Fairec’s treatment of your personal data
We only collect and process personal data about you when we need to, and for a specific purpose – which of course is different depending on your relationship with us.
Who we are
Fairec ApS (CVR: 45143562) (hereafter Fairec, we or us) is the data controller for the processing of your personal data described in this policy. This means we have a responsibility to keep your personal data safe, to only use it for legal purposes, and to inform you about it – so that you can exercise your rights!
At Fairec, we respect your privacy and want you to feel safe and informed of how your personal data is processed by us. Here you will find information about which data Fairec processes, for what purposes, the legal basis for the processing, for how long the information is processed, and your rights under GDPR (General Data Protection Regulation (EU)2016/679). This privacy policy governs the manner in which Fairec collects, uses, maintains, and discloses information about you. This privacy policy also applies to the website (www.fairec.io) and all products and services offered by Fairec.
For us to be able to process your personal data, we must have a legal basis for each personal data processing. There are six available legal bases under the GDPR and there are four that are relevant to us:
Consent – You have given us permission to process your personal data for a specific purpose, being fully informed about what data we process, how, and why. You can withdraw your consent at any time, after which we will stop any process for this purpose, without a negative impact on any contract with us.
Agreement – You have entered into an agreement with us or have asked us to do so. We will manage your personal data to fulfill the terms and conditions of the agreement.
Legal obligation – We, as a company, must process your personal data to comply with legislation.
Legitimate interest – When we have a legitimate interest in processing your data, the purpose is similar to that which it was collected, and while there is little risk of the processing infringing on your privacy, we may rely on the legal basis of legitimate interest.
You have the right to know what personal data we process about you and for what purpose. This is easily exercised through a so-called Data Subject Access Request (DSAR). Find our contact details below to start the process. To make sure that no one except you get access to your data for this purpose, we will first ask you to identify yourself. This can be done more than once but be aware that misuse of this right and excessive amounts of requests will result in a small charge to cover our administrative expenses.
You have the right to have inaccurate personal data about you rectified. You can also ask us to supplement any incomplete personal data.
You can request that we delete the personal data we process about you if any of the following applies:
If you request to delete your personal data, we will make an effort to also inform those we may have provided/transferred the personal data to about the request.
You have the right to request that our processing of your personal data is restricted. Restriction means that the data information is marked so that in the future it may only be processed for certain limited purposes. We may also restrict the processing while awaiting a decision on deletion.
You have the right to obtain your personal data in a structured and machine-readable format. You also have the right to get your personal data transferred to another data controller, where technically feasible. This right only applies to personal data which you yourself have provided us, and when the data has been processed on the legal basis of consent or contract.
When you apply for a job at a company other than us, which uses our Service, that company is generally considered the data controller for personal data processing. They are responsible to inform you about this, please check their privacy policy.
When you apply for a job at Fairec or at another company where we decide on the process (what questions to ask and why),we are the data controller of the personal data processing as described below.
· Manage your application for job vacancies, which means that we evaluate your competencies – professional knowledge and experience, talent, motivation, and personality.
* We advise you not to provide us with sensitive personal information regarding ethnic origin; political opinions; religious or philosophical beliefs; membership of trade union, information on health, and information on gender affiliation. We, therefore, reserve the right, without your consent, to delete all the above information, as well as personal information relating to others than yourself.
From you:
By us:
From third party:
When you apply for a job with us, we process your data based upon you wanting an employment contract with us (legal basis: agreement, under GDPR). Some processing is only done after your explicit consent, for example, photographs when that is not strictly necessary to fill a position.
When we are responsible for the screening process at another company, we are responsible for the processing and base it on our legitimate interest.
We share your personal data with sub-contractors (sub-processors) who perform services on our behalf (such as technical, administrative, market-related, or other services) when required for the purposes mentioned above. These suppliers may not use your personal data for their own purposes, which we have regulated in agreements with these suppliers.
Your personal data may also be disclosed when required by law such as, for example, the Discrimination Act or to the Data Protection Authority.
