Privacy Policy 2018-11-30T08:51:12+00:00

Privacy Policy

At Solvina, i.e. Solvina Group AB and its subsidiaries, we protect your personal integrity and always strive for a high level of data protection. This privacy policy explains how we collect and use your personal data. It also describes your rights and how you can apply them.

It is important that you understand the privacy policy and feel safe in our processing of your data. Feel free to contact us if you have any questions.

Using the table of contents below, you can easily navigate to sections of special interest to you.

 

1 What is personal data and what is processing of personal data?

Personal data is any information that can be directly or indirectly attributed to a physical person.

Processing of personal data is all activities that affects the data, regardless of whether it is performed automated or not. Examples of common data processing are collection, registration, organization, structuring, storage, transferring and deletion.

 

2 Who is responsible for the personal data we collect?

The Solvina Group, consisting of Solvina Group AB (556550-2829), Solvina AB (556547-0761), Solvina International AB (556882-3280) and SolvInvest AB (556597-3269), with address Gruvgatan 37, 421 30 Västra Frölunda, are responsible for the corporate processing of personal data.

 

3 Employees; personal data and purpose

 

Purpose Processing performed Categories of personal data
Salary payment

Tax payments

Insurancees

Occupational health care

Wage and time reporting

Information to insurance companies

Information to some customers for entry into the customer’s facility

Name, personal code number

Contact information

Account number

Health information

Notes you choose to leave

Legal basis: Agreement and Legal obligation. This collection of your data is required to fulfil our commitments.
Storage period: Storage time during employee’s period of employment plus 7 years. Certain health data regarding dose registration is stored for 40 years according to legal requirements.

 

4 Employee’s relative; personal data and purpose

 

Purpose Processing performed Categories of personal data
List of relatives The management has access to the list of relatives Name, phone number, relation to our employees
Legal basis: Balancing of interest. Data is collected from the employee who commits to agree with each relative about what information is provided to Solvina and for what purpose.
Storage period: Employee’s period of employment.

 

5 Jobseeker; personal data and purpose

 

Purpose Processing performed Categories of personal data
Recruitment of skills Processing of applications Personal letter, curriculum vitae, grades, certificates and notes from references
Legal basis: Balancing of interest. The processing is necessary to meet the applicant’s and Solvina’s legitimate interest in deepening the contact.
Storage period: During recruitment period, as well as further after approval.

 

6 Customer; personal data and purpose

 

Purpose Processing performed Categories of personal data
To process inquiries, tenders and agreements Customer registers, tenders and order processing, web services, invoicing and accounting

Project documentation

Name. Contact details (e.g. address, email and phone number)

Corporate number

Payment history

Payment information

Legal basis: Completion of agreement. This collection of your contact information is required to fulfil our obligations under the agreement.
Storage period: As long as the agreement is valid, and interest exists. Deregistration is made at the request of the person.

 

7 Potential customers; personal data and purpose

 

Purpose Processing performed Categories of personal data
Marketing, recruit new customers List of potential customers, newsletters, fair contacts Name. Contact details (e.g. address, email and phone number)
Legal basis: Balancing of interest. The processing is necessary to meet the legitimate interest of Solvina and potential new customers to deepen the contact.
Storage period: As long as interest exists. Deregistration is made at the request of the person.

 

8 Supplier; personal data and purpose

 

Purpose Processing performed Categories of personal data
To fulfil the company’s purchasing routines and to fulfil the requirements of the ISO certification of the company Necessary processing for compliance with the company’s obligations under legal requirements or governmental decisions Name. Contact details (e.g. address, email and phone number)
Legal basis: Completion of agreement. This collection of data is required to fulfil our obligations under the agreement.
Storage period: Until the purchase order has been completed, including delivery and payment. Then due to balancing of interest. The processing is necessary to meet Solvina’s and the supplier’s mutual interest of continuing the business relationship. Deregistration is made at the request of the person.

 

9 From what sources do we retrieve your data?

In addition to the information you provide to us, we may also collect data from third parties. These are as follows:

  • Addresses from public records to be sure we have the right address information about you
  • Credit rating data from credit rating agencies, banks or business information companies
  • Social media data

 

10 Who do we share your data with?

Data Processors. A data processor is a company that processes the data on our behalf and according to our instructions. We have data processors who help us with:

  • Marketing, i.e. media agencies or advertising agencies that provide services such as print and distribution, visibility in social media
  • IT services, i.e. companies that handle the necessary operations, technical support and maintenance of our IT solutions

We check all data processors to ensure that they can provide sufficient safeguards regarding the security and confidentiality of personal data. We have written agreements with all data processors through which they guarantee the security of the data processed and undertake to comply with our security requirements as well as restrictions and requirements regarding international transferring of personal data.

