Preamble
The following information about GDPR, Cookies, Privacy Policy & Security does not apply to websites, applications or other services, such as MailChimp, that provide their own separate privacy statements or policies. Our Website may contain links to other sites but Nordic CV is not responsible for the privacy policies and/or practices of these other sites.
This Privacy Policy covers what information we gather when you are accessing or using our Website, how we use that information and how we protect it. Your use of our Website and the information you provide on our Website is subject to the terms of this Privacy Policy and our Terms of Service.
Lawfulness of processing
For the processing of your personal data, the provisions of the EU GDPR and all other applicable data protection regulations are complied with. Legal bases for the data processing arise are provided for specifically in
Art. 6 EU GDPR.
We use your data for business contact, to fulfil contractual and legal obligations, to perform on the contractual relationship, to offer products and services, and to strengthen the customer relationship, which may include marketing and direct advertising. Furthermore, the data you provide will be used for the contractual relationship with Nordic CV. If you are still unsure as to how these rules affect you please use the links provided below or contact us at
dataprotectionofficer@onestopcv.com
We use SSL Certificate data encryption
Any data exchange from and to our website is encrypted. For transmission protocol, we use HTTPS for our website, with each transfer based on up-to-date encryption protocols. With an SSL Certificate, any information that is transmitted becomes encrypted by inserting random characters into the original message making it unreadable to everyone except the intended server. This makes it almost impossible for hackers to steal your information.
The green or black secure padlock in the browsers address field denotes an active SSL Certificate.
GDPR - New rules on protection in the processing of personal data
We take every possible measure to follow European laws governing electronic data traffic and security in the Regulation (EU) 2016/679 (General Data Protection Regulation). Read more about each right in the
official GDPR html (link opens in new window).
On May 25, 2018 a new law began to affect all companies and organizations across the EU / EEA. The law is called the Data Protection Ordinance but is also known as the GDPR or General Data Protection Regulation. GDPR and a supplementary Swedish law, the Data Protection Act, will replace the previous Personal Data Act.
The purpose of the act is to make companies more responsible with regards to how they handle individuals' personal data in a safe and easily accessible manner. It contains, inter alia, rules on how personal data has to be processed, stored and the individuals' right to easily access the stored data and modify what is incorrect.
Customers' rights are strengthened
Many people know the GDPR for its hard-line regulation around the "right to be forgotten," where an individual can request a company to erase the personal data it holds on them. However, it also contains the right to access any information that may be held by a company. A major and important part of the improved protection for the customer is that companies and organizations get greater demands on how personal data can be processed. They should also be clear about what personal information they have about the customer, as well as how and why the data is used.
The new regulation includes, among other things
Right of Access - SAR (Subject Access Request)
These rights are standardised in Articles 15 - 22 of the EU GDPR. These include:
-
The right to be informed (Article 15 EU GDPR),
-
The right to rectification (Article 16 EU GDPR),
-
The right to erasure (Article 17 EU GDPR),
-
The right to restrict data processing (Article 18 EU GDPR),
-
The right to data portability (Article 20 EU GDPR),
-
The right to object to data processing (Article 21 EU GDPR),
-
Automated individual decision-making, including profiling (Article 22 EU GDPR).
1. Data Transparency
The right to be informed (
Article 15 EU GDPR)
You have the right to get information about what personal information Nordic CV keeps about you. To exercise these rights, please contact:
DPO (Data Protection Officer). In order to ensure that the right person receives the information, we must be able to identify you. This also applies if you have questions about data processing in our company. You also have a right of appeal to a data protection supervisory authority.
2. Right to rectification.
The right to rectification (
Article 16 EU GDPR)
You are entitled to have any incorrect personal data about yourself corrected and also to supplement if personal information is incomplete.
3. Right to be forgotten.
The right to erasure (
Article 17 EU GDPR)
The right to be forgotten derives from the case
Google Spain SL, Google Inc v Agencia Española de Protección de Datos, Mario Costeja González (2014). For the first time, the right to be forgotten is codified and to be found in the GDPR in addition to the right to erasure.