We use the following categories of sub-contractors (processors):
When a recruitment company or one of our clients uses our service for parts of their recruiting process, they are themselves controlling the purpose and means and are therefore the data controller (they will inform you about this themselves).
We will keep your personal data as long as we have your consent and we have a further use and purpose for the data. When your personal data is processed to protect our legitimate interest, we will keep the data for 12 months due to the provisions of the Discrimination Act and possible appeals.
We do not keep your personal data for undefined purposes.
When you become an employee of Fairec, you enter into an agreement with us as an employer. We are also required to process personal data about you to comply with several different types of legislation that we as an employer are subject to.
Please note that the above list is not exhaustive and other information may be considered.
From you:
By us:
From third parties:
We share your personal data with third-party providers that we use to perform services on our behalf (such as technical, administrative, market related, or other services) when required for the purpose of managing your employment. These third-party suppliers may not use your personal data for their own purposes, which we have regulated in agreements with these suppliers.
We use the following categories of sub-contractors (processors):
We share data within our company based on our legitimate interest and for administration purposes.
As our employee, you have an employment contract. When you later end your employment, we must, according to Danish law, further process some of your personal data, for example to ensure you get the right pension (legal obligation). We may also keep some of your personal data based on your consent, to act as a reference for future employment elsewhere.
We will keep your personal data as long as is needed to fulfill our obligations from your employment, to fulfill legal obligations, or as long as your consent is valid, based on the purpose and legal basis of the processing. We do not keep data just for the sake of keeping data.
We may process personal data about you (as an employee of our supplier), to maintain our professional relationship and ensure continued services between our companies. This may apply to personal data concerning customer managers, support functions, service personnel, finance department or other key personnel.
From you:
By us:
From third party:
We share your personal data with sub-contractors (sub processors) who perform services on our behalf (such as administrative, market-related or other services) when required for the purposes mentioned above. These suppliers may not use your personal data for their own purposes, which we have regulated in agreements with these suppliers.
We use the following categories of sub-contractors (processors):
We have a legitimate interest based on a contract with your employer.
As long as you are an important contact for us regarding our professional relationship, we will save your data. If it comes to our knowledge that your duties at your company have changed or that you no longer are employed, the data will be deleted.
Customer: If you work at one of our customer companies, as a recruitment manager or as a contact person, we process certain personal data to be able to maintain our professional relationship and to provide the service to our customers as well as keep you updated by periodic emails. Further, to comply with legislation e.g. Book-keeping Act and tax law.
Potential customers: To be able to offer our services to companies that don’t know about us or don’t buy services from us, we collect contact information for key people at companies that we want to be able to contact and process for marketing purposes.
Demo participant: If you sign up for a demo at our website, we will process your personal data in order to send you an invitation for the demo and also to reach out afterwards and ask you how your experience was. If we perform demo on site with you, we will process your interview with the Fairec platform to demonstrate its functions.
Customer service requests: Information you provide helps us respond to your customer service request and support needs more efficiently.
From you:
By us:
From third party:
We share your personal data with sub-contractors that we use to perform services on our behalf (such as technical, administrative, market-related or other services) when required for the purpose of managing our collaboration or for us to process you as a potential customer. These sub-contractors may not use your personal data for their own purposes, which we have regulated in agreements with these suppliers.
We use the following categories of sub-contractors:
We share data within our company based on our legitimate interest and for administration purposes.
When we provide services as well as market ourselves to other companies and process personal data of their employees, we use legitimate interest as a legal basis. When you have signed up for a demo, we will process your personal data based upon your consent. For personal data processing to comply with legislation, e.g. Book-keeping Act, we base the processing on legal obligations.
As long as you are an important contact for us regarding our professional relationship, we will save your data. If it comes to our knowledge that your duties at your company have changed or that you no longer are employed, the data will be deleted. For the processing based upon consent, we will process your personal data until you revoke your consent.
