We care about your privacy regarding the information we have about you. Our privacy policy provides you with answers about how we use your data and how we protect it.
GS1 Sweden AB (”GS1”), corporate identity number 556667-6770 (”we”, ”us” and ”our”), with postal address Box 1178, 111 91 Stockholm, is dedicated to the protection of your personal integrity. Our ambition is to always protect your personal data in the best way possible and to comply with all applicable data protection laws and regulations. Through this privacy policy, we wish to inform you of how we process your personal data.
Personal data controller
GS1 is the personal data controller for the processing of your personal data and is responsible for ensuring that all processing is carried out in accordance with applicable legislation.
Personal data we process concerning you
When you are in contact with GS1, you may provide us with personal data. GS1 processes personal data such as name, address, email address, etc.
Who may get access to your personal data?
Your personal data will be processed by GS1. In addition, your personal data may be shared with third parties that process personal data on our behalf, so-called personal data processors. For example, our IT and system providers may gain access to your personal information.
We and our suppliers and partners only process your personal data within the EU/EEA.
Specific to individual traders
If you are an individual trader and the company contains your personal name, the following also applies. We share this information, as well as your company’s contact information with selected recipients who process the personal data on their own account. For example, it may be that the product is not a part of the product. be resellers who use information we share with them to verify that the identification number your company uses is based on a valid GS1 license. In addition, the data will be shared with third parties through services provided by GS1 Sweden or the GS1 global organization. In all cases, the personal data may also be processed outside the EU/EEA, e.g. in the United States.
The transfer of personal data is in accordance with your express [som inhämtas separat] consent. There is a lack of adequacy decisions, nor are there appropriate safeguards for the transfer to, inter alia, the European Union. UNITED STATES. There may not be a supervisory authority and/or data processing principles and/or rights for the data subject in the recipient country. Nevertheless, we believe that a transfer can take place without risk, taking into account that the personal data constitutes information regarding your company.
Purpose and legal basis for our processing of your personal data
GS1 bases the processing of your personal data on a number of legal grounds and for a number of purposes described below.
- In some cases, GS1 may have a legal obligation to process your personal data. This applies to the processing of personal data that we do to meet legal requirements according to, for example, the Accounting Act (Bokföringslag (1999:1078))
- Part of the processing of personal data that we carry out is based on a so-called balancing of interests. Examples of this are when we use partners, or our handling of personal data about contact persons at our customer companies, and to enable general customer care and customer service.
Our legitimate interest in processing your personal data is that GS1 should be able to handle practical parts of a business relationship.
The provision of your personal data is in some cases a requirement that is necessary to enter into an agreement between your company and us. You are not obliged to provide personal information. If you do not provide us with your personal information, we will not be able to fulfill our agreement or fulfill our obligations in relation to your company.
How do we protect your personal data?
We and our IT- and system suppliers have taken several security measures to protect the personal data that is being processed. We have firewalls and anti-virus software to protect and prevent unauthorised access to our networks and systems. Our employees have strict instructions to process all personal data in accordance with applicable laws and regulations. Only a limited number of employees have access to the facilities and systems where personal data are being stored and passwords and usernames, as well as two-factor authentication, are required to log in to these systems.
How long do we keep your personal data?
We never process your personal data for a longer period than is allowed by applicable law, regulation, case law, or authority decisions. Personal data that we process for the purpose of fulfilling our agreement with your company are normally processed for the period that is necessary to administer the contractual relationship, exercise our rights and fulfil our obligations towards your company in its capacity of a customer to us. To comply with legal obligations, we may keep your personal data for a longer period.
Your rights
In accordance with current data protection legislation, you have the right to access information about which personal data we process about you and the right to request the correction of your personal data.
Under certain conditions, you also have the right to request deletion or restriction of your personal data or object to our processing of your personal data. You also have, under certain conditions, the right to obtain the personal data concerning you that you have provided to us in a structured, generally used and machine-readable format and have the right to transfer these to another personal data controller.
You have the right at any time to withdraw a consent to the processing of personal data with effect from the withdrawal. You also have the right at any time to object towards the processing of your personal data for the purpose of direct marketing.
Should you have any complaints regarding our processing of your personal data, you have the right to lodge a complaint with the Privacy Protection Authority or other competent supervisory authority that supervises companies’ handling of personal data.
If you wish to exercise your rights in accordance with what is stated above or otherwise wish to contact us regarding our processing of your personal data.