Privacy Policy

The customer organization is the controller for candidate personal data processed in connection with its recruitment activities. Nimloth generally acts as processor on behalf of the customer organization and processes personal data under documented instructions.

Nimloth may process contact information, candidate submissions, evaluation artifacts, and operational metadata required to administer recruitment workflows and support structured evaluation.

Nimloth is designed to avoid collection of special categories of personal data by default. Customers are responsible for configuring and using the platform in a lawful manner.

Personal data is processed for recruitment administration, candidate workflow handling, and evaluation support within the customer organization's hiring process.

The customer organization is responsible for identifying and documenting the applicable legal basis for its recruitment processing. Nimloth processes data as processor under customer instruction, where applicable.

Retention is defined by customer configuration, contractual terms, and applicable law. Default deletion windows and retention controls are defined in customer setup and contract documentation (placeholder).

Nimloth maintains a list of subprocessors used to deliver the service. Subprocessor information is available on request or as specified in contractual documentation.

Data subjects may have rights under applicable data protection law, including access, rectification, erasure, restriction, objection, and complaint rights. Customers (as controllers) are responsible for handling data subject requests unless otherwise agreed.

Nimloth ApS

Mågevej 5

9000 Aalborg

Denmark

Email: Emilellitsgaard@live.dk

CVR: Pending registration