Companies that are Data Controllers. We also share your data with certain companies that are data controllers. The fact that the company is a data controller means that we are not controlling how the information submitted to the company will be processed.

Data controllers with whom we share your data are:

  • Government agencies such as the police and the tax office if we are required to do so by law or on suspicions of crime
  • Companies that provide general goods transport such as logistics companies and freight forwarders
  • Companies offering payment solutions such as banks and other payment service providers, as well as insurance companies

When your data is shared with a data controller, the data is processed in accordance with the data controller’s privacy policy.

 

11 Where do we process your data?

We always strive for your data to be processed within the EU / EEA and all our own IT systems are located within the EU / EEA. For marketing and sales purposes, however, we may have to transfer the information to a non- EU country.

Regardless of the country in which your data is processed, we take all reasonable legal, technical and organizational measures to ensure that the level of protection is the same as within the EU / EEA. Examples of appropriate safeguard measures are approved code of conduct in the recipient country, standard contract clauses, binding company internal rules or confidentiality.

 

12 How long do we save data?

We will never save data longer than what is necessary for each purpose, see section 3-8 above.

 

13 What rights do you have as registered person?

Right to access data. We are always transparent about how we process data and if you want a deeper insight into what data we are processing, you may request access to the data.

Right to rectification. You may request that your data be corrected if the information is incorrect. Within the stated purpose, you also have the right to supplement any incomplete data.

Right to deletion. You may request the deletion of data we are processing if:

  • The data is no longer necessary for the purposes for which it was collected.
  • You oppose a balance of interest that we made.
  • You oppose treatment for direct marketing purposes.
  • Data is processed illegally.
  • Data must be deleted to comply with a legal obligation we are subject to.

Keep in mind that we may have the right to deny your request if there are legal obligations that prevent us from immediately deleting certain data.

Right to restriction. You are entitled to request limitations of data processing.

Right to object to certain types of processing. You are always entitled to avoid direct marketing and to object to all processing of data based on a balance of interest.

Balancing of interest: In case we use balance of interest as a legal basis for our data processing, you may object to the processing. In order to continue processing your data after such objection, we need to present a compelling legitimate reason for the current processing that weighs heavier than your interests, rights or freedom. Otherwise, we may only process the data to determine, exercise or defend legal claims.

Direct Marketing: You may object to your data being processed for direct marketing. Direct marketing refers to all types of outreach marketing measures. Marketing actions where you have actively chosen to use one of our services or else sought us to know more about our services do not count as direct marketing.

Right to data portability. If our right to process data is based either on your consent or completion of an agreement, you are entitled to request the data relating to you and which you have provided to us transferred to another data controller. A prerequisite for data portability is that the transmission is technically possible and can be automated.

 

14 How do we handle personal code numbers?

We will only process your personal code number when it is clearly motivated for the purpose, necessary for secure identification, or if there is any other reasonable reason. We will always minimize the use of your personal code number and by using, if it is enough, your birth date instead.

 

15 What are cookies and how do we use it?

Cookies are a small text file consisting of letters and numbers sent from our web server and stored on your browser or device. We use the following cookies:

  • Session cookie; a temporary cookie that ends when you close your browser or device.
  • Durable cookies; cookies that remain on your computer until you remove them, or they expire.
  • First party cookies; cookies set by the site you visit.
  • Third-party cookies; cookies set by a third-party site. These are primarily used for analyses, such as Google Analytics.
  • Similar techniques; techniques that store information in your browser or device in a manner similar to cookies.

The cookies we use usually improve the services we offer. Some of our services need cookies to work properly. We use cookies for overall analytical information regarding your use of our services and for saving functional settings such as language and other tasks.

 

16 Can you control the use of cookies yourself?

Yes, your browser or device allows you to change the settings for the usage and extent of cookies. Go to the settings of your browser or device to learn more about adjusting the settings for cookies. Keep in mind that some of our services might not work if you block or delete cookies. You can read more about cookies on the Post and Telecom Agency website, www.pts.se.

 

17 How is your data protected?

We use administrative procedures and IT systems to protect the privacy, integrity and access to data. Only those persons who actually need to process your data to fulfil our stated purposes have access to them.

 

18 What does it mean that the Swedish Data Protection

Authority is the supervisory authority?

The Swedish Data Protection Authority is responsible for monitoring the application of the law foundation. A person who considers his/her data incorrectly processed may report this to the Swedish Data Protection Authority.

 

19 How do you contact us with questions about data protection?

If you have questions about our data protection, please feel free to contact us.

We may make changes to our privacy policy. The latest version of the privacy policy is always available on this site.