GDPR, Terms & Conditions, Cookies, Privacy Policy
Read here

5 minute read


The following information about GDPR, Cookies, Privacy Policy & Security does not apply to websites, applications or other services, such as MailChimp, that provide their own separate privacy statements or policies. Our Website may contain links to other sites but Brand Optimized is not responsible for the privacy policies and/or practices of these other sites.

This Privacy Policy covers what information we gather when you are accessing or using our Website, how we use that information and how we protect it. Your use of our Website and the information you provide on our Website is subject to the terms of this Privacy Policy and our Terms of Service.

Lawfulness of processing

For the processing of your personal data, the provisions of the EU GDPR and all other applicable data protection regulations are complied with. Legal bases for the data processing arise are provided for specifically in Art. 6 EU GDPR.

We use your data for business contact, to fulfil contractual and legal obligations, to perform on the contractual relationship, to offer products and services, and to strengthen the customer relationship, which may include marketing and direct advertising. Furthermore, the data you provide will be used for the contractual relationship with Brand Optimized. If you are still unsure as to how these rules affect you please use the links provided below or contact us at

We use SSL Certificate data encryption

Any data exchange from and to our website is encrypted. For transmission protocol, we use HTTPS for our website, with each transfer based on up-to-date encryption protocols. With an SSL Certificate, any information that is transmitted becomes encrypted by inserting random characters into the original message making it unreadable to everyone except the intended server. This makes it almost impossible for hackers to steal your information.

The green (or black) secure padlock in the browser url address field denotes an active SSL Certificate.

GDPR - New rules on protection in the processing of personal data

We take every possible measure to follow European laws governing electronic data traffic and security in the Regulation (EU) 2016/679 (General Data Protection Regulation). Read more about each right in the
official GDPR html (link opens in new window).

On May 25, 2018 a new law began to affect all companies and organizations across the EU/EEA. The law is called the Data Protection Ordinance but is also known as the GDPR or General Data Protection Regulation. GDPR and a supplementary Swedish law, the Data Protection Act, will replace the previous Personal Data Act.

The purpose of the act is to make companies more responsible with regards to how they handle individuals' personal data in a safe and easily accessible manner. It contains, inter alia, rules on how personal data has to be processed, stored and the individuals' right to easily access the stored data and modify what is incorrect.

Customers' rights are strengthened

Many people know the GDPR for its hard-line regulation around the "right to be forgotten," where an individual can request a company to erase the personal data it holds on them. However, it also contains the right to access any information that may be held by a company. A major and important part of the improved protection for the customer is that companies and organizations get greater demands on how personal data can be processed. They should also be clear about what personal information they have about the customer, as well as how and why the data is used.

The new regulation includes, among other things

Right of Access - SAR (Subject Access Request)
These rights are standardised in Articles 15 - 22 of the EU GDPR. These include:

  1. The right to be informed (Article 15 EU GDPR),
  2. The right to rectification (Article 16 EU GDPR),
  3. The right to erasure (Article 17 EU GDPR),
  4. The right to restrict data processing (Article 18 EU GDPR),
  5. The right to data portability (Article 20 EU GDPR),
  6. The right to object to data processing (Article 21 EU GDPR),
  7. Automated individual decision-making, including profiling (Article 22 EU GDPR).

1. Data Transparency
The right to be informed (Article 15 EU GDPR)
You have the right to get information about what personal information Brand Optimized keeps about you. To exercise these rights, please contact: DPO (Data Protection Officer). In order to ensure that the right person receives the information, we must be able to identify you. This also applies if you have questions about data processing in our company. You also have a right of appeal to a data protection supervisory authority.

2. Right to rectification.
The right to rectification (Article 16 EU GDPR)
You are entitled to have any incorrect personal data about yourself corrected and also to supplement if personal information is incomplete.

3. Right to be forgotten.
The right to erasure (Article 17 EU GDPR)
The right to be forgotten derives from the case Google Spain SL, Google Inc v Agencia Española de Protección de Datos, Mario Costeja González (2014). For the first time, the right to be forgotten is codified and to be found in the GDPR in addition to the right to erasure.

According to this, personal data must be erased immediately where the data are no longer needed for their original processing purpose, or the data subject has withdrawn his consent and there is no other legal ground for processing, the data subject has objected and there are no overriding legitimate grounds for the processing, or erasure is required to fulfil a statutory obligation under the EU law or the right of the Member States. In addition, data must naturally be erased if the processing itself was against the law in the first place.

4. Limitation of processing.
The right to restrict data processing (Article 18 EU GDPR)
We store your data for as long as they are needed for the respective processing purpose. Please note that multiple retention requirements may require that data continue to be stored. This specifically involves commercial or tax-related retention requirements (i.e. commercial code, tax code, etc.). Unless there are further retention requirements, the data will be deleted after use, as a matter of routine.

In addition, we may retain data if you have given us your permission to do so, or if there are legal disputes and we use evidence within the statutory limitation period, which may be up to thirty years; the regular limitation period is three years.

