1. General Information on Data Processing
Fullview (“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how your personal information is collected, used, and disclosed by Fullview.
This Privacy Policy applies to our website, and its associated subdomains (collectively, our “Service”). Processing activities not covered by this Privacy Policy can be supplemented by further Privacy Policies.
1.1 Controller
Controller within the meaning of the GDPR is
Fullview ApS
Kultorvet 11, 2. TV
1175, København K
Denmark
1.2 Data Protection Officer
We have appointed an external data protection officer through Simpliant. Simpliant also advises us on the implementation and operation of our data protection management system. More information about Simpliant can be found at https://www.simpliant.eu.
You can reach our appointed data protection officer:
Fullview
- Data Protection Officer -
Kultorvet 11, 2. TV
1175, København K
Denmark
privacy@fullview.io
1.3 Data subject rights
You can exercise the following rights:
- Right to information about your data stored by us and their processing (Article 15 GDPR),
- Right to correct incorrect personal data (Article 16 GDPR),
- Right to have your data stored by us deleted (Article 17 GDPR),
- Right to restriction of data processing if we are not yet allowed to delete your data due to legal obligations (Article 18 GDPR),
- Right to data portability of data if you have consented to data processing or have concluded a contract with us (Article 20 GDPR),
- Right to object to the processing of your data by us (Article 21 GDPR).
To exercise your rights, you can contact us by email: privacy@fullview.io
We usually need your name and e-mail for identification purposes. In individual cases, further information may be required.
You can submit a complaint to a supervisory authority at any time, e.g. to the competent supervisory authority of the federal state in which you live or to the authority responsible for us.
The authority responsible for us is:
The Danish Data Protection Agency (Datatilsynet)
Carl Jacobsens Vej 35
2500 Valby
Tlf. 33 19 32 00
dt@datatilsynet.dk
https://www.datatilsynet.dk
- Processing of Data, Purpose and Legal Basis
We process your personal data in accordance with the provisions of the EU General Data Protection Regulation (GDPR) and the Danish Data Protection Act (DPA).
The legal basis for all our processing activities is based on Art. 6 para. 1 GDPR.
In particular, your data will be processed on the basis of the following legal bases:
- Art. 6 para. 1 lit. a) GDPR - your consent
- Art. 6 para. 1 lit. b) GDPR - fulfillment of a contract or pre-contractual measures
- Art. 6 para. 1 lit. c) GDPR - fulfillment of a legal obligation
- Art. 6 para. 1 lit. f) GDPR - legitimate interests
Several legal bases may apply to the individual processing activities.
1.5 Duration of storage
The duration of data storage depends on the respective data and processing activity. If the storage period is not specified further, your personal data will be deleted or restricted as soon as the purpose or legal basis for storage no longer applies. Personal data will not be deleted if the storage is required by law and in the event of a possible legal dispute.
1.6 Data Security
To protect the security of your data during transmission, we use technical and organizational security measures, in particular the encryption of our website to prevent unauthorized access by third parties. The data collected from you is generally hosted on ISO 27001 certified servers. Our security measures are continuously improved and adapted according to technological developments.
1.7 Transmission to Service Providers
We use service providers to provide our offers. These service providers are processors and contractually obliged to process your data exclusively in accordance with our instructions.
We may also send data to other companies, which are not processors, but only if we have a legal basis which makes the data access or transfer legal.
Feel free to contact us for more information on the processors we engage and how we ensure safe data processing in the event of a third-country transfer.
1.8 Data transfer to third countries
Unless otherwise stated below, your data will not be transferred to a third country outside the European Union. Your personal data will only be transferred to third countries if the requirements of Art. 44- 49 GDPR are met, in particular standard contractual clauses, binding corporate rules, adequacy decision of the Commission.
1.9 No Obligation to Provide Data, No Profiling
You are not obliged to provide us your personal data. Each data provision is voluntary. However, the use of our services is partially only possible if we process your personal data. Your data will not be used for profiling or automatic decision-making.
2. Website
Our website offers different functionalities for the visitor, which are described in more detail below.
2.1 Server logs
Nature and purpose of data processing:
When you access our website, information of a general nature is automatically collected. This information, known as server log files, includes:
- IP address
- Access provider name
- Browser type, browser software version and browser language
- Operating system
- Date and time of access
- Content of access
- Amount of data transferred
- Access status (successful transfer/error)
- Web page(s) to which the access was redirected
- Visited websites
Legal basis:
Processing is carried out in accordance with Article 6 para. 1 lit. f) GDPR based on our legitimate interest in providing the website and improving and monitoring the security, stability and functionality of the website.
Recipient:
The recipient of the data is a technical service provider who are responsible for the operation (hosting) and maintenance of our website. Our specially rented servers and hosting providers are located in Frankfurt, Germany.
Retention period:
Server log files are deleted after 30 days, unless a security-related event occurs. In these cases, server log files are stored until the security-relevant event has been eliminated and fully resolved.
