Data policy

The following texts present Turn Consulting AB's data policy. Click on the headings below to learn more.

Turn Consulting AB, corporate identity number 559219-2594, (“Turn Consulting” or “we”) helps students to enter working life through a mediation service between employers and students.

Turn Consulting only offers digital services. Our services can be used on our website, which is adapted for several different devices, both computer, tablet and phone. The provisions of this personal data policy also apply to all mobile access and use of mobile devices.

When you use Turn Consulting's various services, we collect your data and process it in accordance with this personal data policy. It is therefore important that you read and understand the personal data policy before using Turn Consulting's services. If you do not agree with the personal data policy, you should not use our services.

Turn Consulting is responsible for personal data and thus responsible for the processing of your personal data. We care about protecting your personal data and we make sure that your personal data is always processed securely. We comply with all applicable laws and regulations that exist to protect the privacy of individuals and use appropriate and reasonable physical, technical, and organizational security measures in relation to the amount and sensitivity of personal data.

This Privacy Policy expresses the types of personal information that we collect, how we use such information, how we process and protect the information we collect, how long we store it, with whom we share it, to whom we transfer it, and the rights that individuals may practice with respect to our use of their personal data. We also state how you can contact us regarding our privacy practices and the exercise of your rights. 

This privacy policy is valid from 25 May 2020 and provides a regulatory framework for the personal data collected by Turn Consulting AB as required by law which includes the European Union's General Data Protection Regulation (GDPR).

This privacy policy applies to

  1. our job candidates
  2. our consultants
  3. our suppliers, which we hire or assign to our candidates
  4. users of our website
  5. representatives of our business partners, clients, and salespeople. 

We may collect personal information about you in several different ways, for example through our website and social media channels, at our events, by phone, through job applications, in connection with personal recruitments, and in connection with our collaboration with clients and sellers. We get to collect:

  • contact details (such as name, postal address, e-mail address, and phone number)
  • information that you provide to people that you would like us to contact. (Personal data controller assumes that this person has previously given consent for such communication)
  • other information that you provide to us, such as in surveys and through the "Contact Us" section of our website. 

Also, if you are a job candidate and applying for a job, we may collect the following types of personal information (as permitted in accordance with Swedish law).

  • employment and education history 
  • language skills and other work-related skills
  • social security number, national identification, or another state-issued identification number
  • year of birth
  • issued driver's licenses
  • information provided by references
  • information covered by your personality analysis, the information you provide regarding your professional interests, and other information relating to your competence for employment and where expressed consent has been provided by you as provided by law
  • disability and health-related information
  • results of drug tests, criminal record checks, and other background checks. 

Besides, we may collect information that you provide to us regarding other people, such as relatives' information for emergencies.

The controller collects and uses the data for the following purposes (as permitted by local law):

  1. arrange labor solutions and connect people to work
  2. create and manage our competence portal
  3. manage our relationships with clients and salespeople 
  4. where this is permitted by law and is in accordance with our Cookie and Marketing Policy, to send marketing materials, notices regarding available services, and other notices  
  5. where this is permitted by law to announce and manage participation in, special events, advertising, programs, offers, surveys, competitions, and market research; 
  6. respond to individual requests and requirements 
  7. conduct, evaluate, and improve our business operations (which includes development, reinforcement, review, and improvement of our services, management of our communication, the performance of data analysis and implementation of accounting, auditing, and other internal tasks) 
  8. protect against, identify and try to prevent fraud and other illegal activities, claims and other liabilities  
  9. comply with and strengthen applicable legal requirements, relevant industry practice, contractual obligations, and our policies. 

All processing will be performed based on legal grounds:  

  1. consent or express consent of the data subject, where required by applicable law  
  2. consent of the data subject, where required by the applicable law to ensure our compliance with a legal or contractual requirement or a requirement that is necessary to enter into an agreement, for example, the processing of your data.
  3. it is essential and necessary based on the legitimate interest of the Data Controller.  

In addition to the activities listed above, if you are a job candidate and you are applying for a job, as permitted by Swedish law, we use the information described in this policy regarding privacy protection for the following purposes: 

  1. Provide job offers and work 
  2. assess your suitability as a job candidate and your associated qualifications for job positions 
  3. perform data analyzes, such as personality analysis of our job candidate and partner database; assessment of individual performance and skills, including scoring of work-related abilities, use of information to match individual and potential opportunities.

We may also use information in other ways where we send a special message in connection with or before the time of collection.  

Legitimate interest 

The data controller may process personal data for specific legitimate business purposes, which includes any of the following:   

  • where the treatment enables us to strengthen, modify, tailor, or otherwise improve our services/communication for the benefit of our clients, candidates, and partners  
  • to identify and prevent fraud  
  • to strengthen the security of our network and information systems
  • to better understand how people interact with our web pages  
  • for direct marketing purposes
  • to send you mailings that we believe would be of interest to you 
  • to determine the effectiveness of marketing campaigns and advertising 

In cases where we process data for these purposes, we ensure that your rights are protected and take such rights into account. You have the right to object to such treatment. Please note that the exercise of your right to object may affect our ability to assist you as a candidate or customer. 

Our processing of collected personal data takes place in an automated way, for the purposes stated in the box above and for a specific period of time, which is in line with our internal policy, to ensure that personal data is not stored longer than necessary. 

