Privacy Policy
Swedish Neutral Aktiebolag ("we", "us", or "the Company") value your trust, and we are committed to protecting the privacy and security of your personal data.
What is the purpose of this document?
The purpose of this policy is to inform you about your rights and how your personal data is being processed by us.
The policy applies to applicants for employment, customer-, partner- and supplier representatives, website visitors, shareholders, and directors.
The Company is a “data controller”. This means that we are responsible for deciding how we hold and use personal data about you. We are required under data protection legislation to notify you of the information contained in this policy.
It is important that you read this policy, together with any privacy notice we may provide on specific occasions when we are collecting or processing your personal data, so that you are aware of how and why we are using such information.
Data Protection Principles
We will comply with data protection law. This means that the personal data we hold about you must be:
(a) used lawfully, fairly and in a transparent way;
(b) collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes;
(c) relevant to the purposes we have told you about and limited only to those purposes;
(d) accurate and kept up to date;
(e) kept only as long as necessary for the purposes we have told you about; and
(f) kept secure.
What personal data do we process, for what purposes, how long, with whom, and on what legal basis?
We mainly process the personal data that you have shared with us, but to a certain extent we also collect and process your personal data from other sources, such as from references and background check suppliers (applicants for employment), customers, and suppliers of business directories and social media.
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
In the following we will describe what personal data we process, for what purposes, how long, with whom, and on what legal bases we process it.
Recruitment
We process personal data in our recruitment process for the purpose of finding and communicating with applicants and to ultimately hire the most qualified person for the relevant position. For these purposes, we process a wide range of the applicant's personal data. This includes the applicants name, personal number, and contact details (e-mail, phone number and home address).
Further, other information provided in the recruitment process, such as copies of right to work documentation, references and other information included in a CV or cover letter, previous employment background, education history, professional qualifications, language and other relevant skills, certification, certification expiration dates, and background check information (where necessary taking into account the responsibilities of the position in question).
As an applicant, you are not obliged to provide us with this personal data, but we may choose to not enter into an employment contract or communicate with you if you do not provide it.
We do not process this personal data for longer than is necessary to fulfil the purposes above.
We mainly share this personal data with the IT-service suppliers we use for communication and document management. Where we do not enter into an employment contract with an applicant, we continue to process the applicant's personal data for an additional 2 years for evidence purposes in case of potential discrimination lawsuits.
Legal basis: Performance of contract and our legitimate interest.
Customer relationships
We process the personal data of customer representatives for the purposes of communicating and receiving information relevant to our service delivery, performing customer service, and maintaining and improving the customer relationship and experience. For these purposes, we process the representative's name, job title, e-mail address, phone number, the company which they represent, as well as the contents of all our communication history (e.g., e-mails, and minutes from meetings).
As a customer representative, you are not obliged to provide us with this personal data, but we may choose to not enter into a contract with the company you represent or communicate with you if you do not provide it.
We do not process this personal data for longer than is necessary to fulfil the purposes above. We mainly share this personal data with the IT-service suppliers we use for communication and document management.
Legal basis: Our legitimate interest.
Partner- and supplier relationships
We process the personal data of partner- and supplier representatives for the purposes of communicating and receiving information relevant to the partnership-/supplier agreement and maintaining and improving the partner/supplier relationship. For these purposes, we process the representative's name, job title, e-mail address, phone number, the company which they represent, as well as the contents of all our communication history (e.g., e-mails, and minutes from meetings).
As a partner- or supplier representative, you are not obliged to provide us with this personal data, but we may choose to not enter into a contract with the company you represent or communicate with you if you do not provide it.
We do not process this personal data for longer than is necessary to fulfil the purposes above.
We mainly share this personal data with the IT-service suppliers we use for communication and document management.
Legal basis: Our legitimate interest.
Website
We process the personal data of website visitors for the purposes of showing the contents on our website, communicating with visitors, and analysing how visitors interact with the website so that we can improve its contents, performance, and security.
For these purposes, we process data about unique visitors who has used our website, how they have interacted with it, and the time and location for their interaction.
Where a website visitor chooses to message us, we also process the visitors name, email address, company, and the contents of the message.
We do not process this personal data for longer than is necessary to fulfil the purposes above.
We mainly share this personal data with the IT-service suppliers we use for communication and document management.
