Legal
Privacy Policy & GDPR
Last updated: June 2025 · Solutioneering AS, Org.nr. 935 851 033
Solutioneering AS is committed to protecting your personal data. This policy explains what data we collect, why, how we use it, and your rights under the EU General Data Protection Regulation (GDPR) and the Norwegian Personal Data Act (Personopplysningsloven).
1. Who We Are (Data Controller)
The data controller responsible for your personal data is:
2. What Personal Data We Collect
From job candidates
- Full name, email address, phone number
- CV, work history, qualifications, and references
- Job preferences, availability, and salary expectations
- Language skills and certifications
- Any information you voluntarily provide in your application
From employers / client companies
- Contact person name, title, email, and phone number
- Company name and organisation number
- Role requirements and hiring information
From website visitors
- Name and email submitted via the contact form
- Technical data such as browser type and approximate location (see our Cookie Policy)
3. Legal Basis for Processing (GDPR Article 6)
| Purpose | Legal Basis |
|---|
| Processing your job application and matching you with roles | Consent (Art. 6(1)(a)) and/or contract (Art. 6(1)(b)) |
| Contacting you about relevant vacancies | Consent (Art. 6(1)(a)) |
| Responding to enquiries from employers | Legitimate interest (Art. 6(1)(f)) |
| Legal and contractual obligations | Legal obligation (Art. 6(1)(c)) |
| Improving our services | Legitimate interest (Art. 6(1)(f)) |
4. How We Use Your Data
- To match candidates with relevant job opportunities
- To communicate with you about applications and vacancies
- To provide staffing services to our client companies
- To comply with Norwegian employment and tax law
- To respond to contact form enquiries
We do not sell your personal data to third parties. We do not use your data for automated decision-making or profiling.
5. Data Sharing
We may share your personal data only in these limited circumstances:
- With client companies: when presenting you as a candidate for a role, with your prior consent
- With service providers: email and IT providers who process data on our behalf under data processing agreements
- With authorities: if required by Norwegian law (e.g. Skatteetaten, NAV)
6. Data Retention
| Data type | Retention period |
|---|
| Candidate CVs and application data | 2 years from last contact, or until you request deletion |
| Contact form enquiries | 12 months |
| Employer contact information | Duration of business relationship + 3 years |
| Financial/contract records | 5 years (required by Norwegian Bookkeeping Act) |
7. Your Rights Under GDPR
You have the following rights regarding your personal data:
- Right of access — request a copy of the data we hold about you
- Right to rectification — ask us to correct inaccurate or incomplete data
- Right to erasure ("right to be forgotten") — request deletion of your data
- Right to restriction — ask us to limit how we use your data
- Right to data portability — receive your data in a structured, machine-readable format
- Right to object — object to processing based on legitimate interest
- Right to withdraw consent — at any time, without affecting prior processing
To exercise any of these rights, contact us at contact@solutioneering.no. We will respond within 30 days.
8. Data Security
We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or disclosure. Access to personal data is restricted to authorised personnel only.
9. Supervisory Authority
If you believe we have not handled your data correctly, you have the right to lodge a complaint with the Norwegian Data Protection Authority:
10. Changes to This Policy
We may update this policy from time to time. The current version will always be available on this page with the date of last update shown at the top.
11. Contact
For any questions about this policy or your personal data: