Privacy Policy – GDPR

PRIVACY POLICY For customers and potential customers – Embreis AB (“Embreis”)

Embreis respects your wishes regarding our processing of the personal data you provide to us. This Privacy Policy describes how we collect and use your personal data. We therefore encourage you to read this Privacy Policy carefully.

Privacy legislation

Personal data is any information that can be used to identify you or can be related to you as an individual. Examples of personal data include your name, email address, phone number, physical address and any images of you. We will not process your personal data without lawful grounds. All personal data managed by Embreis is processed in accordance with the Swedish Act with Supplementary Provisions to the EU General Data Protection Regulation (2018:218), which protects your personal privacy. The Swedish Act follows Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

Personal data in Embreis’ CRM

Establishing and maintaining business relationships with customers so that we can offer them our products is an important part of Embreis’ business. We collect your personal data for the purpose of being able to contact you as a potential customer regarding our products and marketing activities. This personal data is collected in connection with customer visits, exhibitions, internal networks or from third parties, for example via public registers or social media, and is stored in our systems to enable Embreis to establish and maintain a business relationship with you and provide you with the best possible support concerning our product range.

The processing of this personal data is based on Embreis’ legitimate interest in being able to establish and maintain business relationships and develop its services.

As part of the procedures at Embreis, all employees have a link to our Privacy Policy in their email signature. In this way, when you are contacted by an Embreis employee via email, you are informed about how we process your personal data, the purpose of the processing, our data culling procedures and your right of erasure.

Your personal data is saved on Embreis’ platforms for marketing mailings and for information purposes. Embreis will only perform mailings that are deemed to be relevant to your professional role. Every mailing contains a link that can be used to unsubscribe from the service.

Security

Embreis has implemented appropriate technical and organisational measures to protect personal data against loss, misuse, unauthorised access, disclosure, modification and destruction. To ensure that personal data is processed in a secure and confidential manner, we use computer networks that are protected against intrusion via measures such as firewalls and password protection in accordance with industry standards.

All of Embreis’ system providers are located within the EEA, which means that the personal data is stored on secure GDPR-compliant servers.

Your rights

As a data subject you have certain rights regarding how your personal data may be processed. Your rights include:

  • Right of access to personal data
  • Right to rectification of personal data
  • Right to erasure of personal data
  • Right to restriction of processing
  • Right to object to the processing
  • Right to data portability
  • Right to withdraw your consent, if such has been provided
  • Right to lodge a complaint with a supervisory authority (see below)

Culling of data

Embreis will process your personal data until such time that it is no longer needed to fulfil the abovenamed purposes, or until you notify us that you no longer wish to have your personal data registered with us, in which case the personal data will be erased without undue delay. If a business relationship has not been developed within 36 months of the date of our first contact, your personal data will be erased. Furthermore, Embreis has implemented culling procedures to ensure regular erasure of contact details that no longer fulfil their purpose.

Lodging a complaint with a supervisory authority

Every country in the EU must have a supervisory authority with responsibility for overseeing the processing of personal data to ensure that organisations and individuals comply with applicable rules and regulations. In Sweden, the supervisory authority is the Swedish Authority for Privacy Protection (IMY). More information about personal data processing and IMY is available on IMY’s website: www.imy.se.

Controller

The natural or legal person that determines why and how your personal data is to be processed is the controller in relation to the personal data. Embreis is the sole controller when it comes to storage of your personal data in our systems.

Contact information

Embreis AB
Tumstocksvägen 11A
187 66 Täby, Sweden

Corp. ID no. 556753-2857

Telephone: +46 8 410 621 02
Email: gdpr@embreis.com

Contact person: Thomas Hammarlund

Please note that the above contact information relates to issues concerning our management and processing of personal data.