External Privacy Policy for Corprate.io ApS


1. Personal data control at Corprate.io ApS

Corprate.io ApS, CVR no. 40329099 (hereinafter referred to as ‘CORPRATE’) has adopted this Privacy Policy which applies to the company as a whole in its processing of personal data.

This Privacy Policy contains a description of how CORPRATE processes personal data on users of our website, our partners, suppliers and other parties whose personal data CORPRATE processes.

CORPRATE uses cookies to operate the company’s website. We refer to the Cookie Policy shown on our website at www.corprate.io

2. We are the data controller – how do you contact us?

CORPRATE is the data controller in the processing of the personal data we receive about you. Please contact us on the address below.

Corprate.io ApS

Vermundsgade 38 E

2100 Copenhagen Ø

M: datapolicy@corprate.io

3. The reason we process your personal data

Our website provides current and previous job seekers with the opportunity to review headhunters’ and employers’ recruitment procedures. We also give the reviewed companies the opportunity to respond to the reviews.

All reviews and responses will be reviewed and quality-assured by us before they are posted on our site. In this way, we ensure that neither reviews nor responses contain sensitive personal data and that our guidelines for objectivity and a civil tone are complied with.

All reviews are anonymous with the exception of the name of the company the user is reviewing. When you review a company on our website, you remain anonymous when the review is published.

Processing of personal data for personal users of our website:

When we handle personal data about or for you, we only collect and process those personal data that are necessary for you to register with us and review your experience of a recruitment process.

We assess whether there is a basis for collecting and processing personal data, the personal data that are necessary and relevant and how long the personal data should be stored.

We collect data on your name, contact details and your LinkedIn ID and the information you provide in your review of a specific company or give us directly as part of our processing of the review you wish to publish. We use your LinkedIn ID to confirm your identity. We want to be seen as a serious reviewing platform and this requires that we ensure that the reviews that are published are credible.

You are asked to avoid including sensitive personal data in your review – both sensitive personal data about yourself and about others. Reviews that contain sensitive personal data or are non-factual or offensive about individuals will not be published on our website. We have a zero-tolerance policy on harassment, bad language and bullying.

We are the data controller in the processing of your personal data. This means that we must ensure compliance with the rights you have pursuant to the Danish Act on Processing of Personal Data (please see the ‘Your rights’ section).

Processing of personal data for you as a user of our website on behalf of a company:

When we handle personal data about or for you, we only collect and process those personal data that are necessary for you to register with us and respond to a review from a user on behalf of your employer.

We assess whether there is a basis for collecting and processing personal data, the personal data that are necessary and relevant and how long the personal data should be stored.

We collect data on your name, professional contact details and your personal LinkedIn ID and the information you provide in your response to a review or give us directly as part of our processing of the response you wish to publish. We use your LinkedIn ID to confirm your identity. We want to be seen as a serious reviewing platform and this requires that we ensure that only people who are employed with the reviewed employer are able to respond to a review.

Responses that contain sensitive personal data or are non-factual or offensive about individuals will not be published on our website. We have a zero-tolerance policy on harassment, bad language and bullying.

We are the data controller in the processing of your personal data. This means that we must ensure compliance with the rights you have pursuant to the Danish Act on Processing of Personal Data (please see the ‘Your rights’ section).

Processing of personal data about other parties:

As we provide a platform where private individuals are able to review the recruitment procedures of employers, there will be situations in which we for our own purposes handle personal data about other parties, e.g. employees working for our partners, parties to agreements and other applicable parties. In these situations, we will also act as the data controller.

This means that we must ensure compliance with the data subject’s rights pursuant to the Danish Act on Processing of Personal Data (please see the ‘Your rights’ section).




4. Processing of personal data

We only use the personal data that are necessary and relevant in the provision of our reviewing platform for current and former job seekers.

We do not disclose your personal data without legal authority

We do not normally disclose the personal data of users as part of our business activities. But data are disclosed to our IT providers in the operation of our website.

We always ensure that we have the legal authority to disclose your personal data to a third party. We check and update your personal data

If we discover that personal data are no longer relevant or that they are incorrect, we delete or correct the data.

We delete your personal data when they are no longer required

We delete your personal data if you ask us to. But your review will not be deleted as it does not contain information that is personally attributable to you and is therefore anonymous.

5. Security

We protect your personal data and apply internal data security rules

We have taken a number of organisational and physical measures to secure the personal data we process. This means that we have internal instructions in place relating to the processing of data, digital protection in the form of antivirus programmes, firewalls and spam filters as well as procedures for the inspection of protection of personal data.

This means that we have limited the number of people who have access to your data.

We have entered into data processing contracts with the companies that process data for us so that we ensure that they protect the personal data that we entrust to them.

If a breach of security which entails a high risk of infringement of your rights should take place, we will notify you of the breach.

6. Your rights

Pursuant to the General Data Protection Regulation, you have a number of rights as regards our processing of data about you. If you wish to exercise your rights, you must contact us.

The right to access data: You have the right to access the information that we process about you as well as a range of additional data.

The right to rectification: You are entitled to have incorrect data about yourself corrected.

The right to erasure: In exceptional circumstances, you are entitled to have data about you erased prior to the standard date of erasure.

You are entitled to withdraw your consent: As our processing of personal data rests on consent, you are entitled to withdraw your consent at any time by contacting us.

If you elect to withdraw your consent, this does not affect the legality of our processing of your personal data on the basis of your previous consent up to the date of your withdrawal of consent. If you withdraw your consent, it will therefore only apply from this date.

The right to restrict processing: In certain circumstances, you are entitled to restrict the processing of your personal data. If you are entitled to restrict processing, we will only be permitted in future to process the data – with the exception of storage – with your consent or in order to ascertain, invoke or defend legal claims or to protect a person or important societal interests.

The right to object: In certain circumstances, you are entitled to object to our otherwise legal processing of your personal data. You may also object to the processing of your data for the purposes of direct marketing.

The right to data portability: In certain circumstances, you are entitled to receive your personal data in a structured, standard and machine-readable format and to transfer these personal data from one data controller to another without hindrance.

7. Complaining to the Danish Data Protection Agency

You are entitled to submit a complaint to the Danish Data Protection Agency if you are dissatisfied with the way in which we process your personal data. Contact information for the Danish Data Protection Agency can be found at www.datatilsynet.dk

Find out more about your rights in the Danish Data Protection Agency guidelines on the rights of data subjects at www.datatilsynet.dk.

Copyright 2018-2019 © CORPRATE.IO APS