply with a legal obligation. | For the time period required by the authority’s request. |
If needed to protect the rights and property of ourselves, our customers, and third parties we share information about you with public authorities or with other parties involved in a potential or existing legal proceeding. We share your personal data with our suppliers who provide services and functionality to Teamtailor, such as: data centres; Platforms as a Service, systems for handling support cases, CRM-systems and business consultants. This also includes other entities in the Teamtailor group that process your personal data on our behalf. The suppliers may in their turn disclose such information to their subcontractors. The suppliers and their subcontractors are Teamtailor’s data processors. | All the categories of personal data listed above may be used for this purpose. | A balancing of interests, based on our legitimate interest in being able to access services and functionality from other companies, that we are not able to provide ourselves. | This varies, depending on which specific supplier is used. However, the maximum time period is the longest time period for which we use your personal data, as described in this privacy policy. See also section 6 below about your right to receive information about which recipients your personal data is shared with and how long they will keep your personal data. |
5.2 Users
Purpose | Categories of personal data used | Legal basis | How long is the personal data used for this purpose? |
---|---|---|---|
Market our Services, products and events that we think are relevant for you by contacting you, e.g. by calling you or by sending you information per email. If you don’t want to receive any direct marketing from us, you can opt out at any time by clicking the unsubscribe button in the email or contacting us at support@teamtailor.com. | All the categories of personal data listed above may be used for this purpose. | A balancing of interests, based on our legitimate interest in being able to market our Services, products and events to our prospective, current and previous customers. | For as long as the company you represent has an agreement with Teamtailor, and up to three (3) years thereafter. |
Collect information about your use of our ATS, using cookies and other tracking technologies. You can read more about how we use cookies in the ATS in our App Cookie Policy. | Technical and statistical data Device information | Necessary cookies: A balancing of interests, based on our legitimate interest in being able to provide our website to those visiting it. Cookies used for all other purposes: Your consent. | For information on how long we keep the information we collect using cookies, see our App Cookie Policy. |
Customer surveys about a Service. | All the categories of personal data listed above may be used for this purpose, depending on what the survey concerns. | A balancing of interests, based on our legitimate interest in understanding our existing and previous customers’ opinions about a Service. | For as long as the company you represent has an agreement with Teamtailor, and up to three (3) years thereafter. |
We may contact you and ask if we can publish a customer review by you, for the purpose of marketing a Service. | All the categories of personal data listed above may be used for this purpose. | Collecting your review and contacting you: A balancing of interest, based on our legitimate interest in being able to ask you for a review. Publishing the review: Your consent. | Collecting your review and contacting you: For as long as the company you represent has an agreement with Teamtailor, and up to three (3) years thereafter.. Publishing the review: For the lifespan of the publication or shorter, if you withdraw your consent. |
Analysing statistics of how Users use the Services, and specific features in the Services, for the purpose of supporting our customers in optimising their use of the Services. | All the categories of personal data listed above may be used for this purpose. | A balancing of interests, based on our legitimate interest in being able to develop our Services and support our customers. | For as long as the company you represent has an agreement with Teamtailor, and up to three (3) years thereafter. |
Record our meetings with you, to document and analyse the meeting. | Contact and identification data Company-related data Your communication with Teamtailor | Your consent | For the shorter of: (i) as long as the company you represent has an agreement with Teamtailor, and up to three (3) years thereafter; and (ii) until you withdraw your consent. |
Adapt our marketing and advertisements of our products, Services and events. In particular, we use your data to: - allow you to see Teamtailor advertisements that are of particular interest to you; - ensure you don’t see Teamtailor advertisements that are not relevant to you: and - find individuals with similar profiles as you. | All the categories of personal data listed above may be used for this purpose. | A balancing of interests, based on our legitimate interest in being able to adapt the marketing of our products, Services and events to the right target groups. | For as long as the company you represent has an agreement with Teamtailor, and up to three (3) years thereafter |
5.3 Customer’s Contact Persons and Partner’s Contact Persons
Purpose | Categories of personal data used | Legal basis | How long is the personal data used for this purpose? |
---|---|---|---|
Enter into, administer and document Teamtailor’s agreement with the company you represent. | Contact and identification data Company-related data | A balancing of interests, based on our legitimate interest in being able to enter into, document and administer the Agreement with the company you represent. | For the purposes of entering into and administering the agreement: For as long as the company you represent has an agreement with Teamtailor. For the purpose of documenting the agreement, after it has been terminated: Up to ten (10) years after its termination. |
