Privacy policy

Privacy Policy for Recruitment at Nordic Well Group

At Nordic Well Group (“we”, “us”, “the Company”), we are committed to ensuring a transparent and secure recruitment process. This Privacy Policy explains how we collect, process, store, and protect personal data about candidates (“you”). We strive to uphold a high standard of data protection and handle your information in accordance with applicable data protection legislation.

You are hereby informed that Wellvita ApS, part of Nordic Well Group, processes personal data about you as part of the recruitment process.

Data Controller

Wellvita ApS
Energivej 4, 6700 Esbjerg
Email: gdpr@wellvita.dk
Phone: +45 82 30 30 40
CVR: 32782787

We do not have a designated Data Protection Officer (DPO), as we are not legally required to appoint one. However, we have a responsible contact person for all matters related to personal data. You can reach us at: jvh@wellvita.dk

Purpose of Processing Personal Data

We process your personal data to manage and carry out recruitment activities, including:

  • Evaluating candidates

  • Communicating during the recruitment process

  • Selecting and hiring applicants

  • Verifying information and conducting background checks (when relevant)

  • Complying with legal requirements

  • Internal HR administration related to the hiring process

Legal Basis for Processing

General personal data

We process your information based on:

  • Legitimate interests: It is necessary for our legitimate interest to review applications and manage recruitment, according to Article 6(1)(f) of the GDPR. As a candidate, you have a reasonable expectation that we process your data when you apply for a position.

  • Consent: If we store your application beyond the standard retention period, we will request your explicit consent in accordance with Article 6(1)(a).

Special categories of personal data

In certain cases, we may process sensitive information:

  • Health information and union membership relevant to employment may be processed to fulfil legal obligations related to labour, social security, or social protection law, or based on explicit consent (GDPR Article 9(2)(b)).

  • Under Danish law, candidates are required to inform employers of health conditions relevant to the job (Health Information Act §6).

Categories of Personal Data We Process

Depending on the position, we may process:

  • Identification details: name, address, phone number, email

  • Application materials: CV, cover letter, certificates, portfolio

  • References and information obtained from prior employers

  • Skills, qualifications, and employment history

  • Correspondence with you

  • Personality or cognitive test results (if applicable)

  • Criminal record (if relevant for the role and legally required)

  • Health information (only if relevant and legally permitted)

Sharing of Personal Data

Depending on the recruitment process, your data may be shared with:

  • Reference contacts

  • External assessment or testing providers

  • External HR consultants

  • Other companies within Nordic Well Group

  • IT service providers hosting our systems or email services

We ensure all external recipients comply with data protection requirements.

Transfers Outside the EU/EEA

In some cases, your data may be transferred to countries outside the EU/EEA. Such transfers will only occur when necessary and when adequate safeguards are in place, such as:

  • EU Commission’s Standard Contractual Clauses

  • Your explicit consent

Copies of relevant safeguards can be requested.

Retention of Personal Data

We store your personal data only as long as necessary for the recruitment process and in accordance with legal requirements.

  • Application documents are kept for a reasonable period during the recruitment process.

  • If the recruitment process ends without a hire, test results are deleted or anonymised within 180 days.

  • When data is no longer required, it will be securely deleted or anonymised.

If you wish to have your data deleted earlier, you may contact us using the details above.

Certain records may be kept longer if required by law or for legitimate business purposes.

Profiling

We do not use automated decision-making that significantly affects your rights or freedoms.

Your Rights

Under the GDPR, you have the following rights:

  • Right of access and rectification – request access to or correction of your personal data

  • Right to erasure – request deletion of your data

  • Right to restriction – limit how your data is processed

  • Right to object – object to processing based on legitimate interest

  • Right to data portability – request a copy of your data in a transferable format

You can learn more about your rights at: www.datatilsynet.dk.

Right to complain

You can always submit a complaint to the Danish Data Protection Agency:
Datatilsynet
Carl Jacobsens Vej 35, 2500 Valby
Phone: +45 33 19 32 00
Email: dt@datatilsynet.dk

We encourage you to contact us first so we can try to resolve the issue.