Privacy Policy

Kristian from Manpower

Last updated March 2024 

ManpowerGroup AB, with the registered office in Evenemangsgatan 21, 169 79 Solna, Stockholm, is a Data Controller who determines which personal data must be collected from the Data Subjects and the purposes and means of collecting personal data. Additionally, personal data may be processed or jointly controlled by affiliates of the Data Controller, listed here (also jointly referred to as “ManpowerGroup” or “we”. 

Manpower AB
Manpower & Jefferson Wells AB
Manpower Student AB
ManpowerGroup Solutions AB
Manpower El & Tele AB
Manpower Matching AB
Experis AB
Elan IT Resource AB
ManpowerGroup Solutions IT AB
RightManagement Sweden AB

 

Scope of Applicability 

This Privacy Notice applies when ManpowerGroup processes personal data of following data subject categories:  

  • Users of the webpages listed here (the “Sites”).
  • Representatives of potential and existing business partners, clients, and vendors.  
  • Job candidates to whom we provide employment-related opportunities and services. 
  • Individuals to whom we provide outplacement or career transition services. 

This Privacy Notice does not apply:  

  • to our headquarters and country-based staff employees, who are individuals employed by ManpowerGroup and who work directly for ManpowerGroup and not directly with a ManpowerGroup client. 
  • to our associates, who are people we source or place on assignment with one of our clients.

This Privacy Notice Explains the Following:

1. What Do We Mean by ‘Personal Information’ or ‘Personal Data’?

The General Data Protection Regulation (hereinafter “Regulation”) defines personal data as follows: 

Any information relating to an identified or identifiable natural person; ‘identifiable natural person’ means a natural person who can be identified, directly or indirectly, by reference to an identifier, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. 

When this Privacy Notice refers to Personal Data, it refers to the definition in the Regulation. 

Special categories of personal data

The processing of special categories of personal data means the processing of personal data that reveals racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, as well as the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation.  

We only process special categories of Personal Data where this is necessary to comply with our legal obligations.

2. What Personal Information We Collect, On What Purpose and On What Legal Grounds?

We may collect Personal Data about you in variety of ways, such as through our Sites and social media channels; at our events; through phone; through job applications; in connection with recruitment processes or in connection with our interactions with clients and vendors, whereas categories of personal data collected depend on the nature of the relationship.  

2.1. If you visit our Sites, following types of Personal Data may be collected: 

  • Cookie data collected via any non-strictly necessary cookies, if you have provided your consent via the cookie banner on the platform.
  • Information you may provide to us through the "Contact Us" feature on our Sites or via email. 

Legal basis is consent.  

Purpose of data collection is to reply to your queries or provide you enhanced functionality and personalization on your visit to the Sites. Please find out more in our Cookie Notice.  

2.2 If you are a representative of potential or existing business partners, client or vendor, Personal Data collected may include: 

  • contact information such as name, postal address, email address and telephone number, job title, company name or any other information which could be on your business card or on your social media profile. 
  • Any other information you provide to us through the "Contact Us" feature on our Sites, in surveys or in other form of communication.  

Legal basis for such data processing is legitimate interest of a data controller (Please find out more in the legitimate interest section in this Privacy Notice) or since the processing is necessary for performance of a contract or to take steps at the request of a data subject prior to entering a contract.  

Purpose of data collection is to introduce or deliver our services, respond to your queries or to provide information you have requested.  

Based on your consent, we may use your personal data for example for customer references.  

2.3 If you create an account by registering on our Site, Personal Data collected may include:

  • username and password.
  • information you upload to your account, for example your curriculum vitae which include your employment and education history, language proficiencies and other work-related skills. 
  • information you provide about your referees you would like us to contact (the Controller assumes that the provided referee has given an authorization for such communication).
  • Any other information you may provide to us, such as in surveys or in any form of communication (for example via email or phone call). 

Legal basis for such data processing is consent from you, for example, when you tick a box to give permission based on your understanding of the nature of the processing.  

Purpose of data collection is to create, provide access and manage your candidate or Parter account, to be able to assist you in your job search, offer you employment-related opportunities and services if you are a candidate or contractual opportunities if you are a Partner and present you with potential job matches or assignments. You can edit your profile and adjust the optional information you have disclosed to us at any time. 

2.4. If you apply for a position or are a recipient of a career service, following types of Personal Data may be collected:  

  • Employment and education history.
  • Language proficiencies and other work-related skills.
  • Information contained in your resume or C.V., information you provide regarding your career interests, and other information about your qualifications for employment.
  • Social Security number, national identifier, or other government-issued identification number.
  • Date of birth.
  • Citizenship and work authorization status.
  • Information provided by references.
  • Information you provide to us directly in any form (such as an interview or uploading the information to your profile). 