References are contacted in a recruitment process. For us to be able to contact the reference we need name and telephone number. In most cases, we also need to know the reference’s position and relationship with the candidate (e.g. manager).
When someone is employed, we collect a so-called emergency contact, a close relative of the employee whom we can contact if it should happen during working hours or on commitment / travels that takes place within the framework of work.
People who contact us on social media, by phone, website (including chat) and by email.
If you as an individual have contacted us with questions of any kind, we may save your personal data in order to be able to contact you later on.
Collaborators, colleagues in our industry, people in professional networks, media contacts etc. We may save your contact information for future communication. We, as a company, must be able to save this information in order to effectively operate in the market and create relationships that promote our and other companies’ growth.
To improve our website, we may use feedback you provide to improve our products and services
To run a promotion, contest, survey or other website feature or to send information you agreed to receive about topics we think will be of interest to you.
If you decide to opt-in to our mailing list, you will receive emails that may include company news, updates, related products or service information, etc.
We may collect personal data from you in a variety of ways, including but not limited to, when you visit our site, register on the website, subscribe to the newsletter, respond to a survey, fill out a form, and in connection with other activities, services, features or resources we make available on our website. We may collect, as appropriate, name, email address and phone number.
We may collect non personal identification information about visitors whenever they interact with our website. Non-personal identification information may include the browser name, the type of computer and technical information about visitors means of connection to our website, such as the operating system and the Internet service providers utilized and other similar information.
From you:
By us:
From third party:
We distinguish between people who are in contact with us as a private person and people who are in contact with us as are presentative from another company. Personal data for private persons, we are more restrictive with and generally don’t share these data with anyone external. When it comes to personal data for professionals, we are not as restrictive, as sharing contacts within the professional network promotes business and corporate growth. We have the opinion that personal data regarding representatives from a company isn’t as sensitive to privacy as personal data relating to a private person.
We use sub-contractors that perform services on our behalf (such as technical, administrative, market-related or other services) when required for the purpose of managing contacts with other stakeholders. These sub-contractors may not use your personal data for their own purposes, which we have regulated in agreements with these suppliers.
We use the following categories of sub-contractors:
We share data within our company based on our legitimate interest and for administration purposes.
The legal basis for processing personal data for this group may vary depending on in what respect our contact has arisen. In most cases, we will use legitimate interest as a legal basis. If we see that the individual who’s personal data, we processed ends up in one of the other interest groups, the legal basis that is applicable to that group will apply.
If at any time you would like to unsubscribe from receiving future emails, we include detailed unsubscribe instructions at the bottom of each email or you may contact us via our website.
The references’ contact details will be saved solely regarding the candidate who has been hired. We save the data and the reference protocol together with the candidate’s other documents for 24months due to the provisions of the Discrimination Act and possible appeals.
Saved as long as someone is employed. The employee is responsible for ensuring that the data is correct and updated.
Personal data is processed as long as the data is needed to enable and maintain communication.
During the process of establishing a professional relationship and contact in marketing purposes we will keep the data as long as we maintain a legitimate interest.
We process cookies according to our separate cookie policy. Apart from cookies that are needed for the website to run and any setting you have yourself requested, we only collect data via cookies after and based on your consent. Further processing might be based on other legal bases according to its purpose and as otherwise described in this policy.
We occasionally conduct surveys via our newsletter and other communication with you. This is based on your consent. The personal data is saved and processed for as long as we have your consent, or at most for as long as we need the data for the purpose of the survey.
Until you decide to opt-out of our mailing list. In each email there is information about how to opt-out.
In addition to any definitions set out elsewhere in the Agreement, defined terms shall have the meaning set out below:
“Agreement” means the Purchase Order, these General Terms and the appended data processing agreement (if applicable) as well as any Customer-specific supplementary agreement
“Authorised Users” means the users or groups of users authorised by Fairec to make use of the Customer's Services asset out in Purchase Order.
