Home > Brightmill’s privacy policy

How we use your personal data

Brightmill’s privacy policy

Last updated: 2024-12-18

Your privacy is important to us at Brightmill. We adhere to the General Data Protection Regulation (GDPR) and our group-wide Information Security and Data Protection Policy to ensure that your personal data is processed securely and transparently. Below, we explain how we collect, use, and protect your data and what rights you have.

Who is responsible for your personal data?

The data controller for personal data is Brightmill AB, Brightmill ApS, or Brightmill GmbH, depending on your location. Brightmill AB is responsible for data processing related to this website. If you have any questions about how we handle your personal data, please contact us:

What personal data do we process?

For candidates

  • Contact information: Name, email address, and phone number.
  • Professional information: CV, previous employers, education, and references.
  • Other information: Data you provide during the application process or in contact with us.

For customers and subcontractors

  • Contact information: Name, email address, phone number, and job title.
  • Company information: Company name, registration number, and billing details.
  • Contract-related information: Information linked to agreements and service delivery.

Technical information

  • IP addresses, cookies, and browser data: Collected when you use our website. For more information, see our Cookie policy.

Why do we process your personal data?

For candidates

  • To manage your registration process as a candidate.
  • To assess and match you with assignments and ensure you meet the requirements of the job profile.
  • To communicate with you during the recruitment process.
  • To keep you updated on our services and other relevant information through newsletters.

For customers

  • To deliver our services and communicate regarding ongoing assignments.
  • To handle invoicing and payments.
  • To keep you updated on our services and other relevant information through newsletters.

For subcontractors

  • To manage agreements and collaborations.
  • To communicate regarding deliveries and payments.

Legal basis for processing

We process personal data based on the following legal grounds:

  • Consent: To process candidate data, include it in our database, and send relevant information.
  • Contract: To fulfill our obligations to customers and subcontractors, such as delivering services or collaborating on assignments.
  • Legal obligation: To comply with legal requirements, such as bookkeeping laws or the GDPR.
  • Legitimate interest: To improve our services, match candidates with customer requirements, and keep candidates and customers informed through newsletters and relevant information based on an existing business relationship.

How long do we retain your data?

  • Candidates: Data is stored until you actively withdraw your consent.
  • Customers and subcontractors: Data is retained in accordance with legal requirements, e.g., for bookkeeping purposes.

Who do we share your data with?

We share your personal data only when necessary:

  • Customers and clients: When matching candidates with assignments (with the candidate’s consent).
  • Subcontractors: To deliver services that require collaboration.
  • Service providers: For technical systems and support.
  • Authorities: When legally required to do so.

We ensure that all our partners comply with GDPR and our data security requirements.

Your rights

You have the following rights under GDPR:

  • Right to access: Obtain information about what personal data we process and why.
  • Right to rectification: Have inaccurate or incomplete data corrected.
  • Right to erasure: Have your data deleted when it is no longer needed.
  • Right to restrict processing: Limit how we process your data in certain situations.
  • Right to data portability: Have your data transferred to another data controller.
  • Right to object: Object to the processing of your data, e.g., for direct marketing. Use the unsubscribe link in our emails or contact us directly.

Contact us at kontakt@brightmill.se to exercise your rights.

International data transfers

If personal data is transferred outside the EU/EEA, we ensure appropriate safeguards, such as standard contractual clauses, are in place in accordance with GDPR.

Automated decision-making

We do not use automated decision-making or profiling that has legal or similarly significant effects on data subjects.

Data security

We take measures to protect your personal data:

  • Encryption and secure storage systems.
  • Multi-factor authentication for access.
  • Regular reviews of our security practices.

Cookies

We use cookies to enhance your experience. See our Cookie policy for more information.

Policy changes

We may update this policy to reflect changes in laws or our business operations. The latest version is always available on our website.

Contact us

If you have questions or complaints about how we handle your personal data, please contact us:

You may also contact the appropriate data protection authority overseeing our operations if you believe that we are not complying with the GDPR.

Popular services

Interim CEO

Interim CFO

Interim Controller

Interim HR Manager

Interim HR Business Partner

Interim CIO / IT Manager

Interim SW Development Mgr

Interim Supply Chain Manager

Interim Marketing Manager

Interim Sales Director

Public sector

About us

About us

Contact

Broviken

Local websites

Sweden

Denmark

Germany

Sweden

Norrlandsgatan 10
111 43 Stockholm

+46 10 10 10 150
kontakt@brightmill.se

Denmark

Bredgade 6
1260 Copenhagen

+45 35 12 10 00
kontakt@brightmill.dk

Germany

Ballindamm 3
20095 Hamburg

+49 40 210 505 30
kontakt@brightmill.de

© 2025 Brightmill AB

Whistleblowing

|

Privacy policy

|

Cookie policy