2.2 Contact
Nature and purpose of processing:
To provide you with the best possible support in the context of using our offers, we offer you the possibility to contact our customer service in the form of a chat or by e-mail.
Legal basis:
The processing of the data you send by e-mail is based on a legitimate interest (Art. 6 para. 1 lit. f) GDPR) in efficient and simple communication with you or to carry out contractual or pre-contractual measures (Art. 6 para. 1 lit. b) GDPR).
Transfer to Third Countries:
When using our chat, data is transferred to the United States of America. The order processing contracts with the service provider contain Standard Contractual Clauses approved by the EU Commission and appropriate guarantees that data protection obligations will be met.
Retention period:
If no legal retention periods require the storage of the data or the type of processing requires the ongoing processing of personal data, your data will be deleted no later than 5 years after the last contact. If a contractual relationship is established, your contact details will be stored for as long as this contractual relationship lasts. If we are subject to statutory retention periods, we will comply with them and delete your data after these periods have expired.
2.3 Fullview Account
Nature and purpose of processing:
You can request access to a free Fullview account or upgrade your account.
Legal basis:
The processing of your data is necessary to carry our pre-contractual measures (Art. 6 para. 1 b) GDPR to provide our service.
Retention period:
Your data will be stored for as long as you have a Fullview account. If we are subject to legal retention periods, we will comply with these and delete your data after these periods have expired.
3. Cookies
3.1 General Information
Nature and purpose of data processing:
Our website uses „cookies“. Cookies do not cause any damage to your device and do not contain viruses. Cookies serve to make our offer more user-friendly, effective and secure. Cookies are small text files that are stored on your terminal device and in your browser.
All detailed information about the cookies used on this website can be found in our cookie consent banner. You can also change your consent settings with the banner at any time.
We would like to point out that the use and especially the comfort of use may be limited without the use of cookies. The cookies are set via a consent management tool.
Legal basis:
We use cookies, which are strictly necessary for our legitimate interest (Art. 6 para. 1 lit. f) GDPR) to provide a functional and safe website for you. For all other purposes, the placement of cookies requires your consent (Art. 6 para. 1 lit. a) GDPR).
3.2 Consent Management
Nature and purpose of processing:
Our website uses cookies for various processing activities for which your consent is required. To obtain such consent and store it, we use a consent management tool. As part of this, a cookie - a small text file - is set on your terminal device to register your selection/consent. On our website, you can make gradual privacy settings regarding these cookies.
Legal basis:
The processing is based on our legitimate interests in documenting compliance with the provisions of the GDPR regarding obtaining consent (Art. 6 para. 1 lit. f) GDPR).
You can find more information under the item "Cookies".
3.3 Performance
Nature and purpose of data processing:
This website uses cookie-based technologies to help us better understand how the website is used and how we can further optimize it for the benefit of performance and user experience. We do this by compiling reports about activity (e.g. which pages were visited and which buttons were clicked) on the website that do not identify specific individuals.
Legal basis:
The processing is carried out with your consent in accordance with Art. 6 para. 1 lit. a) GDPR.
3.4 Targeting
Type and purpose of data processing:
We use cookie-based technologies that help us deliver relevant and personalized advertising ("targeted advertising"). In addition, we track the effectiveness of our online advertising by seeing whether users were redirected to our website after clicking on such advertising ("conversion tracking"). We may also use service providers to identify users who have visited our website as potential customers and recipients of advertising ("retargeting").
Legal basis:
The processing is carried out with your consent in accordance with Art. 6 para. 1 lit. a) GDPR.
4. Social Media
Type and purpose of data processing:
We maintain publicly accessible profiles on social networks. The social networks used by us in detail can be found below.
By visiting our social media presence, numerous data protection-relevant processing operations are triggered.
For the purpose of establishing an online presence, we operate social media accounts. We regularly publish posts and communicate with you within the comments or via direct messages.
The respective provider assumes the data protection obligations towards you as a user, such as informing you about data processing, and is the contact person for your rights. This results from the fact that such a provider has direct access to the relevant information on the social media site and the processing of your data.
Insofar as you have given your consent (Art. 6 para. 1 lit. a) GDPR) to the respective social media operator, your data will be collected and stored when you visit our profiles. The detailed use of your data by the respective social media operator, as well as a contact option and your rights and settings options in this regard to protect your privacy, can be found in the privacy notices of the operators linked below.
- Facebook: https://www.facebook.com/privacy/policy
- LinkedIn: https://www.linkedin.com/legal/privacy-policy
- Instagram: https://privacycenter.instagram.com/policy
- Twitter: https://twitter.com/de/privacy
- YouTube: https://policies.google.com/privacy
- Google My Business: https://policies.google.com/privacy
Legal basis:
Our social media presence is intended to ensure our presence on the Internet. This is a legitimate interest within the meaning of Art. 6 para. 1 f) GDPR. The analysis processes initiated by the social networks may be based on different legal bases, which are to be specified by the operators of the social networks (e.g. consent within the meaning of Art. 6 para. 1 a) GDPR).
