This website uses cookies to ensure you get the best experience on our website.

Nosto and selected partners use cookies and similar technologies to ensure you get the best experience on this website. If you consent to it, we will use cookies for analytics and marketing purposes.

See our Cookie Policy to read more about the cookies we set.

You can withdraw and manage your consent at any time, by clicking "Manage cookies" at the bottom of each website page.

Select which cookies you accept

On this site, we always set cookies that are strictly necessary, meaning they are necessary for the site to function properly.

If you consent to it, we will also set other types of cookies. You can provide or withdraw your consent to the different types of cookies using the toggles below. You can change or withdraw your consent at any time, by clicking the link “Manage Cookies”, which is always available at the bottom of the site.

To learn more about what the different types of cookies do, how your data is used when they are set etc, see our Cookie Policy.

These cookies are necessary to make the site work properly, and are always set when you visit the site.

Vendors Teamtailor

These cookies collect information to help us understand how the site is being used.

Vendors Teamtailor

These cookies are used to make advertising messages more relevant to you. In some cases, they also deliver additional functions on the site.

Vendors Youtube
Nosto career site

Privacy Policy – Nosto’s Job Applicant Register

  1. Controller
    1. Nosto Solutions Oy
      Bulevardi 21, 00180 Helsinki
      0207354880
      legal@nosto.com
      (”we” or ”Nosto”)
  2. Contact person for register matters
    1. Nosto Legal Team
      Bulevardi 21, 00180 Helsinki
      0207354880
      legal@nosto.com 
  3. Name of the register
    1. Job Applicant Register
  4. What is the legal basis for and purpose of the processing of personal data?
    1. The processing of personal data is based on:
      1. The compliance of the responsibilities and the specified rights of the controller and the data subject in accordance with the employment law;
      2. The explicit consent of the data subject regarding the processing of his/her personal data.
    2. The purpose of processing personal data is operations concerning our recruitment and management of the recruitment process as well as the supporting of human resources, managing the data regarding the application process of the applicants (registered) who have applied to the company, in order to ensure the possibility to contact them, and provide support to the desicion-making in hiring.
  5. Which data do we process?
    1. The applicant register requires processing of the following personal data of the applicants:
      1. data subject's basic information such as *name, date of birth, gender, native language;
      2. data subject's contact details such as private *e-mail address, *private phone number, address;
      3. information related to the job in question such as job description, including information on the nature and type of employment, the person in charge of the recruitment process, *desired salary and details regarding commencement of employment. Further details will be provided in the job listing;
      4. information related to suitability for the job and other relevant details (background, etc.) that the data subject has offered during the application process, such as photographs, *CV, *resume information on education, profession, work history (such as employers, commencement and duration of employment, nature of tasks), language skills, other special skills, a description of personal characteristics, different certificates and appraisals, links to online portfolios, profiles and other sources and references;
      5. information regarding the data subject's progress in the recruitment process such as upcoming follow-up interviews or recruitment process termination;
      6. other possible information wilfully offered by the data subject during the application process of the controller or information otherwise published specifically for professional purposes, such as their LinkedIn profile or information collected separately by the controller with the consent of the data subject.
    2. All personal data marked with an asterisk is required in order to carry out the recruitment process.
  6. From where do we get the data?
    1. The primary source for the data stored in the register is the applicant in question. Other sources may be used in accordance with the law. If necessary, we may also ask information from recruitment consultants.
    2. By applying for a job, the applicant gives a consent to the Company to gather information from their public professional profile to the extent that is necessary for deeming the suitability for the job in question.
  7. Who do we provide or transfer data to? Do we transfer the data outside of the EU or the EEA?
    1. We process the data by ourselves. Additionally, any information regarding the applicants that is stored in the register can be disclosed, with the applicant's consent, to companies within the corporate group in order to connect applicants with employers.
    2. We will only disclose personal data according to current legislation to parties who have a legal and/or contractual right to receive data from the register. We may also disclose data for other purposes in accordance with Finnish legislation.
    3. We utilise subcontractors working on our behalf to process the personal data. Additionally, we use subcontractors to process personal data for the human resources and recruitment services.
    4. We have ensured protection of your data by making necessary contracts with the subcontractors regarding data processing. We cannot name all our subcontractors, in part due to projects in development, so only the types of subcontractors used are disclosed.
    5. We will only share data from the register with the aforementioned third parties unless explicit consent is sought and received from the data subject.
    6. We transfer personal data outside of the EU/EEA, namely to USA. We have ensured all appropriate protection measures regarding the transfer. We use the standard contractual clauses accepted by the EU.
  8. How do we safeguard the data and for how long do we store it?
    1. Databases containing personal data are available only to employees who have the right to process applicant data for the purposes of their work. The register is protected with the necessary technical and organisational precautions. The data is stored in databases that are protected with usernames, passwords, firewalls and other technical procedures. The register is stored on protected administrator servers, and the electrical connection is protected. All persons processing the data are bound by professional secrecy. The databases and their backups are kept in locked spaces and only previously specified persons have access to the data.
    2. We will store the personal data for as long as is necessary for our purposes. As a rule, the data can be used for six (6) months for recruitment purposes. Data will be expunged within two (2) years. If an applicant becomes our employee, we will store information the applicant has provided during the application process as part of their employee profile in accordance to the privacy policy regarding employee data.
    3. We assess the need for the storage of the data regularly, in accordance with the applicable legislation. Additionally, we will take all reasonable measures to ensure that data of the data subject, which is incompatible for the purposes of the processing, and which is obsolete or incorrect, are not stored to register. We rectify or destroy such data without delay.
  9. What are your rights as a data subject?
    1. Data subject has the right to inspect any information in the register pertaining to him/her and to demand the correction or erasure of incorrect information.
    2. Data subject has a right in accordance with the GDPR (from 25 May 2018) to object the processing of his/her data or to request limited processing as well as the right to lodge a complaint to the authorities regarding the processing of his/her personal data.
    3. For specific, personal reasons you have the right also to object profiling and/or other processing measures concerning you, when the processing of data is based on the recruitment. In relation with your request, the special situation to which the objecting of processing is based, must be specified. We may deny fulfilling the request only in accordance with law.
    4. As a data subject you have the right to object the processing at any time, and it is free of charge. That includes also profiling, so far as it is related to direct marketing.
    5. Any requests concerning the matter should be addressed in person or in writing to the contact person listed in section 2.

About Nosto

Nosto is the intelligent Commerce Experience Platform (CXP) that gives brands and retailers intuitively designed tools to increase online revenue through end-to-end commerce experience management.

With experience.AI™, Nosto helps brands enrich and activate customer, product and content data in real-time across personalization, product discovery, and user-generated content to deliver high-performing commerce experiences at scale.

Nosto supports intelligent commerce experiences for more than 1,500 brands in over 100 countries, including Kylie Cosmetics, Dermalogica, Belstaff, The Travel Corporation, BYLT Basics, Douglas, MUJI, Flight Center, Lord and Taylor, Vuori, FIGS and more.

Founded in 2011
Co-workers 200

Already working at Nosto?

Let’s recruit together and find your next colleague.

@nosto.com