Talentech Legal


Talentech Legal

Talentech is committed to providing industry leading solutions with information security and GDPR compliance as our main priority. We are also passionate about ensuring that our products are accessible for everyone.

With Talentech as your HR solutions provider, you can therefore rest assured that your information and personal data is safe, accessible and secured through the whole talent journey.

Our commitments

We consider information and personal data as key assets, which we are committed to safeguard and protect.

We have gathered our most important information security and compliance initiatives in our information security policy. You can read it here.

We perform a IT-security audit with an independent auditor each year, to ensure that we are fulfilling our security obligations. You can read the latest report here.


Talentech is committed to GDPR compliance. Here is our short guide to GDPR:

What is GDPR?

The General Data Protection Regulation (GDPR) is an EU regulation regarding personal data. The GDPR requires organizations to safeguard personal data and to uphold the privacy rights of anyone within EU.

What is personal data?

Personal data is anything that relates to an identifiable living person. This includes your name, national identification number, address, email and phone number. It also includes a photo or video of you, as well as indirect information that may identify you, such as your IP-address, your location data and a user ID you use in a certain database. All this information can be available in different forms – in writing, as graphics, videos or numbers – and can be stored on paper, computers or any other media. Any information that can be used as part of identifying you, is considered your personal data. 

What is data processing?

The GDPR regulates when and how personal data may be processed. Processing refers to a wide range of operations or actions performed on or with personal data. Examples of data processing include:

  • Collection of data, for example gathering information about candidates in a recruitment process
  • Storage of data, meaning storing data on servers or in a physical archive
  • Use of data, for instance, a company using their customers’ email addresses to send out newsletter
  • Dissemination of data, including posting a photo of an employee by the company’s marketing department on the company’s website
  • Altering of data, for example managers updating employees’ home address in the address list
  • Deletion of data, for instance deleting the candidate data from a recruitment system
Who must comply with GDPR?

Any organization that processes the personal data of people in the EU must comply with the GDPR.

What is Talentech’s role in GDPR compliance?

Talentech offers HR solutions for the full talent journey, from recruitment to onboarding and talent management. Our customers are data controllers of the personal data processed in our solutions, and Talentech is data processor. This means that our customers decide why and how the personal data shall be processed, and we follow the instructions, for example regarding how long data should be stored, of our customers.

What are my rights under GDPR?

GDPR is all about empowering invidiuals in regard to their personal data, and in order to do so, the GDPR states the following fundamental rights:

  • You have the right to information about your personal data being processed and for what purposes. You are entitled to ask for a registry of your data, including all the data being processed about you.
  • You have the right to rectification, which guarantees that inaccurate personal data must be corrected.
  • You have the right to erasure, also known as the right to be forgotten, meaning that you can demand that your personal data shall be removed. Using this right, the data must be deleted, unless it is necessary for continuing the processing for a legal basis.
  • You also have the right to restriction of processing, which means you can demand that only the data necessary for certain legal basis may be processed.
  • Additionally, you have the right to data portability. This means that you are entitled to receiving your data in a structured manner, for example in order to transfer it from one company to another.
  • Finally, you have the right to object to processing of your personal data, for example by declining direct marketing.
Does Talentech have a Data Protection Officer?

Yes, we do! Our Data Protection Officer (DPO) is responsible for ensuring GDPR compliance within Talentech, and is the main point of contact for questions regarding privacy and GDPR. Talentech’s DPO is our Legal Director Malin Gustafsson, and you can contact her here.

If you have any questions on compliance or security, please contact our legal team