Privacy Policy

TQ Nordic provides ability and personality assessments where candidates for work are evaluated and assessed.

Based on these assessments, TQ Nordic creates assessment reports that are presented to your current/future/potential employer. We take the privacy and security of your personal data seriously and we always strive for the highest level of data protection (for example, we would never sell your personal data to another company).

This Privacy Policy describes how TQ Nordic (“TQ,” “we” or “us”) treat the personal data you entrust us with in order to get a better picture of your abilities, aptitude and personal development throughout your career. The policy also explains your rights under the GDPR and how you can apply them.

It is important that you take part and understand the privacy policy and feel safe in TQ Nordic's treatment of your personal data.

Using the table of contents below, you can easily navigate to the sections that are of particular interest to you.


1. What is personal data and what is the processing of personal data?

Personal data is all kinds of information that can be directly or indirectly applied to a living person.

The processing of personal data is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means such as collection, recording, organisation, structuring, storage, adaption or alteration, retrieval, consultation, use etc.

2. Who processes personal data?

  • Data Controller - Determines the purposes and means of the processing of personal data
  • Data Processor – Processes personal data on behalf of the Data Controller
  • Sub Processor – Processes personal data on behalf of the Data Processor

3. Who is responsible for the personal data we collect?

If you have been asked to take an assessment by your current /future/potential employer, that employer will be the Data Controller of the majority of the personal data you choose to share whilst partaking in the assessments provided by TQ Nordic. Depending on the type of assessment and based on the instructions we receive from the employer, the personal data that we collect and process on behalf of the employers may consist of:

  • Your name and e-mail address
  • Your assessment results
In some cases, TQ Nordic is the Data Controller. This only applies when we ask for personal data for our psychometric- or static norm based evaluations, for research purposes.

4. What personal data do we collect, what purpose and how is it treated?

Personal data to perform personality based and/or aptitude based assessments

When you are asked on behalf of your current/ future/potential employer to partake in one or more of our assessments, TQ Nordic will process the following types of personal data:

  • For ability and personality assessments – name and e-mail address
  • For second opinions - name and e-mail address
  • When conducting interviews - name and e-mail address
  • When contacting previous employers, provided by you - name and e-mail address
  • For assessment reports that are handed over to the employer- name and e-mail address

Other personal data that the Data Controller might share with us may, for example, be CV, previous employment, previous assessment results etc.

As a Data Processor, TQ Nordic collects and stores this information in accordance with the Data Controllers instructions.

Legal basis for processing: Your consent. The collection of your personal data is required for TQ Nordic to be able to fulfill our obligations in accordance with the service agreement with your current/future/potential employer. If you do not leave your consent, you will not be able to complete any of TQ Nordic's assessments. The processing is necessary to meet our customers' legitimate interest in evaluating, developing and improving you as a candidate. Storage period: No longer than 24 months after completed assignment.

Optional personal data we might collect for research purposes

In some cases, at the beginning of an assessment, TQ Nordic may ask you to answer some optional research questions by providing certain types of demographic information for research purposes. Providing this information is completely optional. The personal data we may ask for in this respect includes information about education, age and sector. However there is one compulsory question and that is to state your gender. This is solely to be able to generate a report in the proper gender form. This personal data will be used only in an anonymized format for research purposes and will NOT be provided to the employer. If you choose not to answer these questions, it will not keep you from taking the assessment or affect the results of the assessment in any way.

Any published end product will only refer to aggregate data and will not identify you personally or contain any results that may be attributed to you.

Legal basis for treatment: The processing is necessary to meet our legitimate interest in for benchmarking purposes. It is also essential ensure that our assessments are fair and objective and to prevent discrimination. We also use the information to develop and improve our assessment tools and other services we provide.

It is also essential ensure that our assessments are fair and objective and to prevent discrimination. We also use the information to develop and improve our assessment tools and other services we provide.

Storage period: No longer than 24 months after collection.

Technical data

In order to evaluate, develop and improve our services, products and systems, we need to collect technical data (such as user interface, IP address, browser settings, time zone, operating system, and platform). TQ Nordic is the Data Controller for the purpose of this processing.

Legal basis for treatment: The processing is necessary to meet our legitimate interest in evaluating, developing and improving our services, products and systems.

Storage period: No longer than 36 months after collection.

5. From which sources do we collect your personal data?

We retrieve personal data from:

  • Data Controller
  • References that you have provided
  • You as a candidate

6. Who might we share your personal information with?

  • Your current/future/potential employers. The organization hiring us to supply them with assessments.
  • Our partner SOVA, their subsidiaries, and subcontractors. SOVA's privacy policy is available here..
  • Amazon Web Services provides servers in Ireland.

When your personal information is shared with data processors/subcontractors, it is only done for purposes that are compatible with the purposes for which the data controller collected the information (e.g., to fulfill our obligations under the service agreement we have with the data controller). We oversee all data processors and subcontractors to ensure that they can provide sufficient guarantees regarding the security and confidentiality of personal data. Furthermore, we have written agreements with all data processors and subcontractors through which they guarantee the security of the personal data processed and commit to complying with our security requirements, as well as limitations and requirements regarding the international transfer of personal data. In the event that TQ Nordic is sold, acquired, or merged, the registered personal data will be transferred to the new organization (which will then be obligated to comply with the requirements of this privacy policy).

7. Where do we process your personal data?

We always strive for your personal data to be processed within the EU / EEA and all our own IT systems are located within the EU / EEA. However, in case of systematic support and maintenance, we may have to transfer the information to a non-EU country, if we for example share your personal data with a data processor or subcontractor, either ourselves or through a subcontractor, is established or storing information in a non-EU country. In these cases, the processor may only share the information relevant to the purpose (e.g. log files).

