Navigio always strives to protect the privacy and personal data of customers, candidates, clients
and suppliers in the best possible way. It is Navigio’s goal to comply with all applicable laws and
what kind of data Navigio collects, how it is used and what rights you have. By providing your data
to Navigio, you agree to the processing of your personal data in accordance with the below.
One of Navigios central principles is to always show respect for the individual. According to our values and the General Data Protection Regulation (GDPR) the integrity of the individual is a fundamental right. There shall always be a clear purpose in the collection of data, we shall not collect more personal data than required, we shall be transparent in how we use the data, how we store it and how long we store it for. We shall inform the individual of their rights, and we shall follow up on any requests, according to the rights of the individual, within 30 days. We will always have a legal ground for the collection of data and we will follow the fundamental GDPR principles.
Navigio primarily uses three out of GDPR’s six legal grounds;
- Consent as a legal ground for lawful processing – Primary legal ground for Navigio
- Legitimate interests as a legal basis for processing – Primary legal ground for Navigio
- Contractual necessity as a lawful basis for processing – Primary legal ground for Navigio
- Lawful processing on the ground of legal obligations
- Vital interests and lawful personal data processing
- Public interest as a basis for lawful processing
Navigio follows all GDPR’s seven base principles;
- Lawfulness, fairness and transparency
- Purpose limitation
- Data minimization
- Storage limitation
- Integrity and confidentiality (security)
Where is your data stored?
Navigio stores all personal data collected from you within the EU and the EEA. We do not disclose personal data to third parties, except in situations where this is a requirement arising from a statutory obligation or to fulfill our commitment to you as a customer, candidate, client or supplier. See more information under the section ’Who Will We Share Your Personal Data With?’
What personal data is collected?
We do not collect more data than necessary to fulfil our purpose in accordance to our legal ground. Personal data shall be accurate, relevant and collected for specified, explicit and legitimate purposes.
- If you are a customer or a candidate where you participate in our test processes, we will, before the test process starts, ask for your consent, in line with our values and the legal right in GDPR.
- If you are a candidate, we will collect and store your CV, your current employer and what processes you have been listed- or participated in, based on the legal right legitimate interest.
- If you are a customer or supplier, we will store your postal and invoice address based on the legal right of Contractual necessity. Please see further about your legal rights in ’What Rights Do You Have?’
HOW DO WE USE YOUR PERSONAL DATA?
We use your personal data, where processing is necessary, with legitimate interest or your consent or to fulfil a contractual obligation. The right to access and handle personal data is limited in Navigio so that employees only have the right to access and handle the personal data that he or she needs to perform their tasks and duties. Sensitive personal data is always stored so there is limited access to this data. We do not use your data for other purposes than the specified, explicit and legitimate purposes.
- If you are a participant in a Leadership Program, a Leadership Coaching or a Strategy & Organization project where personal data is shared – we use your data;
- To fulfil our project agreement
- To contact you during an ongoing assignment or to follow up after an assignment
- For a feedback survey
- If you are a candidate that has gone to one of our final steps in an Executive Search process – we use your data to;
- To contact you in ongoing processes
- To evaluate your fit with the potential job opportunity
- For a feedback survey
- For follow up process when a process with us has led to a new job opportunity for you, or to contact you about interesting future job opportunities if the opportunity did not lead to a signing for you
- For statistics (in a fully anonymous manner)
HOW LONG DO WE HOLD IT FOR?
We will not store your personal data for longer than is necessary to meet the purposes stated above or, as long as we are required to store your personal data by law. Navigio follows the GDPR recommendations given in “Bemanningsföretagens vägledning för hantering av personuppgifter” (https://www.almega.se/app/uploads/sites/5/2018/05/gdpr-vagledning.pdf).
- If we store your data based on legitimate interest, we will store your data for maximum three years after the project has ended. If relevant; we will provide updated legitimate interest information to prolong the period.
- If we ask for your consent, we will store your data for maximum five years after the ended project. If relevant; we will before this time is over, ask for a renewal of your consent to prolong the storage period.
Remember that you may withdraw your consent at any time or ask for a removal of your data (see “What Rights Do You Have?”).
WHAT RIGHTS DO YOU HAVE?
You have the right at any time to withdraw your given consent. You have the right to request from us access to your own personal data, which sometimes is known as a ‘subject access request’. Additionally, you have the right to request from us:
- that any inaccurate data we hold about you is corrected
- that data about you is deleted in certain situations
- that we stop using your personal data for certain purposes
- that your profile is provided to you in a portable format
- that decisions about you are not made by wholly automated means
If you wish to exercise any of your rights, please send your request to our Data Privacy Office at firstname.lastname@example.org. In order to find your personal data in all our databases, we need your name and email address, and upon request, other information required to identify you. Many of the rights listed above are limited to certain defined circumstances and we may not always be able to comply with your request. We will inform you if this is the case. If you choose to make a request to us to exercise any of these rights, we will aim to respond to you as soon as we reasonably can but no later than 30 days. We will not charge a fee for handling any reasonable request.
If you are unhappy with how we are using your personal data or if you wish to complain about how we have handled a request, then please contact our Data Privacy Office at email@example.com and we will try to resolve your concerns. You also have the right to complain to your local Data Protection Authority and a full list can be found here; http://ec.europa.eu/justice/data-protection/article-29/structure/data-protectionauthorities/index_en.htm
HOW DO WE PROTECT YOUR
Navigio takes the technical and organizational security measures required by law to ensure that your personal data is not manipulated, lost or destroyed, or that unauthorized persons have access to your data. Our safety routines are constantly updated as technology progresses.
HOW DO WE HANDLE PERSONAL DATA ON NAVIGIOS WEBPAGE?
Disclaimer: Our webpage may contain links to external web pages that Navigio does not control. These are not covered by this policy. Navigio is not responsible for the data handling of the websites linked to and from navigio.se/.no/.dk/.eu.
WHO IS RESPONSIBLE FOR MANAGING YOUR PERSONAL DATA?
If you have questions about how we handle your personal data or any questions in relation to what is stated in ‘What Rights Do You Have?’, please contact our Data Privacy Office and our Data Protection Officer (DPO) at firstname.lastname@example.org.