1. Processing of personal data
At Cresnia we value your privacy. We always process personal data responsibly in accordance with applicable law.
Processing refers in principle to all forms of processing of personal data and may include the collection, storage, modification, use or deletion of such data.
This policy, which applies to anyone who uses Cresnia’s services or products, or otherwise comes into contact with us, explains how and why we process your personal data and your rights under applicable privacy laws.
2. Personal Data Controller
Cresnia AB, Corp. 556597-5793, Box 55646, SE-102 14 Stockholm, Sweden is the Personal Data Controller for the company’s processing of personal data.
3. What type of personal data is processed?
Data that you provide us with
We collect and process personal data that you provide us with when you visit our website, enter into agreement with us for products and services, subscribe to our newsletter, contact us or use our digital channels.
Data to enable us to fulfil our contractual obligations
We collect and process personal data that is necessary for us to fulfil our contractual obligations. If the necessary personal data is not provided, we may not be able to fulfil our contractual obligations.
Data from other sources
We may receive and process some of your personal data (name, email address and telephone number) from your employer on signing an agreement with us. This is to ensure that communication relating to the agreement goes through you, that the service is delivered to you on request of your employer or to conduct surveys relating to the assignment on instruction of your employer.
4. To what purpose do we process personal data?
We process personal data for the purpose of fulfilling our obligations and to be able to provide you with products and services.
We process your personal data in order to:
– Fulfil our contractual obligations
– Manage and provide our products and services
– Manage customer service enquiries and other matters
– Provide data and market products and services tailored to your needs and interests
– Fulfil our legal obligations
– Improve our products and services through customer satisfaction surveys and market surveys
5. How long do we store your personal data?
Your personal data is stored for as long as it is necessary for the purpose for which it was collected and required for us to fulfil our contractual obligations. We may store it longer than necessary if required by law or to safeguard our legal interests during, for example, an ongoing legal process.
Your personal data is deleted when it is no longer relevant to the purpose for which it was collected
6. Legal grounds for processing personal data
Our processing of personal data is mainly carried out to safeguard our rights and to fulfil our contractual obligations. This is done on the legal bases of consent, contractual obligation or legitimate interest. Other types of processing gives us a legitimate interest in processing personal data, such as to send information, conduct customer surveys and marketing, and provide services related to our contractual obligations.
7. Who could we share your personal data with?
To the extent necessary we share your personal data with the suppliers and partners who provide services on our behalf.
Your personal data is mainly shared with:
– Companies such as banks that assist us with our payment system
– Companies from which we procure goods and services to fulfil our contractual obligations (e.g., furniture and furnishings suppliers)
– Companies that assist us with archiving
– Companies that conduct customer surveys on our behalf, e.g., customer satisfaction surveys
– IT services (critical operations, technical support and maintenance of our IT systems)
– Authorities. We may sometimes be obliged by law or authority decision to provide personal data
8. How is personal data protected?
We only process personal data that we regard as being necessary to run our operations and only for as long as required for the intended purpose. To the extent possible, we limit the number of employees who are given access to personal data.
9. Your rights as laid down in the General Data Protection Regulation (GDPR)
According to GDPR, as an individual you have certain rights in the processing of your personal data.
Correction and access to your personal data
When registered you may at any time request to have incorrect data corrected or to change the personal data you have provided.
You may also view your personal data we have registered. This you do by requesting a transcript.
Revoke consent with future effect
If we process your personal data on the legal basis of consent, you are entitled to revoke your continued consent for future processing at any time without prejudicing the legality of the prior processing.
Right to object
You have the right to object to any processing we carry out based on legitimate interest.
You may unsubscribe to communication dispatches at any time by clicking on a link in the latest dispatch.
Under certain circumstances you may request to have your personal data deleted. However, this does not apply if we are required by law to retain the data.
You also have the right to request limitations in the processing of your personal data, but this may lead to us not being able to fulfil our obligations towards you.
Should you wish to transfer your data from us, you have the right to request a copy of your personal data in a structured, machine-readable format. This right only concerns data that you have provided us with.
11. Complaints concerning our processing of personal data
If you have any complaints about our processing of your personal data, please get in touch firstname.lastname@example.org.
If you are not happy with our response, you may file your complaint with the applicable regulatory authority, in this case the Data Inspection Board.
12. Changes to the policy
Finally, thank you for placing your trust in us.