Get ready for GDPR with us

Your applicants’ personal information is safe with us

On May 25, 2018, a new EU regulation regarding the protection of personal information will come into effect. This will also affect companies that are seeking and recruiting new employees. Teamio is ready: we are doing everything we can to make your work on GDPR compliance as easy as possible.

Our responsibility

We process the personal information of applicants who respond to job vacancies. The administrators for this information are, however, the employers who publish job vacancy ads.

Data Administrator

I.e. the employer who collects information on applicants during recruitment.

The administrator is responsible for ensuring that:

  • Adequate technical and organizational measures are implemented to make it easy to prove that your data processing is GDPR-compliant.
  • You process only such personal information as is necessary for the given, predefined, specific purpose (for example, the job selection process).
  • When two companies share a registration in Teamio, these two companies are considered joint administrators in terms of GDPR. They must decide among themselves which of them is responsible for which part of data processing, especially in connection with the exercising of data subjects’ rights.

The Data Processor

I.e. Teamio/Alma Career Oy and LMC s.r.o. They process applicants’ personal data for employers (administrators).

The Processor is responsible for:

  • Managing the platform that enables you to process applicant information.
  • We process this data based on your instructions and on a contract with you as its administrator.
  • We take into account the nature of applicant-data processing by utilizing suitable technical and organizational measures to ensure that our data processing complies with GDPR requirements and ensures the protection of applicants’ rights.
  • We ensure that, on the processor’s side, applicant data is processed solely by persons bound by a non-disclosure agreement.
  • We provide the cooperation needed to ensure the adequate processing of personal information by the administrator.

Data Subjects

The applicants are the “data subjects” because we can (in)directly identify them using their personal information.

Personal information

Information connected with a data subject. This might be their name, email, telephone number, CV, notes, labels, or recorded actions.

Data Processing

Actions performed on personal information by the administrator or processor; these are fully or partly automated (collection, recording, organizing, storing, and deleting).

Product changes

All changes apply to the Free, Easy, and Smart editions.

Will be resolved

We are analyzing current consents

We are analyzing the impact of GDPR on personal information that was entered into Teamio before the GDPR came into effect.

We are preparing the options and the handling of access to personal information for applicants who responded to open positions in the period before the GDPR.


We will make the text of our general terms and conditions more precise

Work on this is under way.


As long as the applicant is in Teamio, you can check whether or not they have provided consent with the processing of their personal information, including the specific text (e.g. for an applicant in the activity history/the details of the first activity).

If the client has paid for the export of positions, then they receive applicant details along with the consent text that has been confirmed by the applicant.

Can the applicant cancel their consent and exercise “the right to be forgotten?”

Applicants who want to have their details deleted from the database can send us an email on this. They can also contact us using the contact form. We get very few such requests. If the number of such requests increases, we will establish new processes here, including possible verification of the legitimacy of such a request.

Teamio features a function that lets you send an additional request for consent with the processing of personal information. If you use this function, the applicant will receive an email with a request to confirm their consent. If the applicant does not provide confirmation for this request, Teamio will erase their personal information.

The function for supplementary confirmation of consent with the processing of personal details is optional, because employers can receive consent to processing even before they enter the personal information in Teamio.

Didn’t find the answer to your question?

Ask Matti, our specialist on personal data protection.

Matti Venho
Alma DPO

Send us your questions