5. Data portability.
The right to data portability (Article 20 EU GDPR)
You can request an electronic copy showing which personal data you have submitted to Brand Optimized.

6. Objection to data processing.
The right to object to data processing (Article 21 EU GDPR)
If we process your personal data for the purpose of direct mail, you have the right to object to this data processing at any time without giving reasons. This also applies to the any, provided that it is related to the direct marketing.

If you object to the processing for direct marketing purposes, then your personal data shall no longer be processed for these purposes. This is possible vie email to at any time. This right to object is free and may take place without a form.

In the event that we process your data to protect justified interests, you may object to such processing at any time for reasons that arise from your specific situation; this also applies to profiling arising from these provisions.

We will then no longer process your personal data unless we can demonstrate compelling legitimate grounds worthy of protection for the processing which override your interests, rights and freedoms, or the processing serves the establishment, exercise or defence of legal claims.

7. Data profiling.
Automated individual decision-making, including profiling (Article 22 EU GDPR)
You have the right not to be subject to certain types of automated decisions which also includes profiling or in any way could be detrimental to your rights. However, this article does not apply when it is necessary for entering into, or performance of, a contract between the data subject (you) and a data controller (Brand Optimized).

How we use the information we collect:

We collect and process your personal information for the following reasons:

(1) to enable you to generate the CV's, Personal Letters & emails that you create to send to other people of your choice from this site.

No personal data of any kind is ever given to 3rd parties. Your CV data on this site is yours and yours alone. Only you can decide to send it in applications from the site to the people and companies you choose to send it to.

You may review and modify the personal information we have collected by contacting us at and ask to be removed from this service or to have a copy of the data we have about you, which is actually always available to you and only to you when you login to your account.

You can also choose to remove your account and/or newsletter subscription in the user area. You can opt in or out of the newsletter at any time by using the unsubscribe link in any email you receive. Please note: we have no newsletters at this time.

We have chosen not to have active data connections or login capabilities from social media sites or career networks. At Brand Optimized your personal information is always for your personal use only.

By using this Website, you are expressly consenting to the collection and use of your information as described. If you find our policies and/or procedures objectionable, please do not use this Website.


Every time you log in to the site you receive a session-id. This session-id expires after a certain period of inactivity or when you have logged out. Then the browser garbage collection clears the file from your browser.

You also set a persistent cookie when you acknowledge the cookie agreement.

This privacy statement covers the use of cookies by only and does not cover the use of cookies by any eventual advertisers or third parties such as those that maybe set if you use LinkedIn or Facebook to register.

...more about cookies

A cookie is a small text file that is stored on a user’s computer for record-keeping purposes. This is a common web technology used by most modern websites and we use cookies in line with commonly accepted practice.

Most websites use both session ID cookies and persistent cookies. We use a session cookie to make it easier for you to navigate our site and it expires when you close your browser.

(A persistent cookie remains on your hard drive for an extended period of time. Persistent cookies can easily be removed by following directions provided in your Internet browser’s help section or by searching how to remove cookies on google.)

Information Sharing and Disclosure

We DO NOT share your personal information with any third parties without your permission. We may share anonymous data that you have provided us such as age, gender, location etc to provide broad statistics to third party advertisers and partners. This information does not identify individual users and is not linked to your personally identifiable information.

Terms of Service

Spam policy

From time to time, Brand Optimized may use your information to contact you by e-mail concerning our services. These communications are often intended to inform you of important information regarding your account, or about the functionality of the website and general services provided by Brand Optimized and/or its affiliates. If you do not want to receive email from us or our affiliates regarding new services, please click the "unsubscribe" link which is included at the bottom of any email you receive from us.

We reserve the right to introduce a newsletter on a weekly basis. We have no such newsletter at this time.

Companies that are interested in our services require a separate agreement.

Brand Optimized services may not be exploited for commercial purposes or for the development or production of competitive services. Users of the service do not own nor have the right to distribute, sell, assign or otherwise transfer data products or documentation even with further processing, to a third party, without prior written permission from

Force Majeure

Brand Optimized is not responsible for loss of service or data due to circumstances beyond the control of Brand Optimized which could not be foreseen or prevented.

Disputes, conflicts of law, etc.

Any disputes, conflicts of local or international law or legal irregularities regarding these terms, their interpretation, or in other legal relationships arising therefrom shall, if the parties can not resolve the dispute by negotiation, be settled according to European Union law in a Swedish court of law.

Nothing in this Agreement or its implementation shall be construed in a way that is detrimental to either party's position in any eventual disputes.

Please note that although we take all the steps we can to protect the information we collect from you, and that Brand Optimized has very strict protocols and SSL in place, no one, including us can guarantee risk-free use of the internet, and we make no such guarantees as to the absolute security of your personal information. We are, however, entirely committed to doing our utmost to ensure the security of your personal data. You, the user are 100% responsible for the data integrity.

Data security is the protection of data against unauthorized access or corruption and is necessary to ensure data integrity. Data integrity is a desired result of data security, but the term data integrity refers only to the validity and accuracy of data rather than the act of protecting data.

Contact Us

We will contact you within 1 working day.