Privacy policy

Last updated: June 2026

1. Introduction

This Privacy Policy explains how Soolv AS (“Soolv,” “we,” “our,” or “us”) collects and uses personal data when you visit www.soolv.com, create or manage a Soolv account, contact us, or receive communications from us.

It covers the personal data for which Soolv is the data controller. This means we decide why and how the data is processed. It includes data about website visitors, account users, billing and business contacts, people who contact us, and people who apply for jobs at Soolv.

What this policy does not cover. When our customers use the Soolv platform, they upload and process personal data about their own candidates, such as CVs, transcripts, evaluations and notes. For that data, our customer is the controller and Soolv acts only as a data processor on their instructions. That processing is governed by our Data Processing Agreement (DPA) with the customer, not by this policy. If you are a candidate and want to exercise your rights over that data, please contact the organisation you applied to, and we will refer such requests to them.

2. The Data We Collect

We collect the following categories of personal data as a controller:

  • Account data: name, work email, company, job title and phone number for the people who register and administer a Soolv account.

  • Billing data: billing contact details and information needed to issue invoices and process payments.

  • Business and marketing contacts: name and contact details of people at our customers, prospects and partners, and of people who sign up for updates or request a demo.

  • Communications: the content of emails, support messages and feedback you send us.

  • Website and usage data: technical data such as IP address, browser and device type, and information about how the site and platform are used, collected in line with our Cookie Policy.

  • Recruitment data: if you apply for a job at Soolv, the information in your application.

3. Why and On What Basis We Use It

We process this data to provide and secure our services, manage accounts and billing, respond to enquiries and provide support, understand and improve how our website and platform are used, send service communications and (where you have opted in) marketing, recruit for open roles, and meet our legal obligations.

We rely on the following legal bases under the GDPR and the Norwegian Personal Data Act:

  • Performance of a contract: to provide the platform and manage your account.

  • Legitimate interests: to secure, operate and improve our services and to develop business relationships, balanced against your rights.

  • Consent: for optional cookies and for marketing where consent is required. You can withdraw consent at any time.

  • Legal obligation: to comply with accounting, tax and other legal requirements.

We do not use personal data for automated decision-making that produces legal or similarly significant effects without meaningful human involvement.

4. Cookies

We use cookies and similar technologies on our website. How we use them, and how you manage your consent, is described in our separate Cookie Policy.

5. How We Share Data

We share personal data only where necessary:

  • Service providers (subprocessors): vendors that help us run our business, such as hosting, analytics, communications and payments, acting under contract on our instructions. A current list is available on request at hey@soolv.com.

  • Legal and protection: where required by law, or to protect the rights, property or safety of Soolv, our users or others.

  • Business transfers: in connection with a merger, acquisition or sale of assets, subject to appropriate confidentiality protections.

We do not sell personal data.

6. International Transfers

Your data may be processed outside the EEA. Where it is, we rely on appropriate safeguards such as EU Standard Contractual Clauses, transfers to countries covered by an adequacy decision, or equivalent measures.

7. Retention

We keep personal data only for as long as needed for the purposes above, or as required by law. Data tied to a closed or inactive account is deleted or anonymised within 12 months, unless we are required to keep it longer.

8. Security

We use appropriate technical and organisational measures to protect personal data, including encryption in transit and at rest, role-based access controls, monitoring, and regular security reviews. Only authorised personnel with a legitimate need can access your data.

9. Your Rights

Under applicable law you have the right to access your personal data, correct it, request its deletion, restrict or object to certain processing, withdraw consent, and receive your data in a portable format. To exercise any of these, email us at hey@soolv.com.

You also have the right to complain to a supervisory authority. In Norway this is Datatilsynet (www.datatilsynet.no). We would appreciate the chance to address your concerns first.

10. Children

Our platform is not intended for anyone under 16, and we do not knowingly collect their data.

11. Changes

We may update this policy from time to time. The current version is always available on our website, and we will notify you of significant changes by email or platform notice.

12. Contact

Soolv AS
Grundingen 2, 0250 Oslo, Norway
hey@soolv.com