According to this, personal data must be erased immediately where the data are no longer needed for their original processing purpose, or the data subject has withdrawn his consent and there is no other legal ground for processing, the data subject has objected and there are no overriding legitimate grounds for the processing, or erasure is required to fulfil a statutory obligation under the EU law or the right of the Member States. In addition, data must naturally be erased if the processing itself was against the law in the first place.
4. Limitation of processing.
The right to restrict data processing (
Article 18 EU GDPR)
We store your data for as long as they are needed for the respective processing purpose. Please note that multiple retention requirements may require that data continue to be stored. This specifically involves commercial or tax-related retention requirements (i.e. commercial code, tax code, etc.). Unless there are further retention requirements, the data will be deleted after use, as a matter of routine.
In addition, we may retain data if you have given us your permission to do so, or if there are legal disputes and we use evidence within the statutory limitation period, which may be up to thirty years; the regular limitation period is three years.
5. Data portability.
The right to data portability (
Article 20 EU GDPR)
You can request an electronic copy showing which personal data you have submitted to Nordic CV.
6. Objection to data processing.
The right to object to data processing (
Article 21 EU GDPR)
If we process your personal data for the purpose of direct mail, you have the right to object to this data processing at any time without giving reasons. This also applies to the any, provided that it is related to the direct marketing.
If you object to the processing for direct marketing purposes, then your personal data shall no longer be processed for these purposes. This is possible vie email to privacy@experteer.com at any time. This right to object is free and may take place without a form.
In the event that we process your data to protect justified interests, you may object to such processing at any time for reasons that arise from your specific situation; this also applies to profiling arising from these provisions.
We will then no longer process your personal data unless we can demonstrate compelling legitimate grounds worthy of protection for the processing which override your interests, rights and freedoms, or the processing serves the establishment, exercise or defence of legal claims.
7. Data profiling.
Automated individual decision-making, including profiling (
Article 22 EU GDPR)
You have the right not to be subject to certain types of automated decisions which also includes profiling or in any way could be detrimental to your rights. However, this article does not apply when it is necessary for entering into, or performance of, a contract between the data subject (you) and a data controller (Nordic CV).
How we use the information we collect:
We collect and process your personal information for the following reasons:
(1) to enable you to generate the CV's, Personal Letters & emails that you create to send to other people of your choice from this site.
No personal data of any kind is ever given to 3rd parties. Your CV data on this site is yours and yours alone. Only you can decide to send it in applications from the site to the people and companies you choose to send it to.
You may review and modify the personal information we have collected by contacting us at
dataprotectionofficer@onestopcv.com and ask to be removed from this service or to have a copy of the data we have about you, which is actually always available to you and only to you when you login to your account.
You can also choose to remove your account and/or newsletter subscription in the user area. You can opt in or out of the newsletter at any time by using the unsubscribe link in any email you receive.
Please note: we have no newsletters at this time.
We have chosen not to have active data connections or login capabilities from social media sites or career networks. At Nordic CV your personal information is always for your personal use only.
By using this Website, you are expressly consenting to the collection and use of your information as described.
If you find our policies and/or procedures objectionable, please do not use this Website.
Cookies
Every time you log in to the site you receive a session-id. This session-id expires after a certain period of inactivity or when you have logged out. Then the browser garbage collection clears the file from your browser.
You also set a persistent cookie when you acknowledge the cookie agreement.
This privacy statement covers the use of cookies by www.onestopcv.com only and does not cover the use of cookies by any eventual advertisers or third parties such as those that maybe set if you use LinkedIn or Facebook to register.
...more about cookies
A cookie is a small text file that is stored on a user’s computer for record-keeping purposes. This is a common web technology used by most modern websites and we use cookies in line with commonly accepted practice.
Most websites use both session ID cookies and persistent cookies. We use a session cookie to make it easier for you to navigate our site and it expires when you close your browser.
(A persistent cookie remains on your hard drive for an extended period of time. Persistent cookies can easily be removed by following directions provided in your Internet browser’s help section or by searching how to remove cookies on google.)
