GDPR Compliance
Your data. Your rights. Our commitment.
Our Commitment to GDPR
JobNimble is committed to protecting the privacy and security of personal data in accordance with the General Data Protection Regulation (GDPR). We have implemented comprehensive measures to ensure compliance with EU data protection requirements.
What is GDPR?
The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy in the European Union and the European Economic Area. It also addresses the transfer of personal data outside the EU and EEA areas.
GDPR gives EU residents more control over their personal data and creates a unified data protection standard across the EU.
Your Rights Under GDPR
Right to Access
Request a copy of the personal data we hold about you.
Right to Erasure
Request deletion of your personal data ("right to be forgotten").
Right to Portability
Receive your data in a portable, machine-readable format.
Right to Rectification
Request correction of inaccurate or incomplete data.
Right to Restrict Processing
Request limitation of how we process your data.
Right to Object
Object to processing of your data for certain purposes.
How We Comply
Data Processing
We process personal data lawfully, fairly, and transparently. Our processing activities are based on one of the following lawful bases:
- Consent: You have given clear consent for us to process your data
- Contract: Processing is necessary to fulfill our contract with you
- Legal Obligation: Processing is required to comply with the law
- Legitimate Interests: Processing is necessary for our legitimate business interests
Data Minimization
We only collect and process data that is necessary for the specific purposes we have identified. We don't collect more data than we need.
Data Security
We implement appropriate technical and organizational measures to protect personal data, including:
- 256-bit SSL/TLS encryption for data in transit
- AES-256 encryption for data at rest
- Regular security audits and penetration testing
- Access controls and authentication measures
- Employee training on data protection
Data Retention
We only retain personal data for as long as necessary to fulfill the purposes for which it was collected. When data is no longer needed, it is securely deleted or anonymized.
International Transfers
When we transfer personal data outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission.
Data Protection Officer
We have appointed a Data Protection Officer (DPO) to oversee our GDPR compliance and act as a point of contact for data protection matters.
Exercising Your Rights
To exercise any of your rights under GDPR, please contact us using one of the following methods:
- Email: privacy@jobnimble.com
- Data Protection Officer: dpo@jobnimble.com
- In-app: Account Settings → Privacy → Data Rights Request
We will respond to your request within 30 days. In complex cases, we may extend this by an additional 60 days, but we will inform you of any extension.
Data Breach Notification
In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and inform affected individuals without undue delay.
Subprocessors
We use third-party service providers (subprocessors) to help us deliver our services. All subprocessors are carefully vetted and bound by data processing agreements that ensure GDPR compliance.
A list of our subprocessors is available upon request.
Questions About GDPR?
If you have any questions about our GDPR compliance or wish to exercise your data rights, please contact our Data Protection Officer.