Privacy Policy

Dated 1 June 2018


This document contains information on the processing of personal data of the Users of “CV Timeline” application (hereinafter: the “Application”), as required by the General Data Protection Regulation (hereinafter: the “GDPR”).


Personal data are any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.


The controller of the personal data provided by the users of the Application (hereinafter: the “Users” or “you”) is Toolbox For HR Sp. z o.o. sp. k. with its registered seat in Warsaw, at the address: ul. Dobra 56/66, 00-312 Warszawa (hereinafter: “us” or “Toolbox for HR”). You can contact us also via e-mail: [email protected] or by post, writing to the address indicated above.


As a controller, Toolbox protects your personal data and has implemented appropriate technical and organisational measures to ensure a level of security appropriate to the risk and scale of the processing, as required by the GDPR. In particular, we ensure that all data is secured using SSL encryption, all passwords are hashed, and all API endpoints require authentication. Still the Users must remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.


By using the Application, you agree to the collection and use of information in accordance with this Privacy Policy. Unless otherwise defined in this Privacy Policy, the terms used in this Privacy Policy have the same meanings as in our Terms and Conditions, accessible at:

Purpose and legal basis of personal data processing

We process your data so that you can use the Application (processing is necessary for the performance of contract pursuant to article 6.1(b) of the GDPR), this includes: providing and maintaining the Service, notifying you about changes to our Service, allowing you to participate in interactive features of our Service when you choose to do so, providing you with customer care and support. Additionally we process your data so that we can improve the efficiency of our Service, e.g. by contacting you using your e-mail address, monitoring the usage of the Service, and detecting, preventing and addressing technical issues (which constitutes our so-called “legitimate interest” pursuant to article 6.1(f) of the GDPR).

Recipients of personal data

The recipients of your personal data may include our authorized staff and entities processing the data on our behalf (such as host service providers and cloud storage). Our Application uses Google Analytics. Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network. You can opt-out of having made your activity on the Service available to Google Analytics by installing the Google Analytics opt-out browser add-on. The add-on prevents the Google Analytics JavaScript (ga.js, analytics.js, and dc.js) from sharing information with Google Analytics about visits activity. For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page:


Because our Application uses Google Analytics your personal data are transferred to the USA. The adequate to the GDPR level of protection of these transferred data is confirmed pursuant to the Commission Implementing Decision (EU) 2016/1250 of 12 July 2016 pursuant to Directive 95/46/EC of the European Parliament and of the Council on the adequacy of the protection provided by the EU-U.S. Privacy Shield (notified under document C(2016) 4176). You have a right to obtain a copy of the transferred personal data.

Period for which the personal data will be stored

Typically, your personal data will be stored by us as long as you use the Application. The data which are not necessary for the use of the Application (i.e. the data which we collected on the basis of our “legitimate interest”) will be stored by us until you object to the processing of those data. However, a longer period of time may stem from the statute of limitations on possible claims connected with the Application or relevant provisions of law binding us, for example when it comes to bookkeeping.


You are not required to provide us with your personal data, however, without the data we ask for while you download and install our Application you will not be able to use the Application. Lack of other data, which are not necessary for the use of the Application, may reduce the efficiency of the Service but will not make the use of the Application impossible.

Rights of the Users connected with the processing of their data

As a result of the processing of your personal data, you have a number of rights granted to you by the GDPR. You have the right of access to the personal data; if the date are inaccurate or incomplete, you can require that they are rectified; you have the right to erasure (especially in the event when the data are no longer necessary in relation to the purposes for which they were collected); the right to restriction of processing; the right to request portability of your personal information to a different controller and to object to the processing (the latter can be used towards the processing whose legal basis consists in a so-called “legitimate interest” of the controller).


In order to exercise your rights connected with personal data you may contact us by e-mail as indicated above.


Additionally, you have the right to complain to a data protection authority about the collection and use of your personal data. For more information, please contact your local data protection authority.

Information on the type of data processed

Information Collection And Use

We collect several different types of information for various purposes to provide and improve our Service to you.

Types of Data Collected

Personal Data

In order to use the Application you have to provide us with an e-mail address and create a password, or (if you log in using third providers) your name and e-mail address.


While using our Service, you can be additionally asked to provide us with certain personally identifiable information that can be used to contact or identify you. Such personal data may include:


  • e-mail address
  • first name and last name
  • employer
  • address, state, province, ZIP/postal code, city.
  • cookies and usage data.
  • Data that you (As a CV Timeline user) made public on your Linkedin profile

Usage Data

We may also collect information on how the Service is accessed and used (hereinafter: “usage data”). This usage data may include information such as your computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

Tracking & Cookies Data

We use cookies and similar tracking technologies to track the activity on our Service and hold certain information. Cookies are files with small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyze our Service. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.


Examples of Cookies we use:

  • Session Cookies. We use Session Cookies to operate our Service.
  • Preference Cookies. We use Preference Cookies to remember your preferences and various settings
  • Security Cookies. We use Security Cookies for security purposes

Use of Data

Data of other user profiles you browse

We handle profile data in several ways, we do not view or process in any way shape or form any profile data that is not explicitly listed here. These data are processed on your browser and do not leave your browser (we do not process these data within the meaning of the GDPR):

  • Profile’s Name
  • Linkedin or Glassdoor Url
  • Profile’s Job Description

Collected Anonymized Data:

These data are processed on your browser and leave your browser reaching our encrypted API. They are not sufficient to directly retrace a given profile and hence do not constitute personal data:

  • Profile’s Job Roles, Companies, City and Duration
  • Profile’s Degrees, Graduation Subjects and Attended Schools
  • Profile’s Current City
  • Hashed Profile’s Name (We use it to cache responses, hashing is a type of one way encryption. It means we cannot un-encrypt it to get the name back)

Links To Other Sites

Our Service may contain links to other sites that are not operated by us. If you click on a third party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

Children’s Privacy

Our Service does not address anyone under the age of 18 (hereinafter: “children”). We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your children have provided us with personal data, please contact us. If we become aware that we have collected personal data from children without verification of parental consent, we will take steps to remove that information from our servers.

Changes To This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by e-mail or push notifications prior to the change becoming effective and by posting the new Privacy Policy on this page with an updated “effective date” at the top of this Privacy Policy. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Terms and Conditions - Privacy Policy © 2018 CV Timeline - a Toolbox For HR product. plac Joachima Lelewela 10, 01-621, Warsaw, Poland. [email protected]