Information Sharing and Disclosure
We DO NOT share your personal information with any third parties without your permission. We may share anonymous data that you have provided us such as age, gender, location etc to provide broad statistics to third party advertisers and partners. This information does not identify individual users and is not linked to your personally identifiable information.
Nordic CV takes no responsibility whatsoever for the veracity or accuracy of the documents produced using this service. The user is soley responsible for the information they enter and for where and to whom they send it.
When sending your information to potential recruiters and employers, your documents are delivered through the internet. You are responsible for any information on your documents that you would like to remain confidential. You can make some profile information private, by accessing the settings area in your account page.
Secure payment system
Credit card and Internet payments are handled securely via Payson Payment System.
Your payment is valid only for the creation of the CV documents. All other services such as the production of cover letters and reports are extra services only. They are not what you are paying for. You can theoretically create an unlimited number of documents but we will take measures if we feel that this functionality is being abused. Nordic CV takes no responsibility for the content of these documents.
Terms of Service
User Liability
Users are solely responsible for who they send their documents to. Nordic CV can not be responsible for delivery of the document (sent job applications, etc.) that failed due problems with external mail servers like yahoo etc.
Unpleasantries.
You may NOT use this site as a base for sending advertisments or anything else that might be deemed to be spam. This includes (but is not limited to) unsolicited emails. We check for this and will take necessary action against such unauthorised activity. Any misuse of this site will result in the immediate termination of the user account. Any and all illegal activities will be reported to the relevant authorities and we will co-operate fully with them in any enforcement action against the offenders. "Unsuitable" activities may include, without limitation, those members that Nordic CV believes:
- Display or promote obscene, indecent, pornographic or sexually explicit content.
- Promote abusive, threatening, hateful, harmful, harassing, libelous or violent behavior.
- Promote discrimination based on race, sex, religion, nationality, disability, sexual orientation, or age.
- Promote illegal activities or fail to comply with applicable law.
- Violate the intellectual property rights of third parties.
- Have the potential to interfere with the use, enjoyment, deployment or operation of the Service by other Visitors.
Spam policy
From time to time, Nordic CV may use your personal information to contact you by electronic mail concerning our services. These communications are often intended to inform you of important information regarding your account, or about the functionality of the website and general services provided by Nordic CV and/or its affiliates. If you do not want to receive email from us or our affiliates regarding new services, please click the "unsubscribe" link which is included at the bottom of any email you receive from us.
We reserve the right to introduce a newsletter on a weekly basis.
We have no such newsletter at this time.
Legal intervention
We reserve the right to supply personal information in order to comply with the law, to combat illegal activities and to enforce user agreement terms or protect the rights, safety or property of www.onestopcv.com and its users or others.
Data and / or products obtained in accordance with the conditions specified on this page, and the usage of Nordic CV, may only be used in non-commercial private use.
Companies that are interested in our services require a separate agreement.
Nordic CV services may not be exploited for commercial purposes or for the development or production of competitive services. Users of the service do not own nor have the right to distribute, sell, assign or otherwise transfer data products or documentation even with further processing, to a third party, without prior written permission from Nordic CV onestopcv.com.
Force Majeure
Nordic CV is not responsible for loss of service or data due to circumstances beyond the control of Nordic CV which could not be foreseen or prevented.
Disputes, conflicts of law, etc.
Any disputes, conflicts of local or international law or legal irregularities regarding these terms, their interpretation, or in other legal relationships arising therefrom shall, if the parties can not resolve the dispute by negotiation, be settled according to European Union law in a Swedish court of law.
Nothing in this Agreement or its implementation shall be construed in a way that is detrimental to either party's position in any eventual disputes.
Please note that although we take all the steps we can to protect the personal information we collect from you, and that Nordic CV has very strict protocols and SSL in place, no one, including us can guarantee risk-free use of the internet, and we make no such guarantees as to the absolute security of your personal information. We are, however, entirely committed to doing our utmost to ensure the security of your personal data. You, the user are 100% responsible for the data integrity.
Data security is the protection of data against unauthorized access or corruption and is necessary to ensure data integrity. Data integrity is a desired result of data security, but the term data integrity refers only to the validity and accuracy of data rather than the act of protecting data.