For invoicing- and payment purposes, i.e: - invoicing the company you represent if it purchases something from Teamtailor, - pay invoices from the company you represent if Teamtailor makes purchases from it. - process the transactions related to these invoices. | Contact and identification data Company-related data | A balancing of interests, based on our legitimate interest in receiving payment for the Service(s) we provide our customers, respectively being able to pay for services we receive. We also have legal obligations to document and keep information about payments to us, under the Accounting Act (1999:1078). | For invoicing- and payment processing purposes: For as long as the company you represent has an agreement with Teamtailor. For accounting purposes: For seven (7) years. |
5.4 Potential Users
Purpose | Categories of personal data used | Legal basis | How long is the personal data used for this purpose? |
---|---|---|---|
Market our Services, products and events that we think are relevant for you, by contacting you, e.g. on LinkedIn, calling you or sending you information per email. If you tell us to contact you at a later point, we will keep your personal data to be able to do so. If you tell us not to contact you again, we will keep your personal data to be able to ensure that we won’t contact you again. If you don’t want to receive any direct marketing from us, you can also opt out at any time by clicking the unsubscribe button in the email or contacting us at support@teamtailor.com. | All the categories of personal data listed above may be used for this purpose. | A balancing of interests, based on our legitimate interest in being able to market our products, services and events to our prospective, current and previous customers. | Two (2) years from our last contact with you. |
If you have contacted us, e.g. by signing up for a trial of a Service, we use your information to adapt our marketing and advertisements of our products, services and events. In particular, we use your data to: - allow you to see Teamtailor advertisements that are of particular interest to you; - ensure you don’t see Teamtailor advertisements that are not relevant to you: and - find individuals with similar profiles as you. | All the categories of personal data listed above may be used for this purpose. | A balancing of interests, based on our legitimate interest in being able to adapt the marketing of our products, Services and events to the right target groups. | Two (2) years from our last contact with you. |
Record our meetings with you, to document and analyse the meeting. | Contact and identification data Company-related data Your communication with Teamtailor | Your consent | For the shorter of: (i) Two (2) years from our last contact with you; and (ii) until you withdraw your consent. |
6. Whom do we share your personal data with?
6.1 All groups
The business partner(s) that we host an event with or create content with - see Section 5.1 above.
Parties involved in an acquisition, merger, or sale of business - See Section 5.1 above.
Authorities and other parties involved in a potential or existing legal proceeding - see Section 5.1 above.
Our suppliers and their subcontractors - see Section 5.1 above.
6.2 Users
The provider of the channel we use to contact you - See section 5.2 above.
The channels where a customer review from you is published - see Section 5.2 above.
The company you represent - see Section 5.2 above.
6.3 Customer’s Contact Persons and Partner’s Contact Persons
The company you represent - see Section 5.3 above.
The payment processing provider - see Section 5.3 above.
6.4 Potential Users
The provider of the channel we use to contact you - See section 5.4 above.
If you want more information about which exact recipients your personal data is shared with or how long they will keep your personal data, you can always contact us. You will find our contact details in Section 10 below.
7. When do we transfer your personal data outside of the EU/EEA, and how do we protect it then?
We always strive to process your personal data within the EU/EEA area.
However, some of our suppliers and their subcontractors process your personal data outside the EU/EEA.
We also use suppliers whose parent company, or whose subcontractor’s parent company, is based outside the EU/EEA. In these cases, we have taken into account the risk that the personal data may be disclosed to countries outside the EU/EEA, for example because of an authority request.
In cases where another recipient of your personal data (as described in Section 6 above) is based outside the EU/EEA, this will also mean that your personal data is transferred outside the EU/EEA.
When we, or one of our suppliers, transfer your personal data outside the EU/EEA, we will ensure that we use a safeguard recognized by the GDPR to enable the transfer. We use the following safeguards:
A decision by the EU Commission that the country outside of the EU/EEA to which your personal data is transferred has an adequate level of protection, which corresponds to the level of protection afforded by the GDPR. In particular, we rely on the EU Commission’s adequacy decision for the US via the so-called EU-US Data Privacy Framework, and the adequacy decision for the UK.
Entering into the EU Commission’s standard clauses with the recipient of the personal data outside the EU/EEA. This means that the recipient guarantees that the level of protection for your personal data afforded by the GDPR still applies, and that your rights are still protected.
When your personal data is transferred outside the EU/EEA, we also implement appropriate technical and organizational safeguards, to protect the personal data in case of a disclosure. Exactly which protective measures we implement depends on what is technically feasible, and sufficiently effective, for the particular transfer.
