Svensk Digital Handel

Privacy policy

We value your personal integrity. Regardless of whether we process your personal data as a corporate customer, a supplier or a private person, we want to protect your personal integrity. You can read about how we process your personal data in this privacy policy.

Privacy policy

 

1. INTRODUCTION

We value your personal integrity. Regardless of whether we process your personal data as a corporate customer, a supplier or a private person, we want to protect your personal integrity. You can read about how we process your personal data in this privacy policy.

We may make changes to this privacy policy. The latest version of the privacy policy is always available on our website, www.dhandel.se.

We always want to be transparent about how we process your personal data. You are always welcome to contact us regarding any questions you may have about how we process your personal data at info@dhandel.se

2. WHO IS RESPONSIBLE FOR YOUR PERSONAL DATA?

Svensk Digital Handel, org. no. 556227-8365, is the data controller for the processing of your personal data.

3. HOW DO WE PROCESS YOUR PERSONAL DATA?

Our processing of your personal data may vary depending on the contact we have had with you. We have summarized our personal data processing below.

3.1 YOUR MEMBERSHIP IN SVENSK DIGITAL HANDEL

Svensk Digital Handel is an interest group that aids companies to become safer, smarter and more profitable online. Companies are, through their membership in Svensk Digital Handel, offered a stable base and great opportunities for development. In connection with the membership, we may process personal data of our members’ employees.

Processing activities performed for the purpose:

  • Administration of application and registration of membership.
  • Administration regarding invoicing and payment related to our services.
  • Communication with members regarding questions related to the membership in Svensk Digital Handel.

Legal basis:

Our and your business’ legitimate interest In being able to document and administer information that is necessary to fulfil our obligations under the membership terms in an efficient and accurate manner.

Retention period:

We save the personal data as long as your company is a member of Svensk Digital Handel.

3.2 MARKETING COMMUNICATIONS

You can sign up for our newsletter if you want information about our services and other interesting news. We can also register you for our e-mails and text messages if you have expressed interest in our business, e.g., used our services, participated in any of our seminars, been in contact with us or if we believe our services are of interest to you. We need to process your personal data in order to send marketing communications to you.

Please note that you always have the right to object to our marketing communications. You can do this directly in the communication we send to you through the provided unsubscribe link or by contacting us (you find our contact details at the top of this privacy policy).

Processing activities performed for the purpose:

  • Direct marketing via e-mail, text message or in other digital channels (such as social media).
  • Direct marketing from our partners.
  • Production of material for marketing from our seminars/events, e.g., processing of photographs, film recordings or sound recordings.
  • Creation of analyses and statistics on our visitors use and interaction with us, e.g., statistics on visitor flows on our website or response to our marketing communication. For this processing activity and this purpose, we use cookies. You can read more about how we use cookies in our cookie policy.

Legal basis:

Our legitimate interest in being able to market our company and our products and services.

Retention period:

Whichever comes first of (1) you object to our marketing or alternatively (2) 2 years from your latest activity. By activity means that your company has used our services, that you have participated in one of our seminars or events, contacted us or otherwise expressed interest in our services.

3.3 SEMINARS AND EVENTS

Svensk Digital Handel works actively to bring together e-commerce businesses, Business Partners, buyers, decisionmakers and others at both large companies and entrepreneurs from various parts of the digital commerce sector. We do this through different events, workshops and relevant meetings. For example, by organizing D-Congress, which is the Nordic region’s largest meeting place for e-commerce businesses. We believe knowledge exchanges and collaboration are important prerequisites for growth and we offer meetings for members, members of Trygg-e handel and Business Partners. When we arrange a seminar or event, we need to process personal information about participants.

Processing activities performed for the purpose:

  • Registration and administration of participation in the event or seminar.
  • Communication with participants before and during the event/seminar regarding matters related to the aforementioned.
  • Communication via e-mail or text message from selected exhibitors with messages regarding place for stands, time of speech or similar in connection with an event.
  • Photography, filming and sound recordings during a seminar or an event.
  • Follow-up on completed seminars or events to evaluate for development purposes for upcoming seminars or events.