“Authenticated Users” means those Authorised Users who require a personal login to the Services.
“Clause” means the clauses of these General Terms.
“Customer” means the legal entity specified as such in the Purchase Order.
“Deliverables” means any applications, widgets, extensions or other software and Updates delivered by Fairec as part of the Services
“General Terms” means these Fairec General Terms and Conditions.
“Monthly Fees” means the monthly fees for the applicable Service Plan payable throughout the Term.
“Parties” mean Customer and Fairec collectively.
“Party” means either of Customer or Fairec.
“Purchase Order” means the purchase order sent to the Customer by Fairec based on the order made by the Customer to Fairec.
“Fairec” means Fairec ApS.
“Fairec IP Rights” means copyrights, designs, patents, trademark rights, domain names, any other proprietary intellectual property rights, and know-how to the Services including the software, and any Updates.
“Fairec Platform” means the HR tool provided as part of the Services which depending on the Service Plan grants access to recruitment and applicant screening tools and Service Plan upgrades.
“Services” means the Fairec Platform included in the Service Plan, including Fairec Platform, Support, maintenance, and underlying server infrastructure services provided by Fairec in accordance with these General Terms.
“Schedule” means a schedule to the Agreement.
“Service Plan” means the Fairec service plan and the features and services included therein which the Customer subscribes for as set out in the Purchase Order.
“Support” means the software support operated and made available by Fairec as further described in Clause 1.7.
“Update” means software or patches, fixes, and/or enhancements to the software (including Deliverables) created and released by Fairec as part of the Services.
1.1.1. Fairec grants Customer a non-transferable and non-exclusive right to use the Services subject to the terms and conditions set out in the Agreement and Customer's payment of all applicable fees under the Agreement.
1.1.2. Customer may only use the Services for the Customer's business purposes in accordance with these General Terms (including Clause 1.4). The Customer may not decompile, modify, reverse engineer, or create derivative works of the Services.
1.1.3. Customer agrees not to transfer, sublicense, lease, lend, or in any other way make available the Services in whole or in part to a third party.
1.2.1 The Services are partially comprised of certain open-source software components, which is subject to the terms and conditions of the respective open-source license agreements.
1.3.1 The Services include access to the Fairec Platform consistent with the Service Plan subscribed for by the Customer, as set out in the Purchase Order.
1.3.2 Customer may upgrade the Service Plan. A new Purchase Order will be sent to the Customer upon confirmation. The corresponding changes to the Monthly Fee shall accrue from the date thereof.
1.3.3 Customer accepts that Fairec makes Updates. Fairec shall inform Customer of major Updates. Fairec is not obligated to provide or procure any Updates, except such Updates necessary to keep the Services in an operational state.
1.4.1 Customer is obliged to control and limit which users have access to the Services so as to ensure that only Authorised Users can make use of the Services. If the Customer has more than one Fairec Service Plan, Customer is solely responsible for ensuring which users have access to the relevant Services and thus the Customer data.
1.4.2 Each individual Authenticated User will upon request be provided with an authentication for the Services only to be used by that individual. Customer is responsible for the users' authentications and all activity carried out in relation to its Authenticated Users' accounts. Customer and its Authenticated Users must keep authentications confidential, and Customer undertakes to immediately shut down accounts of Authenticated Users who are no longer Authorised Users. Customer must notify Fairec immediately in case of any possible misuse of authentications or any security incident related to the Services.
1.4.3 If part of the Customer's chosen Service Plan, each individual Authenticated User may inherit such user rights as designated by Customer in the operating environment of Customer when using the Services.
1.5.1 To use Fairec Platform, running the latest version of a common, generally approved operating system is required, i.e. Microsoft Windows, Mac OS, iOS, Linux, and Google Android.
1.5.2 Fairec provides standard integrations for Customer to use the Service). An overview of available integration can be found on www.fairec.io.
1.5.3 The Fairec Platform may be accessed through a web browser. To use the Fairec Platform, running the latest version of a common, generally approved web browser is required.