Legal basis: Our legitimate interest.
Share register
We process the personal data of our shareholders for the purpose of fulfilling our legal obligation to keep a share register. For this purpose, we process shareholders name, personal number, postal address, the type and number of owned shares, and whether the shares are subject to any reservations (e.g., right of first refusal).
We do not process this personal data for longer than is necessary to fulfil the purposes above.
We mainly share this personal data with the IT-service suppliers we use for communication and document management. Further, we may share it with any person who requests a copy of our share register, since the share register is a public document under mandatory law.
Legal basis: Legal obligation.
Directors
We process the personal data of candidates for directorship existing directors. For candidates, we process the same categories of personal data as stated in paragraph 3.14 of this policy (including mandatory background check information such as bankruptcy and trading prohibition) for the purpose of selecting the most qualified person for the position. For existing directors, we process the personal data collected during their recruitment, as well as personal data related to a director's performance of their contractual and statutory duties.
We do not process this personal data for longer than is necessary to fulfil the purposes above. We mainly share this personal data with the IT-service suppliers we use for communication and document management.
Legal basis: Our legitimate interest and legal obligation.
Compliance with other legal obligations
The personal data we process for all of the aforementioned purposes may also be processed by us to comply with other legal obligations. That might especially be the case where processing is necessary to answer to public authorities in audits, inspections, and supervisory- or criminal investigations.
Where applicable, we do not process the personal data for longer than is necessary to fulfil this purpose.
Legal basis: Legal obligation.
Due diligence procedures
We may process all categories of personal data (in our possession) of all categories of data subjects to which this privacy policy applies (see Section 1.2 above), for the purpose of performing financial-, legal- and technical due diligence of our company.
This essentially means that we share relevant documentation, such as financial records and agreements, with external parties such as economists, lawyers, and technical experts so that they can assess the value of our company or specific business parts (mainly in preparation of a share- or business transfer).
Where applicable, we will not process the personal data for longer than is necessary to fulfil this purpose.
Legal basis: Legitimate interest.
Business transfers
We may process all categories of personal data (in our possession) of all categories of data subjects to which this privacy policy applies (see Section 1.2 above), for the purpose of performing a business transfer, i.e., transferring agreements and other company documents to a buyer of a specific part of our business. Where applicable, we will not process the personal data for longer than is necessary to fulfil this purpose. Please note that after a business transfer, it is the buyer who assumes the data protection obligations under applicable law for the purchased business parts.
Legal basis: Legitimate interest.
Transfers to international organisations and parties outside the EU/EEA
We will not transfer personal data we collect about you to third parties outside the EU/EEA or to an international organisation unless an adequate level of protection has been put in place to ensure that your personal data is treated by those third parties in a way that is consistent with, and which respects the GDPR.
Rights of access, correction, erasure, restriction and data portability
Your rights in connection with your personal data
Under certain circumstances, by law you have the right to:
(a) request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it;
(b) request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected;
(c) request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below);
(d) object to processing of your personal data where we are relying on a legitimate interest and the circumstances of your particular situation mean you wish to object to processing on this ground;
(e) request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it; and
(f) request the transfer of your provided personal data to another party.
Please note, however, that certain personal data may be exempt from such access, correction, and deletion requests pursuant to applicable data protection laws or other laws and regulations.
No fee usually required
You will not be required to pay a fee to access your personal data (or to exercise any of the other rights), but we may charge a reasonable fee for any additional copies of the materials we provide. Where your request is manifestly unfounded or excessive, we may also charge a reasonable fee or alternatively, we may refuse to comply with the request.
What we need from you
We may request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is to ensure that personal data is not disclosed to any person who has no right to receive it.
How to exercise your right of access or other rights relating to your personal data
If you want to make a request in respect of your rights relating to your personal data, please email or write to our contacts which are shown below.
If your request or concern is not satisfactorily resolved by us, you can contact Integritetsskyddsmyndigheten at imy@imy.se.
Our contact details
Address: Mätarvägen 12, 196 37, Kungsängen
E-mail address: mail@swedishneutral.se
Phone: +46 8 581 713 44
Changes to this privacy policy
Changes to this policy are published on our website, www.swedishneutral.se.
If you have any questions about this privacy policy, please contact us by using our contact details in the section above.