Recipients of personal data

We may give lists of participants to external lectures or other companies, e.g., exhibitors, with whom we organize the seminar or event.

Legal basis:  

Ours and your legitimate interest in being able to administer and carry out, document and follow-up on a seminar or an event. If you attend a seminar or an event as a private individual, we process your personal data based on the agreement we have entered into with you.

Legal basis for special categories of personal data:

During a seminar or an event, we may offer food or other snacks. To ensure that we can meet the needs of our participants we need information about any special diets. This processing is based on your prior consent.

Retention period:

No later than 60 days after the completion of a seminar or event. We may, however, save any evaluation you have provided related to a seminar or event for a period of three (3) years.

3.4 SUPPLIERS, LECTURES ETC

When we buy products or services from our suppliers, we will process personal data about the contact persons of our suppliers. We do this to be able to maintain good business relationships and to fulfil obligations in relevant supplier agreements. In connection with a seminar or an event we may also hire external lecturers. We then need to process their personal data.

Processing activities performed for the purpose:  

  • Communication with company contacts regarding orders and commitments in accordance with agreements we have entered into with the company.
  • Other communication regarding our business relationship.
  • Communication with external lecturers prior to a seminar or an event, including follow-up and evaluation after the event or seminar has been carried through.

Legal basis:

Our legitimate interest in being able to maintain good business relationships and fulfil our obligations in relevant supplier agreements or sourcing agreements, for example, in relation to external lecturers.

Retention period:    

Whichever comes last of (1) the expiration of our agreement or the completion of the seminar/event or (2) the expiration of our right to make a complaint in accordance with the agreement (or law, if applicable).

3.5 DEVELOPMENT AND IMPROVEMENT OF OUR BUSINESS

Our offers to our members are the most important part of our business. In order to ensure that we are at the forefront when it comes to offers for our members, we may use personal data to produce statistics and similar data with the purpose to develop and improve our business and our offers to you as members.

Processing activities performed for the purpose:

  • Produce reports and statistics for follow-up, administration, planning and evaluation of our business.
  • To be able to do member surveys.

Legal basis:                

Our legitimate interest in being able to use personal data to develop and improve our business and to make our business more efficient.

Retention period:  

It is difficult for us to, in advance, determine how long your personal data will be stored for this purpose. We have instead implemented routines to continuously examine whether your personal data still is necessary for this purpose. We will remove personal data which we have not used for a period of 3 years as we in such cases no longer consider your personal data to be necessary.

3.6 LEGAL OBLIGATIONS AND SUPERVISORY MATTERS

We will need to process certain personal data in order to fulfil our legal obligations. This may, for example, be in regard to requirements of the Bookkeeping Act (1999:1078) (Sw: Bokföringslag), tax law regulation or the Act on Measures against Money Laundering (2017:639) (Sw: lag om åtgärder mot penningtvätt och finansiering av terrorism) or requirements to disclose information in the event of a supervisory matter.

Processing activities performed for the purpose:

Necessary handling for the fulfilment of our legal obligations in accordance with legal requirements, judgments or government decisions (e.g., the Bookkeeping Act, tax law regulation or processing that is necessary in connection with a supervisory matter).

Recipients of personal data:  

We may disclose your personal data to relevant counterparties, representatives, authorities or courts.

Legal basis:    

Legal obligation.

Retention period:

During the time that is necessary to fulfil the relevant legal obligation or in accordance with applicable law. For example, there is a legal obligation in the Bookkeeping Act that we need to store certain information regarding the relevant transaction for 7 years.

3.7 SECURITY WORK AND TO PREVENT ABUSE OR TO PREVENT AND INVESTIGATE CRIME

We work actively with security at our company – both to ensure that we can protect your personal data and to be able to ensure that we have the necessary information to be able to prevent abuse or prevent and investigate crime, such as fraud or unauthorized access to our services.

Processing activities performed for the purpose:  

  • To be able to prevent or investigate any fraud or other violations of the law.
  • To prevent spam, phishing, harassment or other actions which are prohibited by law, or the agreements entered into with our corporate customers.
  • To be able to protect and improve our IT environment against attacks and intrusions.