1.6.1 Fairec shall providethe Services in accordance with the service description.
1.6.2 Customer is aware of and accepts that planned, as well as unplanned, downtime can occur and that Fairec guarantees a 99.9% uptime/month.
1.7.1 Fairec shall provide Support for Customer for all service requests regarding the Services. The Support is responsible for the life-cycle management of all error categorization and Support as well as service requests and for keeping Customer informed of progress and advising on workarounds.
1.8.1 Customer shall follow all reasonable instructions and recommendations given by Fairec in respect of use of the Services. Customer shall cover any additional costs of Fairec incurred by Customer not fulfilling its obligations.
1.9.1 Fairec's Services including Support do not cover the following or in the following situations:
2.1.1 All fees are specified in the Purchase Order.
2.1.2 All fees are exclusive of VAT and other applicable taxes which shall be paid by Customer.
2.1.3 If not otherwise agreed in the Purchase Order, Fairec shall be entitled to invoice Customer annually in advance. All invoices issued by Fairec shall be paid within 30(thirty) days from the date of the invoice.
2.1.4 Late payments will incur interest at a rate of 2% (two per cent) per month until payment is received.
2.1.5 If not otherwise agreed, the fees shall be subject to indexation every year on 1 January in accordance with changes in the preceding year (from 1 Jan to 1 Jan) in the Harmonised Index of Consumer Prices (HICP) for the European Union (full data available on https://ec.europa.eu/eurostat/databrowser/view/prc_hicp_aind/default/table?lang=en). If the change in the index is negative, no adjustment will be made
2.2.1 Each Party shall maintain confidentiality of the other Party's confidential information. In particular, Customer shall keep the terms of this Agreement, any Deliverables, and all other information obtained by the Customer, its employees or advisors in connection with this Agreement confidential.
2.2.2 The Customer may provide access to the Agreement to a third-party providing services to Customer, provided such third party to whom the information is disclosed is made aware of the confidentiality obligations under this Agreement and provided the Customer imposes similar confidentiality obligations on such third party. Customer shall be liable for any misappropriation or disclosure of any of the materials set out above by such third party in breach of this Agreement.
2.2.3 Upon termination of this Agreement, for whatever reason, the Parties shall immediately return or irrevocably delete all documents or other materials, which have been received from the other Party, except materials that in accordance with statutory requirements must be maintained for archiving purposes or personal data subject to the Data Processing Agreement. Upon the other Party’s request, each Party shall confirm the deletion in a written statement to the other party.
2.2.4 Fairec shall not in any way be restricted from using any general and specific knowledge and know-how obtained from Customer.
2.3.1 Customer data stored via the Services is the property of Customer.
2.3.2 Fairec is entitled to process Customer's data for the purpose of Customer's use of the Services, including through scraping the Customer's website, through the Customer's upload to cloud infrastructure included in the Services, or through connection of the Services, used for training each Customer-specific model, and otherwise processed by Fairec. Customer is solely responsible for ensuring which data is made available to Fairec.
2.3.3 Each Party shall retain ownership to its own or its licensors’ intellectual property rights. Customer shall indemnify and hold Fairec harmless from any claim that Customer data infringes third party intellectual property rights or infringes applicable law.
2.3.4 Upon request, Customer is entitled to have Fairec delete Customer's data. Customer is to pay Fairec to do so.
2.3.5 Fairec shall protect any Customer data, including personal data and any data confidential in nature in accordance with Clause 2.2, in accordance with the Data Processing Agreement.
2.3.6 Irrespective of Clause 2.2 and this Clause 2.3, Fairec may use Customer data for the purposes of improving the Services or other of Fairec's offerings. For such use, Customer agrees that all Customer data undergo an anonymisation process designed to ensure that no personal data is processed by Fairec in pursuit of Fairec's purposes.
2.3.7 Notwithstanding Clause 2.2.3 and 2.3.4, Fairec shall be entitled to keep anonymised data which have been generated through Customer's use of the Services, including questions asked and answers given.
