Rybrinks AB values your privacy. You should feel secure when you entrust us with your personal data. That is why we have established this policy. It is based on the General Data Protection Regulation (GDPR) and clarifies how we work to protect your rights and privacy.

You have the right to request access to your personal data and to have it corrected or deleted at any time, and you also have the right to request restrictions on and object to the processing of your data. If you wish to do any of the above, please contact info@rybrinks.se.

Purpose

The General Data Protection Regulation exists to protect the fundamental rights and freedoms of individuals, in particular their right to the protection of personal data. The GDPR places higher demands on companies and focuses on your rights. It concerns the individual’s right to protect their personal information and to decide for themselves what information is shared with others.

The purpose of this policy is to let you know how we process your personal data, what we use it for, who has access to it and under what conditions, and how you can exercise your rights.

Background

We process your personal data primarily to fulfil our obligations to you. Our starting point is not to process more personal data than is necessary for the purpose, and we always strive to use the least privacy-sensitive data.

We need your personal data to comply with laws. We also need your personal data to provide you with good service, for example in terms of marketing, follow-up and information, and to perform customer and market analyses. When you contact us through any communication channel, the contact details you provide are used to handle your case.

You have the right to object to our use of personal data for direct marketing. When we collect personal data about you for the first time, you will receive more information about this and how you can object to it. When you visit our website, you consent to cookies for the processing of your data.

Guidelines – What personal data do we process?

We only process personal data when we have a legal basis for doing so. We do not process personal data in any other case than when it is necessary to fulfil obligations under agreements and the law. Here are some examples of the personal data we process:

• Company name
• Organisation number
• Invoice address and delivery address
• Name
• Customer number
• Telephone number, email address and work address
• Notes for fulfilling commitments/agreements
• Information you have voluntarily provided
• IP addresses and cookies
• How do we access your personal data?

We try as far as possible to obtain your consent before we start processing your personal data. You consent to processing by accepting our general terms and conditions. When you agree to our general terms and conditions, you also consent to us processing your personal data.

You have the right to withdraw your consent at any time. We will then no longer process your personal data or collect new data, provided that this is not necessary to fulfil our obligations under contract or law. Please note that withdrawal of consent may mean that we are unable to fulfil our obligations to you.

We get access to your personal data when you:

• provide it to us
• visit our website
• use our services
• sign up for newsletters and other mailings
• respond to surveys and questionnaires
• contact us, apply for a job with us, visit us or otherwise get in touch with us

We also get personal data from public registers.

How long is your personal data stored?

Rybrinks AB stores your personal data for as long as there is a customer relationship. This is so that we can fulfil our obligations to you. The data is also stored when necessary to achieve the purposes described in this policy. When the customer relationship ends, some data is removed, some is anonymised and some is deleted. This is done within a reasonable time after you cease to be a customer of Rybrinks AB, unless current legislation states otherwise.

How long your personal data is stored depends on the purpose for which it was collected and the legal basis for its processing. Personal data collected for invoicing purposes is stored for as long as necessary for accounting purposes. Personal data may also be stored if there is a balancing of interests that says it is necessary and is based on other financial or security reasons. In such cases, storage is limited and managed using the authorisation[1] controls specified in this policy.

Is your personal data handled in a secure manner?

We develop procedures and working methods to ensure that your personal data is handled securely. The basic principle is that only employees and other persons within the organisation who need the personal data to perform their duties should have access to it.

Our security systems are developed with your privacy in mind and provide a high level of protection against intrusion, destruction and other changes that could pose a risk to your privacy.

We have several IT security policies in place to ensure that your personal data is processed securely.

We do not transfer personal data in cases other than those expressly stated in this policy.

When do we disclose your personal data?

Our starting point is not to disclose your personal data to third parties unless you have consented to this or unless it is necessary to fulfil our obligations under contract or law. In order to provide certain services, it is sometimes necessary to share certain personal data with other companies. In cases where personal data is disclosed to third parties, confidentiality agreements are drawn up to ensure that the personal data is processed in a secure manner. The suppliers with whom Rybrinks AB collaborates have obligations regarding the processing of personal data that are equivalent to the obligations we have towards you as a customer.

Responsibility

Rybrinks AB is the data controller, which means that we are responsible for how your personal data is processed and that your rights are upheld.

Questions?

If you have any questions about how we handle personal data, you are always welcome to contact us: info@rybrinks.se

More information about rules for the processing of personal data can be found at the Swedish Data Protection Authority: www.imy.se