Processing of personal data
On this day, 20 March 2018, the following policy was drawn up for Defensio IT Solutions AB.
We care about your data privacy. We want you to feel confident about trusting us with your personal data, which is why we have drawn up this policy. It is based on current data protection legislation and sets out what we do to uphold your rights and your data privacy.
The purpose of this policy is to explain how we process your personal data, what we use it for, who is able to share it and under what conditions, and how you can exercise your rights.
We are the data controller
Defensio IT Solutions AB (corporate ID no. 559018-7877, address Box 2, 184 21 Åkersberga, Sweden) is responsible for the processing of your personal data. Defensio IT Solutions AB is therefore the data controller for your personal data.
Why do we process personal data about you?
We process your personal data in order to provide you with our services and products, i.e. only for entering into and performance of a contract with you as a client.
What data do we gather about you – and why?
We aim to process as little personal data about you as possible. This means that we do not gather more personal data than is necessary for entering into or performance of a contract with you. In order to enter into or perform a contract with you, we need information about your first name, family name, e-mail address, address and other contact details for you. We do not have access to your personal data in any way other than through your submission of data to us.
If you have not given us your consent, we do not use your personal data for marketing purposes.
How do we protect your personal data?
Your security is important to us. We have therefore taken suitable technical, organisational and administrative security measures to protect your personal data from unauthorised access and other unlawful use. We regularly analyse and assess the measures in order to ensure that the protection of your data is as secure as possible.
Who do we disclose your data to?
We do not disclose your data to other companies or organisations unless required to do so by law or unless it is necessary in order to meet our statutory or contractual obligations towards you.
We may disclose your personal data to one of our partners, suppliers or subcontractors, but only if this is necessary in order for us to meet our obligations towards you as our client. We never disclose more personal data than is absolutely necessary.
Where required to do so by law, we may need to disclose your data to public authorities and other organisations. We may also need to disclose your data if this is necessary in order to establish, exercise or defend legal claims.
We never disclose your personal data to other companies or organisations for marketing purposes.
On what legal grounds do we process personal data about you?
We only process the personal data we need in order to provide our services and deliver our products to you, i.e. when we enter into or perform a contract with you. If we process any further data, we will obtain your consent or ensure that the processing is permitted on other legal grounds.
How long do we hold your personal data for?
We save data about you as a client for the duration of our contract with you and for a reasonable time thereafter. In the vast majority of cases, this means that we do not keep your personal data for longer than a year after the contract ceases, but under certain circumstances we may retain your data for a longer period. Such circumstances include being required to do so by law or the retention of data being necessary in order to establish, exercise or defend legal claims.
When we process personal data about you, you have various rights over your registered data. You are free to contact us about these at any time, and if you wish to exercise any of these rights as described below, the easiest way to reach us is by e-mailing firstname.lastname@example.org.
We reserve the right to take appropriate protection and security measures to establish that you are the person you claim to be when you contact us. If you are unable to prove your identity in a credible way, we may not be able to meet your request.
Access to personal data
You have the right to know what personal data we hold on you. If you wish to know this, you can obtain a summarised registry extract from us that contains all the personal data we hold on you.
Rectification and erasure
If we process your personal data incorrectly or if we no longer need the data, you are entitled to have it erased. If the data is incomplete, you are entitled to have it completed. Bear in mind that we may not be able to provide you with our services if you request erasure of your personal data.
Under certain circumstances, you are entitled to receive the data we hold on you in a commonly-used, written, machine-readable and structured format. This right relates to the personal data that you have personally submitted to us and that we process with your consent, or when the personal data is required for entering into or performance of a contract with you.
Restrictions on processing
Under certain circumstances, you are entitled to request that we restrict our processing of your personal data. This involves us labelling the data so that in the future we only use it for particular purposes. There is no guarantee that we will be able to provide you with our services if we restrict the processing of your personal data.
Right to object
You are entitled to object to processing of personal data that is conducted for the purpose of executing a task in the public interest, as part of an authority exercising its powers or after weighing up legitimate interests. We do not process your personal data for any of these purposes or on any of these grounds. You cannot therefore raise any objections to our processing on this basis.
Right to lodge a complaint
You are entitled to lodge a complaint with the Data Protection Authority, if you believe that we are processing your personal data incorrectly. You can find out more about this on the Data Protection Authority’s website www.datainspektionen.se.
You can contact us at any time by writing to email@example.com or by calling us on 08-36 40 00 if you want to know more about how we process your personal data. You can also find out more about us on our website www.defensio.se