2.4.1 Customer must comply with applicable data protection law and shall be considered data controller for any personal data processed under this Agreement.
2.4.2 Any processing of personal data carried out by Fairec on behalf of Customer is done solely pursuant to the GDPR Compliance policy agreed to by the parties in the Agreement.
2.5.1 Fairec shall not be liable for any of the following losses or damage (whether such losses or damage were foreseeable, known or otherwise):
2.5.2 The total aggregate liability of Fairec in any one calendar year under this Agreement, including byway of tort and indemnity in any form, shall in no event exceed the Monthly Fees paid in the 12 months leading up to such liability event.
2.6.1 Any Fairec IP Rights shall remain solely with Fairec.
2.6.2 If a third-party claims that Fairec or the Services infringe third party rights, Customer shall immediately inform Fairec in writing and Fairec shall take over the defence of the claim. Fairec shall at its cost have full control of any proceedings arising out of any claim of infringement of third-party rights. Customer shall give Fairec all reasonable assistance in respect of any such proceedings. Customer may not make any admission as to liability and shall not agree to any settlement or compromise any action without the prior written consent of Fairec.
2.6.3 Fairec agrees to indemnify Customer against any damages and costs imposed on Customer by a court of competent jurisdiction or any settlement sum approved by Fairec as a result of a claim by a third party that the use by Customer of the Services in accordance with the terms of this Agreement infringes the intellectual property rights of that third party, provided that such indemnity shall only apply if and to the extent that Customer has not been provided with a work around solution or an alternative license obtained by Fairec from such third party.
2.6.4 If Fairec cannot on commercially reasonable terms provide a work around or an alternative license, then Fairec can terminate the Agreement with respect to the affected parts of the Services (as relevant). Customer shall refrain from using the affected parts of the Services and Fairec shall not charge further on-going fees to the affected parts of the Services.
2.6.5 The foregoing rights of Customer shall be the sole remedies available to Customer in the event of third-party infringement claims.
2.6.6 Fairec shall not be liable for indemnifying Customer for any costs or damages if the infringement claim (i) is based on the use of an amendment, change, or modification made to the Services by any person other than Fairec or any supplier to Fairec; (ii) is based on a combination of the Services with other systems not provided by Fairec;(iii) if the Services are not being used in accordance the Agreement; or (iv)if the alleged infringement would have been avoided or otherwise eliminated by the use of an Update which Customer has rejected
2.6.7 If Customer becomes aware of any infringement or potential infringement of Fairec IP Rights, it shall promptly notify Fairec in writing.
2.7.1 After the expiration the term explicitly stated in the Purchase Order, during which the Agreement cannot be terminated (except to the extent explicitly allowed for in the Agreement),the Agreement is automatically renewed for another one (1) year-period each year until Customer terminates this Agreement with effect on the last day of such a one (1) year-period by giving three (3) months' written notice.
2.7.2 After the expiration the term explicitly stated in the Purchase Order, during which the Agreement cannot be terminated (except to the extent explicitly allowed for in the Agreement), Fairec may terminate the Services with effect on the last day of a month by giving three (3) months' written notice.
2.7.3 If Customer or Fairec is in material breach of any of its obligations under this Agreement and such breach is not remedied within 30 days after the receipt of a written notice hereof, or if the breach is not curable, the non-breaching party shall without further notice, be entitled to terminate the Agreement with immediate effect.
2.7.4 In case of termination of this Agreement, irrespective of the reason therefore, Customer shall immediately cease any use of the Services and be under an obligation to return all material related hereto to Fairec. In case of termination due to Customer's material default, Customer shall not be entitled to receive repayment of any of the payments made under the Agreement.
2.7.5 All obligations of the Parties under Clauses 2.6 and 2.2 shall survive the termination of the license granted under this Agreement in addition to those Clauses that in accordance with their content are of a surviving nature.