Legal basis for such data processing is legal obligation, where we must Process the Data because it is required by law, contract or legitimate interest of a data controller for which we have analysed and concluded that our legitimate interest does not pose a high risk to the data subject. Please find out more in the legitimate interest section in this Privacy Notice. 

Purpose of data collection is to assess your suitability for job opportunities, facilitate the recruitment process, contract preparation or fulfilment of controller’s legal obligation to process data.

3. The Use of Legitimate Interest

The Data Controller may process Personal Data for certain legitimate business purposes, which includes all the following: 

  • to identify and prevent fraud.
  • to enhance security of our network and information systems.
  • for marketing purposes.
  • to enhance, modify, personalize, or otherwise improve our services.
  • for investigations and dispute resolution.  

Whenever we process Personal Data for these purposes, we will ensure that we keep your rights in high regard and take account of these rights. You have the right to object to such processing, and if you wish to do so, please submit your request here.  

4. How Do We Use Artificial Intelligence and Automated Decision-Making?

This section outlines how we utilize Artificial Intelligence (AI) tools and automated decision-making during our recruitment process. Before implementing AI and automated decision-making processes, we conduct data protection impact assessments to address and analyze any potential risks to data subjects’ rights and freedoms. We regularly audit our AI models to identify and mitigate biases. Sensitive personal information (e.g. health, race, religion) is not used in automated decision making.   

Partly automated decision-making  

 Partly automated decision-making involves combination of AI-driven assessments and human intervention. Partly automated decision making can be used in limited situations, where during the initial screening AI tools assist shortlisting the candidates based on predefined criteria (e.g. existence of work permit, driver’s license, where applicable) which are related to the job requirements and will be reviewed by the recruiter.   

Fully automated decision-making

This can be used in large volume recruitment processes, where AI tools are integrated to the recruitment procedure to enhance the efficiency and effectiveness of the process. AI tools assist us in the initial screening  by assessing candidate information, which includes experience evaluation, skills matching, and any other relevant criteria to identify potential matches with open job requirements. The AI algorithms are designed to identify relevant patterns and correlations to assess candidate suitability for specific positions, based on predetermined criteria.  


Candidate’s rights 

Please note that if you wish to object to the use of AI or automated decision-making in a specific AI-driven recruitment process, or if you wish to obtain human intervention or express your point of view and contest the made decision, you have a right to do so. Please refer to the “Data subject rights” section below on how to exercise your rights. You also have a right to request information about the logic behind decisions.

5. How Do We Protect Your Personal Data?

We maintain technical and organisational measures designed to protect the Personal Data we collect against accidental, unlawful, or unauthorized destruction, loss, alteration, access, disclosure, or use.  

Such measures are designed to provide an appropriate level of security taking account, on one hand, the technical state of the art and, on the other hand, the sensitivity of the personal data and the evaluation of potential risks. To provide the appropriate security and confidentiality of Personal Data, we apply to the following non-exhaustive list of measures: 

  • Encryption of data at rest and in transit using industry standard encryption algorithms with appropriate key lengths.
  • Strong user authentication and role-based access controls. 
  • Network monitoring solutions with events logging.
  • Hardened network infrastructure.
  • Measures for ensuring physical security of locations at which personal data are processed.
  • Business continuity and disaster recovery plans with periodic testing.
  • Incident management policy and processes.
  • Periodic vulnerability and penetration testing.
  • Certification/assurance of processes and products. 
  • Periodic employee privacy and security training and awareness program.
  • Third party privacy and security assessments.
  • Robust data processing and confidentiality agreements.
  • Organizational measures for ensuring data minimization, purpose limitation, retention, data quality and accountability. 

6. International Data Transfers

As we cooperate with natural and legal persons in many different jurisdictions, we may need to transfer your Personal Data to countries outside of the country in which the information was originally collected. Some of these countries may not have the same data protection laws as the country in which you initially provided the Personal Data. When such transfers take place, we will protect that data as described in this Privacy Notice.  

If you are in the European Economic Area, Switzerland, or the United Kingdom, we ensure transfers to countries not currently granted adequacy agreements take place only based on: 

  1. Standard Contractual Clauses (SCCs) adopted by the European Commission, along with the mandatory adoption provisions required for the UK and Switzerland to the extent the processing involves UK or Swiss residents.
  2. A legally binding and enforceable instrument between public authorities or bodies. 
  3. Binding corporate rules (BCR).  