If you want more information about the cases in which your personal data is transferred outside the EU/EEA; where it’s transferred to; the safeguards recognized by the GDPR that we use for transfers of your personal data; or the protective measures that are implemented, you can always contact us. You will find our contact details in Section 10 below.
8. What rights do you have, and how can you exercise them?
In the following you can read about the rights you have when Teamtailor is the data controller of the processing of your personal data
As described below, some of the rights you have only come into play when we process your personal data under a particular legal basis, such as having received your consent. To learn which legal basis we rely on in processing your personal data for different purposes, see Section 5 above.
If you want to know more, or contact us to exercise your rights, the easiest way is to email us at support@teamtailor.com.
If you contact us to exercise the rights mentioned in this privacy policy, we will verify your identity. The legal basis for this processing is our legal obligation under the GDPR to prevent disclosure of personal data to the wrong person.
Right to be informed.
You have the right to be informed about how we process your personal data. You also have the right to be informed if we plan to process your personal data for any purpose other than that for which it was originally collected.
We provide you with such information through this privacy policy, through updates on our website (see further Section 11 below), and by answering any questions you may have for us.
Right to access your personal data.
You have the right to know if we process personal data about you, and to receive a copy of the data we process about you. In connection with receiving the copy of your data, you will also receive information about how we process your personal data.
Right to access and to request a transfer of your personal data to another recipient (“data portability”).
You can request a copy of the personal data relating to you that we process for the performance of a contract with you, or based on your consent, in a structured, commonly used, machine-readable format. This will allow you to use this data somewhere else, for example to transfer it to another recipient. If technically feasible, you also have the right to request that Teamtailor transfers the data directly to the other recipient.
Right to have your personal data deleted (“right to be forgotten”).
In some cases, you have the right to have us delete personal data about you. This is for example the case if it’s no longer necessary for Teamtailor to process the data for the purpose for which we collected it; if you withdraw your consent; if you have objected to the processing and there are no legitimate, overriding justifications for the processing; or if the processing relates to direct marketing and you object to the direct marketing. (For the separate right to object, see below.)
Right to object against our processing of your personal data.
You have the right to object to processing of your personal data which is based on our legitimate interest, by referencing your personal circumstances.
You can also always object to our use of your personal data for direct marketing purposes, by clicking the unsubscribe button in the email or contacting us at support@teamtailor.com. When you let us know that you no longer want to receive direct marketing from us, we will stop sending it to you.
Right to restrict processing.
If you believe that the personal data we process about you is inaccurate, that our processing is unlawful or that we don’t need the information for a specific purpose, you have the right to request that we restrict the processing of such personal data. If you object to our processing, as described just above, you can also request us to restrict processing of that personal data while we make our assessment of your request.
When our processing of your personal data is restricted, we will (with the exception of storage) only process the data with your consent or for the establishment, exercise or defence of legal claims, to protect the rights of another natural or legal person, or for reasons relating to an important public interest.
Right to rectification.
You have the right to request that we rectify inaccurate information, and that we complete information about you that you consider incomplete.
Right to withdraw your consent.
When we process your personal data based on your consent or explicit consent, you have the right to withdraw that consent at any time. If you do so, we will stop processing your data for the purposes you’ve withdrawn your consent for. However, it doesn’t affect the lawfulness of processing that was based on your consent before it was withdrawn.
Right to raise a complaint.
If you have complaints about our processing of your personal data, you can raise a complaint with the Swedish Authority for Privacy Protection. You can also lodge a complaint with your national data protection authority. If you are based in the UK, you can make a complaint to the Information Commissioner’s Office.
9. Where do you turn with comments or questions?
If you wish to get in touch with Teamtailor to exercise your rights, or if you have any questions or concerns about how we handle your personal data, you can reach us by email to support@teamtailor.com.
Teamtailor also has a Data Protection Officer (DPO) who monitors our compliance with the GDPR. Teamtailor’s DPO can be reached by email to dpo@teamtailor.com.
10. Updates to this Privacy Policy
We update this privacy policy when necessary - for example, because we start processing your personal data in a new way, because we want to make the information even clearer to you, or if it’s necessary to do so in order to comply with applicable data protection laws.
We encourage you to frequently check this page for any changes. You can always check the top of this page to see when this privacy policy was last updated.
If we make changes that have a substantial impact on how we process your personal data, we will communicate this on our websites.