Privacy Statement of Boldan Sweden AB
This Privacy Statement contains the information in accordance with EU's General Data Protection Regulation (GDPR). The Statement is drawn up 24.5.2018.
- The Registrar
Boldan Sweden AB
- Contact person for the Register
Saila Kallio, email@example.com, Tel. +358 50 521 4521
- Name of the Register
This Privacy Statement applies to the Boldan Sweden’s Customer Register.
- Purpose of processing of personal information
The purpose of processing of the customer information collected by Boldan Sweden’s is
- Ordering of products and services and delivering to customers• Recording of customer information as well as changes of customer addresses and other customer information (for example, changes of contact person)
- Managing and developing of customer/supplier relationships as well as communication with customers/suppliers
- Recording and implementing of direct marketing denials
- Performing of opinion and market surveys and queries
- Content of the Register
Following information is collected in the Register: Company name, business ID, contact person's first name, last name, personal ID, telephone number and email. E-mail communications and contracts are also stored in the customer relationship management system.
Boldan Sweden only stores the information necessary for the purpose of its operations and for the intended use of the information. Any information unnecessary for the intended use, outdated information and the information that is no longer valid for processing, is anonymized or securely deleted.
- Information sources of the Register
The main source of the customer and personal information is the customer himself/herself.
In addition, for the purposes described in this Privacy Statement, personal information may be collected and updated on the basis of publicly available sources and information received from authorities or other third parties within the limits of applicable legislation. Updating of the information is performed manually.
- Disclosure of the information and transfer outside the EU or EEA
The information will not be disclosed regularly to other parties. The information can be published as far as it has been agreed with the customer. However, the personal information may be disclosed to the authorities on request in accordance with the Swedish law. The Register is stored and located in such a way that no unauthorized parties have access to the records.
- Principles of protection of the Register
The Registrar maintains the security of the Register in a generally acceptable manner and seeks appropriate technical solutions to prevent unauthorized access to its computer technology based data systems, as well as to the data maintained and stored manually.
The records of the Register can only accessed by identified employees of the Registrar as well as the companies operating on behalf of the Registrar. Access to records maintained by computer technology requires identification by individual user name and password. The persons processing the records have the necessary access rights granted by the Registrar. The Register is stored on a secure server located in EU area.
- Right for checking and right to require correction of the records
Every person who's information is included in the Register has the right to check his/her records and right to request correction of any inaccurate or complement the incomplete data. If a person wishes to check of his/her records or to require correction, the request must be sent in writing to the contact person for the Register. The Registrant may, if necessary, request the applicant to prove his/her identity. The Registrant is required to respond to the customer within the time limit set by the EU's Data Protection Regulation.
- Other rights related to the processing of personal information
A person who's information is included in the Register has the right to request deletion of his/her records from the Register ("the right to be forgotten"). Furthermore, the registered person has other rights under the EU's General Data Protection Regulation, such as right to restrict processing of the personal information in certain situations. Requests must be sent in writing to the contact person of the Register. The Registrant may, if necessary, request the applicant to prove his/her identity. The Registrant is required to respond to the customer within the time limit set by the EU's Data Protection Regulation.