Where transfers rely on SCCs, transfers will only take place after a transfer impact assessment is conducted of: 

  1. The legal practices of the recipient country relating to access to data; 
  2. The technical and organizational measures adopted to protect the data; and
  3. The nature of the processing to ensure purpose limitation and data minimization. 

Data Privacy Framework 

ManpowerGroup (including ManpowerGroup Global Inc. and Right Management Inc.) complies with the EU-US Data Privacy Framework (EU-US DPF), the UK Extension to the EU-US DPF, and the Swiss-US Data Privacy Framework (Swiss-US DPF) as set forth by the US Department of Commerce. ManpowerGroup has certified to the US Department of Commerce that it adheres to the EU-US Data Privacy Framework Principles (EU-US DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-US DPF and from the United Kingdom (and Gibraltar) under the UK Extension to the EU-US DPF. ManpowerGroup has certified to the US Department of Commerce that it adheres to the Swiss-US Data Privacy Framework Principles (Swiss-US DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-US DPF. If there is any conflict between the terms in this privacy policy and the EU-US DPF Principles and/or the Swiss-US DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.  

ManpowerGroup is responsible for the processing of personal data it receives, under the EU-US DPF, the UK Extension to the EU-US DPF, and Swiss-US DPF and subsequently transfers to a third party acting as an agent on its behalf. ManpowerGroup complies with the EU-US DPF Principles and the Swiss-US DPF Principles for all onward transfers of personal data from the EU, UK, and Switzerland, including the onward transfer liability provisions. 

The Federal Trade Commission has jurisdiction over ManpowerGroup’s compliance with the EU-US DPF, the UK Extension to the EU-US DPF, and the Swiss-US DPF. In certain situations, ManpowerGroup may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. 

In compliance with the EU-US DPF, the UK Extension to the EU-US DPF, and the Swiss-US DPF, ManpowerGroup commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-US DPF, the UK Extension to the EU-US DPF, and the Swiss-US DPF to TRUSTe, an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://feedback-form.truste.com/watchdog/request for more information or to file a complaint. These dispute resolution services are provided at no cost to you. 

In the context of the employment relationship, in compliance with the EU-US DPF, the UK Extension to the EU-US DPF, and the Swiss-US DPF, ManpowerGroup commits to cooperate and comply with the advice of the panel established by the EU data protection authorities (DPAs), the UK Information Commissioner’s Office (ICO) and the Gibraltar Regulatory Authority (GRA), and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of human resources data received in reliance on the EU-US DPF, the UK Extension to the EU-US DPF, and the Swiss-US DPF. 

For complaints regarding EU-US DPF, the UK Extension to the EU-US DPF, and Swiss-US DPF compliance not resolved by any of the other DPF mechanisms, you have the possibility, under certain conditions, to invoke binding arbitration. Further information can be found on the official DPF website: https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf?tabset-35584=2

Subject to applicable law, you may obtain a copy of these safeguards by contacting us as indicated in the How to Contact Us section below.

7. What Information Do We Disclose?

We do not disclose Personal Data that we collect about you, except as described in this Privacy Notice or in separate notices provided in connection with activities.  

  • Your Personal Data will be shared internally with our team of recruiters, and where applicable, with our clients involved in the recruitment process. 
  • We may also disclose a portion of your Personal Data with our subsidiaries and affiliated ManpowerGroup companies for administrative, legal or compliance purposes.
  • If you create an account by registering on our Site, apply for a position or are a recipient of a career service, we share your Personal Data with clients who have job opportunities available or interest in placing our job candidates.
  • With others with whom we work, such as job placement consultants and subcontractors, to find you a job.  

In addition, we may disclose Personal Data about you on the following basis: 

  • To law enforcement authorities or other government officials based on a lawful disclosure request.
  • If we are required to do so by law or legal process. 
  • When we believe disclosure is necessary or appropriate to prevent physical harm or financial loss, or in connection with an investigation of suspected or actual fraudulent or illegal activity; and. 
  • We will disclose a portion of your Personal Data with vendors who perform services on our behalf based on our instructions to make our services available to you. We ensure this data is minimized to what is necessary to perform the specific services instructed. We ensure vendor due diligence takes place to assess their privacy and security measures for protecting your data.
  • We also ensure that data processing agreements are in place with vendors, with robust requirements stipulating the technical and organizational measure we require them to comply with when handling your personal data.  

