Last updated: January 13, 2022
Privacy Policy
This privacy policy explains how we collect and use your personal data and cookies. It also describes your rights towards us and how you can exercise them. We will only use your personal data in accordance with this privacy policy and the General Data Protection Regulation (EU 2016/679) (“GDPR”).
1. PERSONAL DATA THAT YOU GIVE US
You may choose to give us your personal data. This includes information submitted when you visit our website, use our Services or if you contact us (collectively referred to as “Services” in this privacy policy). To provide personal data for processing is voluntary (see section 3 below). Should you be unable or refuse to provide personal data we may not be able to enter into a contract with you, or provide Services to you under an existing contract.
We will process the following categories of personal data that you give us:
1.1 When you inquire about or buy Services from us: name, title/role, company email address and phone number of the contact person as well as your company name, office address and VAT-number.
1.2 When you deliver Services to us: name, title/role, company email, address and phone number of the contact person as well as your company name, office address and
VAT-number.
1.3 When you subscribe to our newsletter: name and email address.
1.4 When you send us a job application: Name, email address, records to evaluate your suitability for the position, your CV and cover letter, as well as other personal data as may be relevant for the specific application.
1.5 If you contact us: We may ask for additional personal data other than as informed above, in order to assist you.
2. PERSONAL DATA THAT WE COLLECT
Personal data is mainly collected directly from you or generated as part of the use of our Services. Where additional data may be needed to keep personal data up to date or to fulfil obligations, we may process the following categories of personal data that we collect:
2.1 To administer payments and invoice you: name, email address and phone number of the contact person as well as your company name, office address and VAT-number.
2.2 To manage the customer or supplier relationship: name, email address and company name
2.3 By applying cookies when you visit our website:
- We collect information about the device you use to access our Services, including the device identifier, geolocation and IP-address.
- We collect information on how you use our website, such as information regarding how often you visit our website and which pages you visit on the website.
- We use social media widgets to enable visitors to engage with content from our website on the social platforms Facebook, Twitter, Instagram and LinkedIn. To understand how and what information is collected and what cookies are set by these third parties when you click on the links of the respective social platform, please refer to the privacy policy of the appropriate social platform.
2.4 If you do not want to accept cookies, you may adjust your web browser settings either to not accept cookies or to indicate when a cookie is used. Please note that by disabling cookies, some features on our website might not work as intended.
3. HOW WE USE AND KEEP YOUR PERSONAL DATA
3.1 We use your personal data to be able to provide our Services and fulfill our commitments towards you. We also use your personal data to comply with legal and contractual obligations. For example, personal data may be needed to comply with bookkeeping legislation or to manage contractual claims and provide services according to contract. The personal data will be stored for as long as necessary for the performance of a contract and/or as long as required by law.
Purpose of the Processing |
Personal Data Categories |
Legal Basis for the Processing |
Storage Period |
Administer customer or supplier relationship, including order and payment processing. |
Name, email address and phone number of the contact person. |
Fulfill our contractual obligations towards you, and a legal obligation. |
7 years after creation due to bookkeeping legislation. |
If you contact us. |
Name, email address and phone number of the contact person. |
Fulfill our contractual obligations towards you and to pursue legitimate interest. The legitimate interest is to provide services and support to potential customers or suppliers. |
As long as is necessary to assist you. |
Improve our website and understand how our website is used. |
Cookies described in Section 2.3 above. |
Pursue legitimate interest. The legitimate interest is to conduct customer analysis and understand how our website is used. |
6 months after your visit. |
Provide support services. |
Name, email address and phone number of the contact person. |
Fulfill our contractual obligations towards you. |
As long as necessary to provide the support, and one year after, whereas the processing is carried out partly to manage legal claims. |
Send you our newsletter and provide updates and other information regarding our Services. |
Name and email address. |
Fulfill our contractual obligations towards you and to pursue legitimate interest. |
As long as we send out such information, unless you unsubscribe. |
Manage your job application. |
Name, email address and phone number as well as other personal data provided by you |
Pursue legitimate interest, and consent if stored longer |
Until the position has been filled. Subject to your explicit consent, we may ask to store it for a longer period. |
3.2 Your personal data will be deleted by us when the processing is no longer necessary for the purposes stated above, except if required by applicable laws. In such case, we keep the data only as long as necessary or mandated by law for such purpose, such as for bookkeeping purposes.