2.8.1 Fairec may change these General Terms from time to time. The current version of these General Terms are available on Fairec's website, at https://www.fairec.io/corporate-policies.Fairec will notify the Customer directly of all material changes with reasonable notice (in no event less than one (1) month). If such material changes have material adverse effects for the Customer, the Customer will have thirty (30) calendar days from the notification date to object to the change inwriting to Fairec. The objection of the Customer must be well-founded. Such objection will entitle the Customer to terminate this Agreement with effect from the date of the material changes. Absence of any objections from the Customer shall be deemed a consent to the change.
2.8.2 Fairec shall notify Customer regarding developments, which could significantly impede Fairec's current or future ability to provide the Services.
2.9.1 Fairec shall be responsible for its use of any subcontractors, as if Fairec had performed such services itself.
2.9.2 Entering into this Agreement, Fairec makes use of the subcontractors set out in the Agreement, which Customer hereby approves. For underlying cloud infrastructure, Fairec uses Amazon Web Services (EU). Customer accepts the standard terms of the chosen subcontractor for underlying cloud infrastructure in effect from time to time.
2.9.3 Irrespective of the above, Fairec may freely perform further outsourcing or chain outsourcing of services.
2.10.1 Fairec agrees to comply with laws, regulatory requirements, and guidelines applicable to it as a service provider during this Agreement.
2.11.1 Neither Party shall be liable for failure or delay in performance of its responsibilities hereunder when such failure or delay is caused by wars, riots, uprisings, general strikes or labour disturbances, fire, flooding, natural disasters, monetary restrictions, trade embargoes, epidemics, transportation delays, interruption or breakdown in energy or internet supplies, compliance with the laws, acts, orders, rules, or regulations of any government body, or any other cause whether or not similar to those specified herein, beyond the reasonable control of the said Party.
2.12.1 Fairec reserves the right to transfer its rights and obligations under this Agreement to another party, provided: (i) that such party is controlling, controlled by, or under common control with Fairec; or (ii) that transfer is made to a third party in connection with a bona fide transfer of all or a part of Fairec’s business.
2.12.2 Customer shall not be entitled to assign the Agreement nor any rights or obligations under the Agreement.
2.13.1 Fairec shall have the right to use Customer as a reference, e.g. on its website, in press communications, and other marketing material, including case stories.
2.14.1 This Agreement shall be governed and construed in accordance with the laws of Denmark applied without giving effect to the UN Convention on Contracts for the International Sale of Goods and any conflict of law principles.
2.14.2 If the Parties do not succeed in solving a dispute amicably, the dispute shall be settled finally and with binding effect by arbitration in accordance with the Rules of Arbitration Procedure of the Danish Institute of Arbitration.
2.14.3 All members of the arbitration tribunal must be appointed by the Institute.
2.15.1 The invalidity or unenforceability of any term or any part of any term of, or any right arising pursuant to, this Agreement shall have no affect to the validity or enforceability of any other terms or rights or the remainder of any such term or right which shall continue in full force and effect except for any such invalid or unenforceable provision or part thereof.
2.16.1 This Agreement constitutes the entire agreement and supersedes any previous agreements between the Parties relating to its subject matter. In the event of a conflict between terms of the Agreement, specific deviations expressly stated in the Purchase Order shall take precedence over these General Terms. In the event of other discrepancies, the following order of precedence shall apply: The Purchase Order, these General Terms, data processing agreement, any other documents.
Compliance policy regarding the storage of applicants personal data
By accepting this privacy policy, you consent to our processing of your personal data as further specified below.
Here, we specify why we want your data, and what we are going to do with it. We are obliged to inform you of the following:
Protecting your personal data is essential to Fairec, and we want to be as transparent and open as possible about the use of your data. This policy has been created to ensure transparency into our practices and principles as well as to inform you of your personal rights.