We do not authorise vendors to use or disclose the information, except as necessary to perform services on our behalf or comply with legal requirements. Your Personal Data will never be sold, rented, distributed, or made available to vendors for their own commercial purposes, including for their direct marketing purposes.  

We also reserve the right to transfer Personal Data we have about you in the event we sell or transfer all or a portion of our business or assets (including in the event of a reorganization, dissolution, or liquidation).

8. How Long is Your Personal Data Processed?

We retain collected Personal Data in our systems in a way that enables data subjects to be identified for no longer than is necessary for the purpose for which the data were collected or for which data are additionally processed. We determine the specific period considering the following: 

  • The need to retain collected Personal Data to provide the services requested by the data subject.
  • The need to protect the legitimate interests described under the objectives of the controller.
  • The existence of specific legal obligations that make the processing and retention of Personal Data necessary for specific periods. 

To comply with applicable statutory retention laws, the data will be kept as follows: 

  • If you have created an account by registering on our Site, have applied for a position or a recipient of a career service, the data will be stored until the account owner deletes the information on the account or 2 years after the inactivity, calculated from the last log-in date. 
  • If you visit our Sites, your data will be kept as long as stated in the Cookie Notice.
  • If you are a representative of a vendor, we will keep information for maximum 10 years after the end of the relationship of the legal entities. 
  • If we are providing any type of services to your company, we will keep information for maximum 10 years after the end of the relationship of the legal entities. 

Personal Data may be kept for longer than stated above only if it is required to meet our legal or regulatory responsibilities, for example, establishing, exercising, or defending legal claims or compliance cases.  

9. What Are Your Privacy Rights and Choices and How to Exercise Them?

When permitted by applicable law, a data subject can exercise under Articles 15 to 22 of the GDPR the following specific rights:  

Right of access: You have the right to know if we process personal data about you, and to receive a copy of the data we process about you. 

Right to rectification: You have the right to request that we rectify inaccurate or incomplete data held about you to protect the accuracy of such information.  

Right to erasure: In some cases, you have the right to ask us to delete personal data about you. For example, if it’s no longer necessary for ManpowerGroup to process the data for the purpose for which we collected it; if you withdraw your consent; if you have objected to the processing and there are no legitimate, overriding justifications for the processing; or if the processing relates to direct marketing and you object to the direct marketing.  

Right to restriction of processing: You have the right to request that the data controller restricts the processing of your data.  

Right to data portability: You can request a copy of the personal data relating to you that we process for the performance of a contract with you, or based on your consent, in a structured, commonly used, machine-readable format. This will allow you to use this data somewhere else, for example to transfer it to another recipient. If technically feasible, you also have the right to request that ManpowerGroup transfers the data directly to the other recipient.  

Right to object: You have the right, at any time, to object to processing of your personal data which is based on our legitimate interest, by referencing your personal circumstances.  

Right not to be subject of automated individual decision-making: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects on you or similarly significantly affects you, unless it is necessary for entering into contract, is based on your explicit consent, or is authorized by law.  

Right to lodge a complaint with a supervisory authority: You have a right to lodge a complaint with a supervisory authority, in the EU Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating you infringes GDPR. 

Whenever the processing is based on consent, as under art.7 of the GDPR, you may withdraw your consent at any time.  

If you require more information about the processing of your Personal Data, please refer to the How to Contact Us section below. You can exercise your data subject rights, by submitting your request here.

10. Updates To Our Privacy Notice

This Privacy Notice (including any addenda) may be updated periodically to reflect changes in our privacy practices, to comply with applicable legal updates or to make the information clearer to you. 

We encourage you to frequently check this page for any changes. You can always check the top of this page to see when this privacy policy was last updated.   

If we make changes that have a substantial impact on how we process your personal data, we will communicate this on our websites. 

11. How To Contact Us

If you have any questions or comments about this Privacy Notice, or if you would like to exercise your data subject rights, please fill in this form. 

Sirli-Kristi Käpa, Data Protection Officer Nordics  
ManpowerGroup AB  
Box 4090 
10262 Stockholm 

 

 

* *Subsidiaries:

Manpower AB
Manpower & Jefferson Wells AB
Manpower Student AB
ManpowerGroup Solutions AB
Manpower El & Tele AB
Manpower Matching AB
Experis AB
Elan IT Resource AB
ManpowerGroup Solutions IT AB
RightManagement Sweden AB



**Websites:
manpowergroup.se
manpower.se
jeffersonwells.se
experis.se
jobb.manpower.se
kund.manpower.se
jobb.experis.se
kund.experis.se
mpgtalentsolutions.com/se/en