Legal basis:

Our legitimate interest in being able to work systematically with security and to prevent abuse or to prevent and investigate crime.

Retention period:

From the point of collection and for a period of 36 months thereafter. If we suspect abuse of a service or if we discover that a crime has been committed, we will retain the information during the time necessary to establish, assert and defend our (or a third party’s) legal claim. Read more under section 3.8 (Disputes).

3.8 DISPUTES

In the unlikely event that a dispute arises in connection with our offer, we may need to process the personal data required to handle the relevant dispute.

Processing activities performed for the purpose:

We process the personal data required to be able to handle a dispute, e.g., a legal claim related to our outsourcing agreement.

Recipients of personal data

We may disclose your personal data to relevant counterparties, representatives, authorities or courts.

Legal basis:

Our legitimate interest in being able to establish, assert or defend legal claims or alternatively legal obligation if we are required under applicable law to disclose your personal data, e.g., in the case of requests or injunctions from courts.

Retention period:

From the point of collection and for a period of 36 months thereafter. If we suspect abuse of a service or if we discover that a crime has been committed, we will retain the information during the time necessary to establish, assert and defend our (or a third party’s) legal claim.

4. HOW LONG DO WE STORE YOUR PERSONAL DATA?

We store your personal data for the time necessary to fulfil the purposes of our processing. When your data no longer is necessary to fulfil the purposes of our processing, we will in a secure manner delete or de-identify your information so it no longer can be linked to you.

Please see specific storage times above in relation to the respective purpose.

5. HOW WE SHARE YOUR PERSONAL DATA

To fulfil our purposes for processing, we may use other companies that help us with the processing. These may be data processors or companies that are independent data controllers. Please also see specific recipients of personal data specified under point 3 above.

Data processors – Service providers

We may disclose your personal data to various service providers who provide different services, such as analysis tools for our marketing, tools for evaluating seminars or events or IT-consultants for service and evaluation of our systems. These companies are only allowed to process your personal data in accordance with our instructions and may not use your data for their own purposes. In these cases, we enter into a personal data processing agreement that ensures the aforementioned. The agreement also regulates confidentiality and security for your personal data.

Independent data controllers – Potential buyers and sellers

If we were to sell all or parts of our business or in the event of a merger, we may share information with potential buyers or sellers. Our legal basis for the processing is our legitimate interest in being able to carry out the sale or the merger. We save the personal data for the time it is needed to be able to carry out the sale or the merger.

6. YOUR RIGHTS

When we process your personal data, you have certain rights. Below follows a review of your rights, what they entail and how you exercise your rights. Please note that all rights apply to personal data connected to you as an individual and not the company you represent. For example, information about a company is not personal data and is therefore not covered by your rights.

Your right of access:         

We strive to be transparent with how we process your personal data. If you want to know more about the personal data that we process about you, you have the right to request access to your personal data. If we receive a request for access, we may ask for additional information to ensure that we disclose the personal data to the right person.

Your right to rectification:                 

You can request that we correct your personal data if we do not have your current information of or if the information we process is incorrect.

Right to erasure or restriction of processing:           

You have the right to request that we delete your personal data or that we restrict our processing of your personal data if, for example, you believe that your personal data is being processed in violation with applicable law.

Your right to object to our processing (including the right to object to direct marketing):

You have the right to object to our processing (e.g., the processing based on our legitimate interests). If you object to processing of your personal data for direct marketing, your personal data may not be processed for such. If you object to our direct marketing, we will stop sending all forms of direct marketing communications to you.

Your right to lodge a complaint with a supervisory authority:

You have a right to submit a complaint to the Swedish supervisory authority, Swedish Authority for Privacy Protection (Sw: Integritetsskyddsmyndigheten, previously Datainspektionen) if you are dissatisfied with an answer you received when you contacted us or believe that we handle your personal data in an incorrect manner.

How do I exercise my rights?

If you want to exercise any of your rights, you are welcome to contact us at info@dhandel.se.