GS1 is the data controller for the processing of your personal data and is responsible for ensuring that all processing is carried out in accordance with applicable law.
Categories of personal data we process concerning you
When you are in contact with GS1, you may provide us with personal data. GS1 processes your personal data such as name, address, email address etc.
Purpose and legal basis for processing your personal data
GS1 is processing your personal data on the basis of a number of legal grounds and for several purposes as described below.
- In some cases, GS1 may have a legal obligation to process your personal data. This includes processing personal data to comply with applicable laws, for instance the Swedish Accounting Act (1999:1078).
- We also process your personal data on the basis of a legitimate interest. Examples of where we base our processing on a legitimate interest is where we use partners, in the handling of personal data of contact persons at our customers and to enable common customer relation management and customer service.
Our legitimate interest of processing your personal data is for GS1 to be able to practically administer business relationships.
Provision of your personal data is in some cases a necessary requirement for enabling an agreement between us and your company. You are not required to provide us with your personal data. I you do not provide us with your personal data, we have no possibility to fulfil our agreement or our commitments towards your company.
Who may get access to your personal data?
Your personal data will be processed by GS1.
Furthermore, your personal data may be shared with parties that process personal data on our behalf, i.e. data processors. Such data processors are, amongst others, our IT and system providers.
We and our suppliers and partners only process your personal data within EU/EES.
How do we protect your personal data?
We and our IT- and system suppliers have taken several security measures to protect the personal data that is being processed. We have firewalls and anti-virus software to protect and prevent unauthorised access to our networks and systems. Our employees have strict instructions to process all personal data in accordance with applicable laws and regulations. Only a limited number of employees have access to the facilities and systems where personal data are being stored and passwords and usernames are required to access these systems.
How long do we keep your personal data?
We never process your personal data for a longer period than is allowed by applicable law, regulation, case law or authority decision. Personal data that we process for the purpose of fulfilling our agreement with your company are normally processed for the period that is necessary to administer the contractual relationship, exercise our rights and fulfil our obligations towards your company in its capacity of customer to us. To comply with legal obligations, we may keep your personal data for a longer period.
In accordance with applicable data protection regulation, you have the right of access to the personal data we process regarding you, and have the right to request rectification of your personal data.
Under certain circumstances, you are entitled to request the erasure of your personal data or restriction of the processing of your personal data or object towards our processing of your personal data. Furthermore, under certain circumstances, you are entitled to receive the personal data concerning you that you have provided to us in a structured, commonly used and machine-readable format and have the right to transmit the personal data to another data controller.
You have the right at any time to withdraw a consent to the processing of personal data with effect from the withdrawal. You also have the right at any time to object towards the processing of your personal data for the purpose of direct marketing.
If you have any complaints regarding our processing of your personal data, you have the right to lodge a complaint with the Swedish supervisory authority Datainspektionen or any other competent supervisory authority that monitors enterprises’ processing of personal data.
What is a cookie?
A cookie is a small text file sent from a web server and stored on your computer. It allows the site you visit to gather certain information to the owner of the site.
The information from cookies is used to improve and customize the site’s features by remembering your behavior on the site. We may also use third-party cookies (from, for example, Google) to store impersonal data about search behavior.
If you wish to exercise your rights in accordance with what is stated above or otherwise wish to contact us regarding our processing of your personal data.