← Back to homeBuy a plan

Data protection & GDPR

Privacy Policy

This page explains how Candidate Lake collects, uses, and protects your personal data. We care about your privacy and transparency matters to us.

Last updated: November 23, 2025Vallden Ventures AB
Contact data protection

In short

We only collect the data needed to deliver our service. We never sell your data. You own your candidate data and we process it only according to your instructions. Security is our top priority.

1. Introduction

Vallden Ventures AB ("Candidate Lake", "we", "us") values your privacy. This privacy policy explains how we collect, use, and protect your personal data when you use our service.

We follow the General Data Protection Regulation (GDPR) and other applicable data protection laws to ensure your data is handled safely and responsibly.

2. Personal data we collect

We collect information you provide when you create an account, use the service, or contact us. This may include:

• Contact details (name, email address, phone number)

• Company information (company name, billing details)

• Candidate data (resumes, cover letters, and other information you upload for analysis)

• Technical data (IP address, browser, usage logs)

3. How we use your data

We process personal data for the following purposes:

• To provide and administer our candidate screening service.

• To handle payments and billing.

• To communicate with you about updates, support, and offers.

• To improve and develop the service (e.g. using anonymized statistics).

• To comply with legal obligations (e.g. accounting).

4. Legal basis for processing

Our processing of personal data is based on the following legal grounds:

• Contract: To provide the service under our terms.

• Legal obligation: When required by law (e.g. accounting law).

• Legitimate interest: To develop the service and ensure security.

• Consent: In some cases we may ask for your explicit consent.

5. Sharing data and third parties

We never sell personal data. We may share necessary information with selected subprocessors who help us deliver the service, such as hosting providers and payment processors.

All subprocessors are bound by agreements to follow GDPR and maintain a high level of security. We aim to store all data within the EU/EEA.

6. Security and storage

We take appropriate technical and organizational measures to protect personal data against unauthorized access, loss, or alteration. Data is stored securely and access is restricted to authorized personnel.

We keep data only as long as necessary for the purposes described, or as long as required by law. Candidate data is deleted or anonymized according to settings in the service or after termination of the agreement.

7. Your rights

Under GDPR you have several rights regarding your personal data:

• Right of access: You can request a copy of the data we hold about you.

• Right to rectification: You can ask us to correct inaccurate data.

• Right to erasure: You can request deletion of your data (“right to be forgotten”).

• Right to restriction and objection: You can object to certain processing.

• Data portability: You can receive your data in a structured format.

8. Cookies

We use cookies to improve your experience, analyze traffic, and manage logins. You can control cookie usage through your browser settings.

9. Contact

If you have questions about this privacy policy or our processing of personal data, you are welcome to contact us.

Questions about privacy?

Our data protection team is here to answer your questions about GDPR, data security, or your rights.

privacy@candidatelake.com