Dignisia AB, along with its subsidiaries, processes your data fairly and in accordance with applicable data protection legislation and regulations.
We are transparent in how and why we process personal data, and the objective of this policy is to provide you with details of our processing activities.
Who is responsible for personal data?
Dignisia AB, 559123-9727, in the majority of cases is the controller of all personal data processing within the company, even in instances where the data has been collected by another company. How can you contact the controller? Please email us at firstname.lastname@example.org and we will answer any questions you may have.
Whose personal data do we process?
The data Dignisia retains is primarily that of the following categories of people: our customers, those who have indicated an interest in our system, and for those who are legal personalities – we also process personal data of the natural persons who represent your company (e.g. contact person, orderer, purchaser, others). In the majority of cases, the data we retain is data you have provided to us, whilst in some cases the data has been collected from a third party.
What personal data is processed?
Name, personal identity number, IP address, and contact details of different kinds are processed. We only process information that is pertinent for fulfilling our purposes, as set out below.
Why do we process personal data?
In this section we set out why we process personal data and the bases on which we do so.
- To manage and carry out various business transactions with you.
Primarily in connection with you requesting a quote or choosing to purchase one of our products, services or subscriptions.
The basis for our processing is our performance of a contract with you as a customer, or in order to carry out measures prior to entering into any potential contract, which is considered a legitimate interest on Dignisia’s part.
- To process, follow up on and analyse warranty claims, complaints and demands.
The basis for our processing is our performance of a contract with you as a customer, we are also required to comply with legal obligations (e.g. product liability), and this is also considered a legitimate interest on Dignisia’s part.
- To fulfil other obligations set out in legislation, regulations or provisions.
Dignisia has a number of different commitments, amongst others, we must fulfil our obligation to maintain accounting records and present financial statements, consumer law, and regulations on money laundering, etc.
Our basis for processing in these respects is simply our need to comply with legal obligations.
- For marketing purposes.
We want to be able to keep you updated on our range and deals, and if you would prefer not to receive these deals, you must raise an objection with us. The basis for our processing is primarily that it is considered within the scope of Dignisia’s legitimate interest. In some instances your consent may also have been collected.
- To monitor and analyse our operations and safeguard our rights.
In order to develop our business operations, our range and what we offer customers, our IT systems and other equipment – with the objective of continually bettering ourselves and improving security, quality and efficiency – we analyse things such as processes, working methods, customer analyses, benchmarking, support and tests. The basis for our processing of all of the above is that the processing is considered within the scope of our legitimate interest.
How is personal data processed and stored?
We systematically store personal data in our different systems. The length of time for which the data is stored depends on the purpose for which it was collected and the type of data concerned. We do not store data for any longer than we are entitled to do so under data protection legislation, other applicable legislation, rules and guidelines issued by various authorities, or recommendations from professional bodies.
In order to provide us with a comprehensive perspective, when you have purchased our products or services, for example, we save the data for as long as the customer relationship continues, and sometimes beyond its end, in order to comply with legal or contractual obligations. If you have given us your express consent, data is stored for the period for which we are processing it for the purpose you consented to. In instances where personal data has been collected from third parties for use in direct marketing, the data is not stored for any longer than Dignisia is entitled to store it for, and in instances where there are no clear rules or guidelines, the data is deleted within one calendar quarter.
Who can access personal data?
Within Dignisia, in certain instances we may also share personal data with other recipients, primarily our collaboration partners or the authorities.
Dignisia also uses external suppliers for a range of purposes, including data storage or other data processing, information distribution, marketing or analyses. In such cases, the supplier is not entitled to use any personal data and Dignisia enters into agreements concerning personal data processing with the supplier.
How is personal data protected?
We, and where applicable our collaboration partners, have taken a number of security measures to protect the personal data processed. We use firewalls with smart intrusion protection to protect against external threats and to protect and prevent unauthorised access to our networks and systems. Physical access to data is protected with complex protective shells that only authorised personnel may access. Our employees are under strict instructions stating that processing of all data must be in accordance with applicable legislation, regulations and policies. Only those persons who require access to systems in which personal data is stored are provided with access, and all data is protected with access rules. Analyses are carried out on a regular basis to identify and rectify any vulnerabilities
In general, your personal data is only processed within the EEA. In instances where data is processed outside the EEA, applicable data protection legislation is adhered to.
What rights do you have as a data subject when Dignisia processes your data?
As a data subject, you always have the right to refuse access for processing to data about you as a person. You also have the right to demand that data be rectified, restricted or erased. You also have the right to object to processing, and if you have provided your consent to a particular instance of processing, you may withdraw this consent at any point.
You also have the right to lodge a complaint with a supervisory authority. In Sweden this authority is the Swedish Data Protection Authority.
Please note that you are never obliged to provide Dignisia with your personal data if it is not required for us to perform our contract.