We maintain administrative, technical, and physical security measures designed to protect the personal information you provide against accidental, unlawful, or unauthorized destruction, loss, alteration, disclosure, or use. In order to ensure appropriate security and confidentiality regarding personal data, we take the following security measures: 

  • Encryption of data in transmission
  • Solutions for IT security 

As a candidate (job applicant), your information is saved for five years from registration and thereafter you may renew your information and thus also your consent to this personal data policy. If you have shared personal information with us in some other way, for example via contact forms, your information will be deleted automatically after five years. We store the personal data that we collect in our systems in a way that only makes it possible to identify the data subjects for the time deemed necessary in the light of the purposes for which the data was collected, or for which data is further processed. 

We determine this particular time period by considering: 

  • The need to preserve collected personal data stored for offering services established with the user
  • In order to ensure the legitimate interest of the Data Controller as stated in the purposes.

We only share personal information that we collect about you in the ways set out in this Privacy Policy or separate notices provided in connection with specific activities. We may share personal information with vendors performing services on our behalf based on our instructions. We do not authorize these vendors to use or share the data except where necessary for the performance of services on our behalf or compliance with legal requirements. We may also share your personal information with our partners and with clients who may have available job offers or interest in recruiting our job candidates and with others we work with, such as recruitment advisors and subcontractors, in order to find a job for you. 

We may also share your personal information

  1. if we are prescribed to do so by law or legal process
  2. to law enforcement agencies or other government officials based on a legal request to share
  3. when we consider that sharing is necessary or appropriate for preventing physical harm or financial loss, or in connection with an investigation of suspected or fraudulent or unlawful activity. We also reserve the right to transfer personal data that we hold about you if we sell or transfer all or part of our business or our assets (which includes cases where reorganization, dissolution or liquidation takes place). 

Cookies are used on almost all websites and may be necessary for the website to function optimally. Cookies are used to enable us to collect visitor statistics and analyze what needs to be changed on the website. Cookies can also be added when you submit information to apply for a vacancy or when you use sharing links (third-party cookies).

IP numbers and cookie IDs can be personal data and you, therefore, have the right to know how we use the data and how you can limit the use.

There are different types of cookies. Turn Consulting AB's website uses all types:

  • A session cookie is temporarily stored in the computer's memory while a visitor is using a web page. It disappears when you close the browser.
  • A permanent cookie remains on the visitor's computer until it is deleted.
  • A first-party cookie comes from the current website (turnconsulting.se) and places cookies in the visitor's browser.
  • A third-party cookie comes from another website and places cookies in the visitor's browser. You can set your browser to block cookies from third parties only.

To understand how our website is used and provide information for our improvement work, we collect statistics about each visit via the statistics tool Google Analytics. The information contains, for example, data on cookie ID, IP number, browser, and which pages are visited and saved for 26 months.

More specifically, we use cookies to identify whether you are a return visitor or not. We save the unique number that the cookie in your browser receives (a cookie ID). IP numbers are used to identify the geographical residence of our visitors.

If you do not accept cookies

You can make settings in your browser's security settings so that you either do not receive any cookies at all or that you get a question every time a website tries to place a cookie on your computer. If you do not accept cookies, we do not recommend you to use our website or social platforms.

More about cookies on the Swedish Post and Telecom Agency's website..

Where applicable law so requires, the data subject may exercise the following special rights in accordance with Articles 15 to 22 of the Data Protection Regulation: 

  1. Right of access: The data subject has the right to access his or her data to check that such personal data is processed in accordance with law. 
  2. Right to rectification: The data subject has the right to request rectification regarding all incorrect or incomplete information that is retained regarding him or her, to ensure the accuracy of such information and adapt it to the processing of personal data. 
  3. Right of deletion: The data subject has the right to request that the Data Controller delete data about him or her and no longer process such data. 
  4. Right to limit the processing: The data subject has the right to request that the Data Controller restricts the processing of his or her data. 
  5. Right to data portability: The data subject has the right to request data portability, which means that the data subject can obtain the originally provided personal data in a structured and commonly used format or that the data subject can request the transfer of data to another data responsible. 
  6. Right to object: The data subject who provides personal data to the Data Controller has the right to, at any time, object to the processing of personal data on several grounds as stated in the Data Protection Ordinance without having to justify his or her decision. 
  7. Right not to be subject to automated individual decision-making: The data subject has the right not to be subject to a decision based solely on automated processing, which includes profiling, if such profiling causes a legal effect concerning the data subject or in the same way significantly affects him or her. 
  8. Right to lodge a complaint with a supervisory authority: All data subjects have the right to complain with a supervisory authority, especially in the EU country where he or she has his or her permanent residence, place of work or where the alleged infringement took place if the data subject considers the processing of personal data which is connected to him or her violates the Data Protection Regulation. 

When processing is based on consent as under Article 7 of the Data Protection Regulation, the data subject may at any time withdraw his consent. 

Please contact gdpr@turnconsulting.se if you need more information about the processing of your data. 

Please note that the terms of this Privacy Policy may change. In such cases, the new version will be published on Turn Consulting's website. You should therefore read these terms and conditions periodically to make sure that you are happy with the changes. In the event of changes of material significance, however, we will notify you by e-mail, if you have given us your e-mail address, that changes have taken place.

If the changes concern such personal data processing that we perform with the support of your consent, we will allow you to give your consent again.

If you have questions related to this personal data policy, if you suspect that there may have been a breach of it or if you want to contact us for any reason stated in this personal data policy, please contact gdpr@turnconsulting.se or call us (+46)72-717 80 28.