Regardless of which country your personal data is processed we take all reasonable legal, technical and organizational measures to ensure that the level of protection is the same as in the EU/EEA. In those cases personal data is processed outside EU/EEA it is guaranteed by either a decision of EU Commission that the country in question ensures an adequate level of protection or by the use of appropriate safeguards. Examples of appropriate safeguards are approved code of conduct in the recipient country, standard contract clauses or binding corporate rules.

8. How long do we save your personal data?

Your personal data is never kept longer than needed for the specified, explicit and legitimate purposes as set out by the Data Controller.

This also applies when TQ Nordic is the data controller and we process personal data for research purposes which is kept until anonymized and no longer than 24 months.

Personal data kept to fulfill our obligations under the Accounting Act, will be saved for the duration of that obligation.

9. What are your rights as the data subject?

Right to access. If you would like access to your personal data or to exercise any of your other rights listed below and took an assessment at the request of your current /future/potential employer, please contact that employer directly.

In cases where TQ Nordic is the Personal Data Controller (in the case of analysis questions mentioned above), you can request a register extract directly from us.

TQ Nordic (as a Data Processor) can only provide this following instructions from said employer.

When TQ Nordic is the Data Controller of your personal data, you may contact us in order to find out what information we hold about you or to access, cancel or correct any information that we may hold about you.

In addition to the right of access, as a data subject you have the following rights:

  • The data is no longer necessary for the purposes for which it has been collected or processed;
  • You object to the legal ground for the processing and the objection weighs heavier than our legitimate interest;
  • The personal data is has been unlawfully processed;
  • The personal data have to be erased to comply with a legal obligation to which the Data Controller is subject;
  • The personal data have been collected for a child * (under 13 years) for whom you have parental responsibility.

* TQ Nordic's Online Systems are not directed to individuals under the age of sixteen (16), and we request that these individuals do not provide their personal data through the Online Systems.

Keep in mind that the Data Controller may be entitled to deny your request if there are legal obligations that prevent certain personal data from being deleted immediately. These obligations derive from accounting and tax legislation as well as banking and money laundering legislation. Should the Data Controller be prevented from meeting a request for deletion, the personal data will be blocked from being used for purposes other than the purpose that prevents the requested deletion.

Right to restriction. If you contest that the personal data being processed is correctly or not on a legal basis, you may request limited treatment during the time the Data Controller needs to verify the accuracy of your personal data.

If the processing has been restricted in accordance with any of the above situations, the Data Controller may, with the exception of storage, only process the data to determine, enforce or defend legal claims, to protect someone else's rights or if you have given your consent.

Right to data portability. If the Data Controller's right to process your personal data is based either on your consent or on a contract with you, you have the right to have the information relating to you transferred to another Data Controller, where technically feasible.

If you wish to have the your personal data transferred for the purpose of using them elsewhere, please contact the Data Controller for the process you are in.

Sensitive information. You do not have to provide any sensitive personal data, such as personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, union membership, genetic information, biometric data, health information or information about your sex life or sexual orientation. To the extent that sensitive personal data is provided on your own initiative, you specifically agree to that processing of personal data is subject to the terms of this Privacy Policy.

Please note that TQ Nordic advises you NOT to disclose sensitive personal data and information that is irrelevant to the purpose.

Subject Access Request: In cases where TQ Nordic is the Data Controller, please see item 3 above, you are welcome to contact us to obtain a copy of the personal data undergoing processing.

10. How do we process social security numbers?

TQ Nordic does not process social security numbers in our contact with you.

11. What are cookies and how do we use them?

A cookie is a very small file that is downloaded to your device when you visit a website. Most websites use some form of cookies at the moment. These files usually contain data like the site’s name and a unique user ID. We use the following cookies:

  • Sessions cookies (These cookies expire when the browser is closed).
  • Permanent cookies (cookies remaining on your computer until you delete them or they expire after 6 months).
  • Third party cookies (these are installed by third parties with the aim of collecting certain information for research purposes.).

The cookies we use usually improve the services we offer. Some of our services need cookies to work properly, while others improve the services for you. We use cookies for overall analytical information regarding your use of our services and for saving functional settings such as language and other tasks.

You can control the use of cookies yourself. Your browser or device allows you to change the settings for the usage and extent of cookies. Go to the settings of your browser or device to learn more about adjusting the settings for cookies. Examples of things you can adjust are blocking all cookies, accepting first-party cookies, or deleting cookies when you close your browser. Keep in mind that some of our services might not work if you block or delete cookies.

12. How is your personal data protected?

We have taken the appropriate steps and put in the appropriate technical, administrative, and physical security controls in place to protect your personal data from unauthorized access, improper use or disclosure, unauthorized modification or unlawful destruction or accidental loss. Only those who actually need to process your personal data to fulfill our stated purposes have access to them.

If for any reason you suspect that your login details, passwords or other personal data have been jeopardised, please contact us immediately.

13. What does it mean that the (Swe.) Datainspektionen is the supervisory authority?

The (Swe.) Datainspektionen is responsible for monitoring GDPR Compliance, and anyone who believes that a company mistreats personal data can file a complaint to the (Swe.) Datatainspektionen.

14. Questions or complaints

For questions regarding your assessment results or the processing of your personal data, please contact the employer for the process in which you are in. Please note that we may make changes to our privacy policy.

The privacy policy was last updated 2024-03-22

Book a Demo

Book a free and unconditional demo and discover how we can adapt our solutions to meet your specific needs and improve your business.