Summary: We collect only what we need, never sell your data, retain it only as long as required, and fully honour your GDPR rights. For any privacy matter: contact@jobsbind.com.
1. Data Controller
The controller responsible for your personal data is:
NordicSearch
Tornimäe tn 5, Kesklinna linnaosa
Tallinn 10145, Estonia
Email: contact@jobsbind.com
Website: jobsbind.com
2. Scope of This Policy
This Privacy Policy applies to personal data collected through:
- The website jobsbind.com and any subdomains;
- Contact forms, email correspondence, and enquiries submitted to us;
- Service agreements and delivery of Managed IT Services to clients;
- Any other interaction where we collect personal data as a controller.
Where we process personal data on behalf of a client (as a data processor under a GDPR Art. 28 agreement), this policy does not apply to that processing — the client's own privacy policy governs it.
3. Data We Collect
3.1 Data You Provide Directly
| Category | Examples | How Collected |
|---|---|---|
| Identity data | First name, last name, job title | Contact form, email, service agreements |
| Contact data | Email address, phone number, company name | Contact form, email correspondence |
| Communication data | Messages, support tickets, briefing notes | Email, helpdesk, video calls |
| Commercial data | Invoices, contract details, purchase history | Service agreements |
3.2 Data Collected Automatically
| Category | Examples | How Collected |
|---|---|---|
| Technical data | IP address, browser type, OS, device type | Server logs, analytics cookies |
| Usage data | Pages visited, session duration, referral source | Analytics cookies (with consent) |
| Cookie data | Consent preference, session ID | Cookies (see Section 10) |
3.3 Data We Do Not Collect
We do not collect special category personal data (health, biometric, political, religious, etc.) through this website. Payment card data is handled exclusively by PCI-DSS-compliant third-party processors.
4. Purposes and Legal Bases (GDPR Art. 6)
| Purpose | Legal Basis | Details |
|---|---|---|
| Responding to enquiries and audit requests | Art. 6(1)(b) Pre-contractual / Art. 6(1)(f) Legitimate interest | Processing your contact form or audit request to reply to you. |
| Delivering Managed IT Services | Art. 6(1)(b) Contract performance | Processing necessary to fulfil our service agreement. |
| Sending marketing communications | Art. 6(1)(a) Consent | Only where you have explicitly opted in; withdrawable at any time. |
| Website analytics | Art. 6(1)(a) Consent (cookie banner) | Google Analytics with IP anonymisation, only after consent. |
| Invoicing and accounting records | Art. 6(1)(c) Legal obligation | Estonian Accounting Act. |
| Security and fraud prevention | Art. 6(1)(f) Legitimate interest | Server logs and monitoring to protect our systems. |
| Compliance and legal claims | Art. 6(1)(c) / Art. 6(1)(f) | Retaining data to establish or defend legal claims. |
Legitimate interest balancing test: Where we rely on legitimate interests, we have assessed that our interests do not override your rights and freedoms, given the B2B nature of our services and the reasonable expectations of visitors to a Managed IT Services website.
5. Data Retention
| Data Category | Retention Period | Reason |
|---|---|---|
| Contact enquiries (non-client) | 3 years from last contact | Legitimate interest — follow-up and disputes |
| Client contractual data | Contract duration + 7 years | Estonian Accounting Act |
| Marketing consent records | Until withdrawn + 3 years | Demonstrate lawful marketing basis |
| Server logs / technical data | 90 days rolling | Security monitoring |
| Analytics data | 26 months (anonymised) | Website improvement |
| GDPR request records | 3 years from response | GDPR accountability obligation |
Data is securely deleted or anonymised when retention periods expire.
6. Data Sharing and Processors
We do not sell, rent, or trade your personal data. We share data only with processors bound by written GDPR Art. 28 data processing agreements.
| Processor Category | Purpose | Location |
|---|---|---|
| Email delivery provider | Transactional and marketing emails | EU/EEA |
| CRM / helpdesk platform | Client relationship and support management | EU/EEA |
| Analytics (Google Analytics) | Anonymous website statistics | USA (SCCs in place) |
| Cloud infrastructure | Website and systems hosting | EU/EEA |
| Accounting software | Financial records and invoicing | EU/EEA |
We may disclose data to authorities where required by Estonian or EU law, or to protect the safety, rights, or property of our company, clients, or the public.
