POLICY REGARDING PROCESSING OF PERSONAL DATA

Version: 2018-11-09

1. Personal data controller

Svensk Brand- och Säkerhetscertifiering AB (hereinafter “SBSC”) is the personal data controller for personal data processed by the company.

Our goal is that you feel secure when you provide us with your personal data. We continuously take the steps we consider necessary to protect your personal data. All processing of personal data takes place pursuant to applicable law.

2. Approval of processing of personal data

According to the General Data Protection Regulationto the General Data Protection Regulation, we cannot register your data without your approval.

By registering as a customer with SBSC, applying for certification, signing up for our newsletter or sending e-mail or post to us, you grant approval to us to store and process your data. You are entitled to revoke your approval of processing your data.

A revocation entails a simultaneous termination of pending applications for certification or applicable certificates due to the fact that we cannot process them without simultaneously processing your personal data.

3. Processing personal data

SBSC processes your personal data when you:

  • register as a customer of SBSC and apply for certification;
  • send e-mail or post to us;
  • communicates to us personal data in connection with the audit;
  • sign up for our seminars, newsletters, etc.;
  • participate in customer and market surveys; or
  • seek to contact us with respect to other issues

4. Purpose of registration and processing of personal data

The customer data you provide to us as a customer in conjunction with registration and application for certification is registered in our customer database. The data is necessary in order for SBSC to be able to fulfil its undertakings as a certification body. Contact information will be published on our website.

The personal data we process:

  • Name
  • Address information
  • Telephone number
  • E-mail address
  • Photographs or the like in conjunction with an application for certification

Otherwise, SBSC only uses personal data for the purposes for which you have provided the data.

5. Sensitive personal data

SBSC makes an effort to not register sensitive personal data. If you have provided the data yourself (e.g. that you are allergic and request certain food at a seminar), we presume that you want the data registered with us.

6. Disclosure of personal data

Registered personal data may be disclosed to third parties, i.e. persons or companies outside SBSC, to the extent necessary in order to administer certification, participation in an audit, examination, seminar or the like and for the distribution of information concerning certification.

In addition, personal data will also be used by SBSC’s providers of various financial and IT services. We will also publish the certificate information in Stöldskyddsföreningens and Brandskyddsföreningens publications.

In all of the aforementioned situations, SBSC is the personal data controller, and the providers used by SBSC are the personal data assistants.

The personal data assistants are under an obligation to comply with SBSC’s instructions and are not entitled to disclose your personal data to any third party or to use such data for purposes other than as set forth in SBSC’s instructions.

The personal data assistants are also under an obligation to implement certain technical and organisational measures in order to protect your personal data.

Finally, personal data may also be disclosed in order to comply with law, ordinances or decisions by government bodies.

7. Database extracts and corrections

You are entitled, free-of-charge, to obtain information regarding the personal data SBSC processes about you. In such cases, you are to submit a request to the data protection representative at SBSC.

If you are of the opinion that information regarding you is incorrect or misleading, SBSC is eager to see to it that the information be corrected as soon as possible. Accordingly, it is important that you notify SBSC of all changes pertaining to the information you have provided us.

Note that it is SBSC’s obligation, at your request, to correct, block or delete your personal data.

8. Saving personal data

We keep your personal data as long as necessary in order to be able to carry out our undertaking, but not more than 5 years following conclusion of processing.

If you have signed up for newsletter, the data is preserved until you unsubscribe.

9. Information regarding cookies

Our website uses so-called “cookies”. Cookies are small text files which are stored on a visitor’s computer and which, among other things, save personal settings and make it possible to follow what the visitor is doing on the website.

Most web browsers are set to accept cookies. However, if you do not want cookies stored in your computer, you can set your web browser so that it notifies you when it receives a cookie. You can then determine whether or not you wish to accept it.

SBSC prepares statistics regarding the number of visitors, the number of times individual pages are read, from which web addresses the visitors come, and which search engines and search words are used in order to reach our website. The purpose is to provide us with an understanding of how we can improve our website. Thus, we collect information regarding domain name, web browser and operating system, the time at which you entered our website and from where you ultimately linked in. This information is not disclosed to outside parties.

10. Links

Links to other websites appear on SBSC’s website. Our guidelines for processing personal data do not apply to these websites. You should read the guidelines of those websites before you provide personal data.

11. Security

There is always a risk that you release personal data via the Internet. No IT system is entirely safe from intrusion. SBSC regularly takes the security measures which we consider necessary in order to protect the confidentiality, accessibility and accuracy of personal data.

12. The Swedish Data Protection Authority

If you believe that we are processing your data in violation of applicable law, you have the possibility to file a complaint with the Swedish Data Protection Authority (Swedish: Datainspektionen).

13. Contact

If you have any questions regarding the processing of personal data at SBSC, you may contact our data protection representative by email at:

dataskyddsombud@sbsc.se

or by post at:

Dataskyddsombud
Svensk Brand- och Säkerhetscertifiering AB
Tegeluddsvägen 100
115 28 Stockholm

14. Amendments

SBSC shall be entitled to amend or supplement this document. Any such amendments or supplements shall enter into force when SBSC has notified you thereof or otherwise made the updated document available, e.g. by publication on our website. Nothing in this document is intended to create a contractual relationship between SBSC and any user who visits our websites or provides identifiable information of any type.