Responsible party and assertion of rights:
If you visit one of our social media sites (e.g. Facebook), we are jointly responsible with the operator of the social media platform for the data processing operations triggered during this visit. In principle, you can assert your rights (information, correction, deletion, restriction of processing, data portability and complaint) both against us and against the operator of the respective social media portal (e.g. against Facebook).
Please note that despite the joint responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options are largely determined by the corporate policy of the respective provider.
Transfer to Third Countries:
When visiting any of our social media profiles, data may be transferred to the United States of America. Standard Contractual Clauses approved by the EU Commission and appropriate guarantee that data protection obligations will be met.
Retention period:
The data collected directly by us via the social media presence will be deleted from our systems as soon as the purpose for storing it no longer applies, you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies. Mandatory legal provisions - in particular retention periods - remain unaffected.
We have no influence on the storage period of your data, which is stored by the operators of social networks for their own purposes. For details, please contact the operators of the social networks directly.
5. Job Applications
Type and purpose of data processing:
If you are a Fullview applicant, we collect information you voluntarily provide to us. We use the information collected for Human Resources purposes in order to screen applicants. In addition, we may also have received data from third parties (e.g. personnel service providers or applicant platforms) if you have applied to us via such a platform. In addition, we may process personal data that we have legitimately received from publicly available sources (e.g. professional social networks).
In order to accept and evaluate your application and depending on the data you have provided, we may process the personal data such as name, contact details, application photo, files and documents such as references and certificates that you send us in connection with your application.
Legal basis:
The processing of the data that you have provided to us as part of the application process takes place on the basis of Article 6 para. 1 lit. b).
Recipients:
Only the departments and groups of people directly involved in the recruitment process have access to the data you provide. All employees involved have been obliged to treat your data confidentially.
In addition, the data can be processed by the service providers (e.g. job platform). As processors, the service providers are obliged to process the data only within the framework of our instructions or - depending on the use of the service provider - as jointly responsible according to the GDPR.
Retention period:
Your personal data will be stored for five years after the end of the application process. If you are hired, we will include the data provided in our personnel file. Personal data will not be deleted if storage is required by law and in the event of a possible legal dispute.
6. Links to Other Websites
This Privacy Policy applies only to our website and Services. We may contain links to other websites not operated or controlled by Fullview. We are not responsible for the content, accuracy or opinions expressed in such websites, and such websites are not investigated, monitored or checked for accuracy or completeness by us.
Please remember that when you use a link to go from the Services to another website, our Privacy Policy is no longer in effect. Your browsing and interaction on any other website, including those that have a link on our platform, is subject to that website’s own rules and policies. Such third parties may use their own cookies or other methods to collect information about you.
7. US Privacy Laws
7.1 California Residents
The California Consumer Privacy Act (CCPA) requires us to disclose categories of Personal Information we collect and how we use it, the categories of sources from whom we collect Personal Information, and the third parties with whom we share it, which we have explained above.
We are also required to communicate information about rights California residents have under California law. You may exercise the following rights:
- Right to Know and Access. You may submit a verifiable request for information regarding the: (1) categories of Personal Information we collect, use, or share; (2) purposes for which categories of Personal Information are collected or used by us; (3) categories of sources from which we collect Personal Information; and (4) specific pieces of Personal Information we have collected about you.
- Right to Equal Service. We will not discriminate against you if you exercise your privacy rights.
- Right to Delete. You may submit a verifiable request to close your account and we will delete Personal Information about you that we have collected.
- Request that a business that sells a consumer's personal data, not sell the consumer's personal data.
If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us.
We do not sell the Personal Information of our users.
For more information about these rights, please contact us.
7.2 California Online Privacy Protection Act (CalOPPA)
CalOPPA requires us to disclose categories of Personal Information we collect and how we use it, the categories of sources from whom we collect Personal Information, and the third parties with whom we share it, which we have explained above.
CalOPPA users have the following rights:
- Right to Know and Access. You may submit a verifiable request for information regarding the: (1) categories of Personal Information we collect, use, or share; (2) purposes for which categories of Personal Information are collected or used by us; (3) categories of sources from which we collect Personal Information; and (4) specific pieces of Personal Information we have collected about you.
- Right to Equal Service. We will not discriminate against you if you exercise your privacy rights.
- Right to Delete. You may submit a verifiable request to close your account and we will delete Personal Information about you that we have collected.
- Right to request that a business that sells a consumer's personal data, not sell the consumer's personal data.
If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us.
We do not sell the Personal Information of our users.
For more information about these rights, please contact us.
8. Changes To Our Privacy Policy
We reserve the right to adapt this data privacy statement in order to always comply with the current legal requirements or to present changes to our offers in the data protection declaration (e.g., when introducing new services). The current version of the data privacy statement applies in each case.
9. Contact Us
Don't hesitate to contact us if you have any questions at hello@fullview.io