“We” are (the company responsible for processing your personal data):
Fairec ApS, Company reg. no.: 45143562
Store Kongensgade 130, kl., 1264 København K, Denmark
You can always reach us at:
E-mail: info@fairec.io
When you upload information to the Fairec platform, we collect the following information:
The data are processed only in relation to Fairec’s customers’ HR recruitment process for job applicants
Processing of the personal data that you upload in the Fairec platform is based on your consent by accepting this policy.
During the recruitment process, processing of your personal data is also based on our legitimate interest, cf. GDPR, article 6(1)(f), where it is necessary for Fairec to process data.
We process personal data collected from references, provided that you have given your specific consent, cf. GDPR article 6(1)(a).
We process personal data on criminal records if it is necessary to ensure that the applicant is suited for the position, cf. GDPR, article 10 and the Danish Data Protection act section 8 (3).
We are responsible for taking care of your personal data as a data controller, which basically means that we determine the purposes and means of the processing of personal data. We, the company listed above, are responsible for HR processing activities as a data controller on behalf of the customers we serve.
We store your data for a period of maximum twelve months after the date on which your application was rejected.
Data security is a high priority for us. We work seriously and professionally within formation security, and we base our work on internationally recognised security standards. We have implemented security measures to ensure data protection of customer data, personal data and other confidential data. We conduct regular internal follow-ups in relation to the adequacy and compliance of policies and measures.
We occasionally use other third parties, such as subcontractors, in connection with provision of our services. Such third parties may be granted access to personal data in order for them to be able to provide the agreed service. If such third parties process personal data and therefore become data processors, Fairec enters into data processing agreements in order to ensure that security is in place to protect data and comply with our data protection obligations.
Our AI model is provided by Microsoft (Azure OpenAI Service), which acts as data processor on behalf of Fairec. Microsoft upholds rigorous security standards, with certifications such as ISO 27001, SOC 2, and SOC 3, ensuring compliance with recognised industry benchmarks. Data handled by Microsoft is encrypted during transmission and while at rest, providing strong protection against unauthorised access. Microsoft Azure’s data centers are safeguarded by robust physical and network security protocols, reinforcing the security of our data processing operations. In addition, we have a data processing agreement in place with Microsoft to maintain consistent alignment with GDPR and other regulatory standards, ensuring responsible data management practices.
Our data storage is handled by Amazon Web Services (AWS) and MongoDB, which act as data processors on behalf of Fairec. AWS provides a secure cloud environment, meeting international security standards, including compliance with ISO 27001,SOC 2, and several other globally recognized certifications. Data stored on AWS is encrypted both in transit and at rest, ensuring strong protection against unauthorized access. MongoDB Atlas, the managed cloud database service we utilise, also complies with ISO 27001, SOC 2, SOC 3, and GDPR standards. Data within MongoDB is encrypted at all stages, both in transit and at rest, further enhancing its security. Both AWS and MongoDB employ stringent physical, network, and administrative security measures, and we maintain data processing agreements with each provider to ensure compliance with data protection regulations.
We do not disclose any personal data to other third parties unless we are under a legal obligation to do so.
As a data subject, you have certain rights regarding your personal data.
For further information about your rights as a data subject, please refer to the Danish Data Protection Agency’s website (www.datatilsynet.dk), where you will find further guidelines.
When we process personal data based on your consent, you have the right to withdraw your consent at any time. Please contact us to withdraw consent for our processing of your personal data.
We acknowledge that transparency is an ongoing responsibility. Therefore, we will continually review and update this policy in order to ensure our compliance with applicable personal data law from time to time.
The data protection policy was updated in (October 2024).
If you wish to complain about our processing of personal data, please send an email with the details of your complaint to info@fairec.io. We will handle your complaint and get back to you as soon as possible.
You also have the right to lodge a complaint about your rights and Fairec’s processing of your personal data to the Danish Data Protection Agency. For further information on how to lodge a complaint to the Danish Data Protection Agency, please consult their website: www.datatilsynet.dk.
The applicable statutory rules for Fairec’s processing of your personal data maybe found in: