Your integrity is important to us and we are responsible for all personal information you provide to us. This policy describes how we treat, store and handle your personally identifiable data when you are our customer. It also describes your rights and how to invoke them. It is important that you understand and take part in the personal data policy and feel safe in our treatment of your personally identifiable data.
Responsibility for handling personal data
Zand Group AB is solely responsible for the treatment of personal data described in this policy.
If you have any questions regarding or want to exercise your rights you can reach us at:
Address: Stationsgatan 16
Postal code: 582 42
Phone number: +46 (0) 13 31 60 34
How do we access the personal data?
In addition to the data you share or that we collect in connection with becoming a customer or contacting us, we may also collect data from someone else, a third party. The information collected by us from a third party is the following:
• Address information from public records to ensure correct address information.
What personal data do we handle?
The following categories of personal data may be handled:
• Contact information such as name, address, email and phone number.
• Identity information such as personal identification number or company registration number.
• Order related information such as customer number and order number.
• IP address as well as data regarding visitor navigation habit and user account information on the website.
How do we treat your personal data?
We mainly handle your personal data in order to complete our obligations to you. Personal identification number is also used in order for credit rating agencies, credit information agencies or banks to provide us with material to ascertain your payment capability, e.g. your credit, when you apply for credit within the framework of managing your orders and purchases. Our standpoint is to not treat more personal data than necessary for our goals. We also always strive to use the least integrity sensitive data possible. Below is information regarding which personal data treatments exist.
Providing and completing agreements regarding services/goods
We treat personal data in order to fulfil our agreement and provide services/goods to you. We treat personal data in our administration and in order to invoice goods/services. We also treat it in order to handle complaints or returns, to help you with questions regarding your goods/services when you contact our customer service and in general to uphold our rights and fulfil our obligations to you in accordance with our agreement. The personal data we treat in these respects are contact information and identity related data.
We treat your personal data in the purpose of complying with the statutory obligations that we are incumbent to, such as the accounting Acts demands for archiving of accounting records. The data we handle in order to fulfil these obligations are contact data.
We handle personal data in order to make possible the marketing of goods/services to you and to maintain the possibility of sending newsletters for the goods/services you are interested in as well as general information regarding the company. Furthermore, in order to make possible invitations for event in the areas of your interest. The data we handle for this purpose is contact data.
What legal basis do we have for our personal data processing?
We process your personal data in order to administer and provide agreed services/goods. When concerning personal data processing in order to uphold demands such as the accounting Act or tax laws the legal basis for processing is legal obligation.
For treatment in advertising and marketing purposes the legal grounds are our legitimate interest. This means that our interest to treat personal data for these purposes outweighs the privacy violations inflicted upon you in regard to the processing. This judgement has been made with particular consideration that the treatment is beneficial for you.
How long do we store your personal data?
We save your personal data as long as you remain a customer of us and up to 24 months thereafter. Some personal data is saved for a longer period, for example in order to fulfil legal demands from the accounting Act or tax laws. When the purposes of the treatment are fulfilled and the storage time has ended, your personal data is deleted in a safe way or anonymized so it can no longer be linked to you.
A cookie is a small text-based data file that a web server asks to store in your browser. Through that the content of the cookie in general being sent back with every request to the website in question it is possible for the server to keep track of the visitors preferences, behaviors or identity (as far as it is known).
We use the following cookies on our website:
• Session cookies (a temporary cookie that expires as soon as the web browser or unit is shut down).
• Persisting cookies (cookies that stay on your computer until they are removed or expire).
• Third party cookies (cookies that have been placed by a third party website). At our website these are primarily used for analysis, for example by Google Analytics.
How can I manage cookies?
With whom do we share personal data?
Our intention is to not share the personal data of registered user with third parties unless the registered user has consented or if it is not necessary in order to fulfil our commitment in accordance with contracts or laws.
In order to fulfil the purposes with our treatment of personal data and in order to meet the demands we have as a company we share the personal data with companies providing us with services. These companies can only treat personal data in accordance with the personal data assistant agreements established with the company and in accordance with the instructions provided with it. They are not allowed to use the data for their own purposes, and they are obligated by law and agreements to protect your personal data. A service supplier cannot share the data with a third party or sub-contractor without our approval.
We may share necessary data with authorities if we are compelled by law to do so. This data may include your personal data. In connection with a litigation it may be appropriate to transfer information which can contain personal data to other parties in the dispute.
Zand Group AB will primarily handle your personal data within EU/EES. We may however need to transfer your personal data to a country outside of EU/EES if we need to share it with suppliers or partners that are located or store data outside of the EU/EES. If your personal data is transferred to a country outside the EU/EES Zand Group AB will take necessary measures to ensure that the transfer is handled in a legal way by ensuring that the personal data is protected adequately compared to the protection offered within the EU/EES, for example by entering agreements with the receiver that encompass the EU commissions standard contract or, if the transfer is made to the US, by ensuring the receiver is certified in accordance with the principles in Privacy Shield.
How is my personal data protected?
We protect your personal data through a combination of technical and organizational solutions. Special security precautions have been made in order to protect your personal data from unlawful or unauthorized access. We constantly work upon and improve the routines and process in order for your personal data to be handled safely. Only the individuals that require access to your data for company processes have access to them.
As a registered user with us you have the following rights:
• You have the right to request a transcript which details what personal data is stored regarding you.
• You have the right to request correction in cases where incorrect or incomplete data is stored regarding you.
• You have the right to have your personal data deleted under these circumstances:
- The data is no longer needed for the purposes they were stored.
- If the data has been stored with your consent and you withdraw the consent.
- If the data is stored based on a judgement of interest and there is no reasonable reason for storage that outweighs your interest.
- If the personal data has been stored unlawfully.
- If deletion is required to fulfil a legal obligation.
- If you object to the data being used for direct marketing purposes.
The right to have personal data deleted does not apply if we’re bound to store it due to legal obligations (i.e. the accounting Act).
• You have the right to data portability (the right to have your personal data moved) under the condition that the legal basis is consent or contract and that what you can retrieve is personal data regarding you, which you provided or that was generated via your actions/activities.
• You have the right to request that the treatment of your personal data is limited. If you request a limitation of treatment of your personal data it can however result in our inability to complete any eventual obligations to you for the duration of the limitation period.
• You have the right to object to treatment of personal data due to a judgment of interests. In order to continue the current treatment we would need to provide compelling justified reason for the treatment that outweighs your interests, rights or liberties. In other case we can only treat your personal data in order to determine, exercise or defend legal claims.
• You always have the right to object to your personal data being used for direct marketing. If an objection is made to direct marketing the personal data must cease being treated for such purposes.
If you are unsatisfied with the answers provided from us, you have the right to file complaints with appropriate supervisory authorities.