We at Gränsfors Bruk naturally care about your privacy and want to protect your personal data in the best possible way. Below you can read about how we use your personal data and guarantee your privacy. You can also read about your rights with regard to us and how you can exercise your rights.
WE CARE ABOUT YOUR PRIVACY!
By using Gränsfors Bruk’s services, you accept our Data Protection Policy and our processing of your personal data. You also give your consent to Gränsfors Bruk using electronic communication channels to send you information. It is important that you read and understand our data protection policy before you use our services. In order to be able to offer you our services and deliver goods, we need to process your personal data as described below. We do this with the utmost consideration for your privacy.
RESPONSIBILITY FOR PERSONAL DATA
Gränsfors Bruk is the controller for the processing of personal data for which we determine the purpose and means. Gränsfors Bruk complies with Swedish data protection legislation. Below are our contact details:
Gränsfors Bruks AB
556075 – 4441
SE-829 52 Bergsjö
You are more than welcome to send us any questions you have about data protection and personal data. You can always contact us at: firstname.lastname@example.org.
WHAT INFORMATION DO WE COLLECT ABOUT YOU?
We collect information that you give to us. You may directly or indirectly provide us with information about yourself in a number of different ways, such as when you place an order or contact us. This can be:
- Date of birth.
- Personal ID number.
- Contact information.
- Invoice and delivery address.
- Email address.
- Mobile phone number, etc.
- Information about goods/services – details regarding the goods/services you have purchased.
- Historical information – your purchasing history.
- Information about how you use our services, including page response time, download errors, how you accessed and left the service, as well as delivery notifications when we contact you.
- Device information – e.g. IP address, language settings, browser settings, time zone, operating system, platform and screen resolution.
The information you provide to us, as well as information about the goods/services, is generally necessary in order to enter into a contractual relationship with us, while the other information we collect is generally necessary for other purposes, as described below.
WHAT DO WE DO WITH YOUR INFORMATION?
We use all data about you to provide, carry out and improve Gränsfors Bruk’s services and products. Gränsfors Bruk processes personal data for the following purposes based on the following legal grounds:
|Purpose of the processing||Legal basis for the processing|
|To deliver goods and services to you.||Agreement (contract).|
|To manage your payment and the customer relationship, e.g. to fulfil our obligations to you and to provide you with information, products and services that you request from us.||Agreement (contract).|
|Customer analysis, to manage Gränsfors Bruk’s services and for Gränsfors Bruk’s internal operations, incl. troubleshooting, data analysis, testing, research and for statistical purposes.||Agreement and legitimate interest.|
|To make sure that content is presented effectively to you and your device.||Agreement and legitimate interests.|
|To prevent the misuse of Gränsfors Bruk’s services as part of our efforts to keep the services safe and secure.||Agreement and compliance with applicable legislation.|
|To improve our services and for general business development, such as improving the product range, developing new functions and new business opportunities.||Legitimate interest.|
|To comply with applicable legislation, such as laws and measures against money laundering and accounting laws and capital adequacy requirements.||Compliance with applicable legislation.|
TO COMMUNICATE WITH YOU
We may also use your data to communicate relevant information regarding products or similar services and to conduct customer satisfaction surveys regarding our services (e.g. after you have contacted our customer service function) via electronic communication channels and by phone. If you do not wish to receive such communication, please feel free to send an email to: email@example.com.
If you submit a job application (spontaneous application or for a specific position) via our website or our other communication channels, we process your personal data for the purpose of evaluating your application and recruiting personnel for our business. This also includes, if applicable, reference and background checks within the framework of our recruitment process. We would ask you not to send us any sensitive personal data (e.g. information about health, race or ethnic origin) in your application. If you are offered and accept a position, some of the personal data we have collected about you during the recruitment process will form part of your employment contract.
Personal data that we collect:
- Information about identity, e.g. name.
- Contact details, e.g. email address, phone number, address.
- Recruitment data, e.g. CV, personal statement.
- Information about which position, area, country and type of employment you applied for.
- Gender, citizenship and nationality.