4. SHARING OF PERSONAL DATA
4.1 We may share your personal data with certain selected subcontractors (third parties) as needed to provide our services and perform our contractual obligations towards you, when personal data needs to be processed on behalf of us. For example, subcontractors may need to process personal data to supply accounting services or IT-maintenance, hosting and support.
4.2 Subcontractors used to process data are limited by law or contract from using the personal data for purposes beyond those for which the personal data is shared. We take all reasonable legal, technical, and organizational measures to ensure that your personal data is treated securely and with an adequate level of protection when transferred to or shared with such selected third parties.
4.3 Some of the subcontractors we share your personal data with may be located outside the EU/EEA (in a third country). Depending on which part of our services you use, your personal data may be transferred to a third country. When doing so, we are committed to protect your data and comply with applicable data protection laws and will therefore evaluate potential risks and, where needed, put in place adequate safeguards to protect your personal data, such as the EU Commission’s Standard Contractual Clauses. Also, data may be shared with a subcontractor in a third country where the EU Commission has announced a decision declaring that the country has an adequate level of protection according to the GDPR.
4.4 If we are required by law or you have agreed to it, we will disclose necessary personal data to authorities such as the police, tax agencies or other authorities. An example of legally required sharing is for the purposes of anti-money laundering and counter-terrorist financing.
4.5 If you sign-up for e-mail marketing, e.g., for our newsletters, events or webinars or use the form to “contact us”, we will use the personal data you provide (normally e-mail address, but in some cases also telephone number, company and title), to send personalized offers, marketing, product news etc. The legal base for this is consent. You can withdraw your consent and unsubscribe from such marketing by using the unsubscribe link in the e-mail or by contacting us via the contact details below. If you sign up for email marketing in campaigns that we run in collaboration with our selected trusted partners, we reserve the right to share your personal data (normally e-mail address, job title and company) with the trusted partner to use for their marketing purposes.
4.6 In the event that we sell or buy any business or assets, we may disclose your personal data to the prospective seller or buyer of such business or assets. If we or substantially all of our assets are acquired by a third party, personal data about our customers may be disclosed and transferred.
5. YOUR RIGHTS
5.1 The right to a register excerpt. You have the right to request a transcript of your personal data that we store and process. Your request must be submitted in writing to us using the contact information below, including your signature.
5.2 The right to rectification and erasure. We want you to correct inaccurate or incomplete information about you, and ask you to keep your account updated at all times or contact us in this case. You also have the right to request erasure of your data i.a. in case you withdraw your consent to the processing of your data, whereas the data shall be erased unless the data is processed on another legal basis (please note that a withdrawal of consent does not affect the legality of processing of data for the time preceding the withdrawal). Instead of requesting erasure of personal data, you may request restriction of the processing.
5.3 Data portability. When it comes to personal data that you have provided to us, you have the right to request a transfer to another provider. Contact us for help with this.
5.4 The right to be forgotten. You have the right to object to our processing of your personal data. The consequence of this may be that we are no longer able to carry out the Services. Contact us and we'll see to what extent this is possible.
5.5Marketing communications. You may at any time decline marketing communications from us. Let us know in that case.
5.6 Complaints. If you are displeased with our processing of personal data, you should contact us and let us know. You can also turn to the Swedish Data Protection Authority (Sw. Datainspektionen), Box 8114, 104 20 Stockholm, Sweden, phone number + 46 8 657 61 00, email address datainspektionen@datainspektionen.se, or the equivalent authority in the EU-member state where you live, to file a complaint.
6. SECURITY
6.1 We are using adequate technical and organizational security measures to ensure that your personal data is not misused, lost, disclosed, altered or unlawfully accessed. We only give access to your personal data to those employees who require it to provide our Services.
7. UPDATES TO THIS POLICY
7.1 We may occasionally update this privacy policy. If we make significant changes, we will notify you of the changes through our Services or through other means, such as email. To the extent permitted under applicable law, by using our Services after such notice, you accept the updates.
7.2 We encourage you to periodically review this privacy policy for the latest information on our privacy practices.
8. CONTACT INFORMATION
8.1 If you have any questions regarding our processing of your personal data, or any question, complaint or claim, please contact us at:
Avensia AB
Org. no. 556561-8641
Vävaregatan 21
222 36 Lund, Sweden
E-mail: privacy@avensia.com