7. International Data Transfers
Our operations are headquartered in Tallinn, Estonia (EU/EEA). Where processors are outside the EEA (notably Google for analytics), we ensure safeguards under GDPR Chapter V via Standard Contractual Clauses (SCCs) — Commission Implementing Decision (EU) 2021/914 — and supplementary technical measures including IP anonymisation. You may request a copy of applicable transfer safeguards at contact@jobsbind.com.
8. Your Rights Under GDPR
To exercise any right, contact contact@jobsbind.com. We respond within 30 days (extendable by 60 days for complex or multiple requests — we will notify you). We may verify your identity before processing a request.
Right of Access
Obtain a copy of your personal data and processing information (Art. 15).
Right to Rectification
Correct inaccurate or incomplete personal data (Art. 16).
Right to Erasure
Request deletion where there is no compelling reason to continue (Art. 17).
Right to Restriction
Restrict processing in certain circumstances (Art. 18).
Right to Portability
Receive your data in a structured, machine-readable format (Art. 20).
Right to Object
Object to processing based on legitimate interest or direct marketing (Art. 21).
Withdraw Consent
Withdraw consent at any time without affecting prior lawful processing (Art. 7(3)).
Automated Decisions
Not to be subject to solely automated decisions affecting you (Art. 22). We do not carry out such processing.
9. Opt-Out of Marketing Communications
To stop receiving marketing emails from NordicSearch:
- Click the unsubscribe link in the footer of any marketing email we send;
- Email contact@jobsbind.com with subject line "Unsubscribe";
- Write to: NordicSearch, Tornimäe tn 5, Tallinn 10145, Estonia.
We will process your opt-out within 5 business days. Opting out of marketing does not affect transactional communications (invoices, service updates) required to fulfil an existing contract.
10. Cookies
We use cookies on this website. A cookie consent banner is displayed on your first visit — strictly necessary cookies are always active; analytics cookies are only set with your explicit consent.
| Category | Cookie | Purpose | Duration |
|---|---|---|---|
| Strictly Necessary | jb_consent | Stores your cookie consent preference | 12 months |
| Strictly Necessary | XSRF-TOKEN | CSRF / security protection | Session |
| Analytics | _ga, _ga_* | Google Analytics — anonymous usage statistics | 24 months |
| Analytics | _gid | Google Analytics — distinguishes users | 24 hours |
| Functional | jb_lang | Language/region preference | 12 months |
To opt out of Google Analytics globally, use the Google Analytics Opt-out Browser Add-on. For more cookie information: allaboutcookies.org.
11. Children's Privacy
Our services and website target business professionals. We do not knowingly collect personal data from individuals under 16 years of age. If you believe a minor has submitted data to us, please contact contact@jobsbind.com and we will delete it promptly.
12. Security Measures
We implement appropriate technical and organisational security measures to protect personal data from unauthorised access, loss, disclosure, or destruction. These include TLS encryption for data in transit, role-based access controls and least-privilege principles, regular security assessments and staff awareness training, and pseudonymisation of data where appropriate. In the event of a personal data breach likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and affected individuals without undue delay, as required by GDPR Articles 33–34.
13. Complaints
If you believe we have not handled your personal data in accordance with this policy or applicable law, please contact us first at contact@jobsbind.com. We take all privacy concerns seriously and will endeavour to resolve your complaint promptly.
You also have the right to lodge a complaint with the competent supervisory authority. As an Estonian-registered entity, our lead supervisory authority is:
Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon)
Tatari 39, Tallinn 10134, Estonia
www.aki.ee · info@aki.ee
If you reside in another EU/EEA member state, you may also contact your local supervisory authority.
14. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or applicable legal requirements. Material changes will be indicated by an updated "Last updated" date at the top of this page. Where required by law, we will seek renewed consent. We encourage you to review this page periodically.
15. Contact Us
NordicSearch
Tornimäe tn 5, Kesklinna linnaosa
Tallinn 10145, Estonia
Email: contact@jobsbind.com
For GDPR requests, use subject line: "GDPR Request – [Your Name]"
Response commitment: We acknowledge all privacy-related requests within 3 business days and provide a full response within 30 days, as required by GDPR Art. 12.