- Grades, certificates, previous work experience, education or other information that you voluntarily provide us with in your job application.
The legal basis for processing your personal data during the recruitment process is based on your consent. Your application is always saved throughout the whole recruitment process. If you are not offered a job with us, we may save the information we have collected during the recruitment process for up to 24 months after the end of the recruitment process. Spontaneous applications are saved for up to 12 months from the submission of your application, unless a recruitment process has been initiated.
WHO MAY WE BE SHARING SHARE YOUR INFORMATION WITH?
When it is necessary to transfer data, we take all reasonable legal, technical and organisational measures to make sure that your data is handled securely and with an adequate level of protection. The transfers of personal data that may occur are:
Some employees at Gränsfors Bruk will receive information about you in order to be able to perform their duties, e.g. to place orders.
In some cases we use processors. The processors who are hired may only process personal data in accordance with the purposes and instructions that we have provided for the processing activity. Furthermore, the processor and those acting under the supervision of the processor may never access any more information than is required for the performance of the service covered by the agreement with us. When personal data has to be processed by a processor, a so-called data processing agreement is drawn up.
SUPPLIERS AND SUBCONTRACTORS
E.g. companies operating in the fields of logistics and transport that deliver your goods and suppliers of CRM, text message service providers and chat service providers.
We may provide the necessary information to authorities such as the police, the Swedish Tax Agency or other government agencies if we are required to do so by law or if you have given your consent for us to do so.
We may share your information with third parties in the event that we sell or purchase businesses or assets. In this case we may disclose your personal data to a prospective seller or buyer of such business or assets. If a substantial proportion of Gränsfors Bruk’s assets is acquired by a third party, personal data about our customers may be shared.
WHAT WE WILL NOT DO WITH YOUR DATA
We will not sell your personal data to third parties unless we have your permission to do so.
WHERE DO WE PROCESS YOUR PERSONAL DATA?
We always strive to process your data within the EU/EEA. However, in certain situations data may be transferred to, and processed in, a country outside the EU/EEA by a company within the Ekstigen group or by another supplier or subcontractor. As we are firmly committed to always protecting your data, we will take all reasonable legal, technical and organisational measures to make sure that your data is handled securely and with an adequate level of protection comparable with and at the same level as the protection offered within the EU/EEA.
FOR HOW LONG DO WE SAVE YOUR PERSONAL DATA?
We save your data for as long as you are a customer and subsequently for 36 months for analysis and communication or as long as is required by statutory retention periods. When we save your data for purposes other than our contractual obligations, e.g. in order to meet the requirements of accounting and regulatory requirements, we save data only for as long as is necessary and/or statutory for each purpose.
YOUR RIGHTS AS A DATA SUBJECT
RIGHT OF ACCESS
You may request a copy of the data you would like to know and to verify the information we have about you. This copy may be requested free of charge.
RIGHT TO RECTIFICATION
You have the right to rectify incorrect or incomplete information about yourself.
RIGHT TO BE ERASED (“RIGHT TO BE FORGOTTEN”).
You have the right to request the erasure of your personal data in the event that the data is no longer necessary for the purpose for which it was collected. There may, however, be legal obligations for us that prevent us from immediately erasing some of your data. These obligations derive from accounting and tax legislation, and also from consumer law. What we do then is to block the data that we are required to save from being used for purposes other than fulfilling such legal obligations.
WHAT ABOUT COOKIES AND SIMILAR TECHNOLOGIES?
You can read more about cookies here.
We reserve the right to change and/or update policies and rules on liability at any time. We will always make the latest version available on the website.
IF YOU HAVE COMMENTS ON GRÄNSFORS BRUK’S PROCESSING OF YOUR PERSONAL DATA
You have the opportunity to submit comments on Gränsfors Bruk’s processing of your personal data. Decisions made by Gränsfors Bruk in the role of controller in connection with you exercising your rights as described above may also be appealed. If you have a complaint about Gränsfors Bruk’s handling of this, you may submit a report to the Swedish Data Protection Authority.