Privacy Policy
1. Introduction
This Privacy Policy (the “Policy”) describes how Wibe Group, reg. no 556034-6495, at the address Wibevägen 1, 792 36 Mora, Sweden, (“we”, “us” or “our”), process personal data of our business contacts.
We may sometimes need to make updates or changes to this Policy. If we do so, we will inform you in an appropriate manner. You can always find the latest version of this Policy on our websites.
We ask that you read this Policy carefully and familiarize yourself with its content. If you have any questions, please contact us at the addresses above or at gdpr@wibe-group.com.
We safeguard your personal integrity. It is therefore important for us to protect your personal data and ensure that our processing of your personal data is correct and lawful. This Policy will help you understand what kind of personal data we collect, retain, or otherwise handle and how it is used, as well as your rights as a data subject. Our websites contain links to other websites and social media/network features. When you access a third-party website through such links or features the privacy policy of that website is applicable instead of this Policy.
2. How we collect your personal data
We collect your personal data when you sign up for newsletters or in any other way provide us with your personal data, including if we come in contact with you personally, or if we receive your personal data from third parties such as the company you represent or our partners.
3. How we process your personal data
In this section, we describe how we process your personal data, our lawful basis for the processing and for how long we store the data.
3.1 To create, maintain, and develop potential business relationships
We process personal data to create and thereafter maintain and develop business relationships with potential customers, partners, and other business contacts (including for example consultants, potential investors, research and development contacts, and suppliers).
If you are or represent a potential customer, partner or other business contact and we come into contact with you personally (e.g. at conferences, fairs, other personal meetings or otherwise), by e-mail or other means of communication or through third parties, we may process your personal data as follows.
Purpose | Processing | Categories of personal data |
To be able to contact you for the purpose of creating, maintaining, and developing our business relationship with you or the company you represent. | Storage of personal data in our business systems and backup systems. Communication with you. |
Name Contact details (such as e-mail address, telephone number, location, and business address). Professional role/title. If required by applicable law, a copy of the identification document. Information regarding the company you represent. |
Lawful basis: Legitimate interest: the processing is necessary to fulfil our legitimate interest in creating and thereafter maintaining and developing a business relationship with you or the company you represent. | ||
Storage period: We store your personal data for a period of six (6) months after collecting it unless a business relationship is established between us and you or the company you represent during this time, meaning that we will continue our processing of your personal data in accordance with section 3.2 below. |
3.2 To create, maintain, and develop potential business relationships
We process personal data to maintain and develop business relationships with existing customers, partners, and other business contacts (including for example consultants, potential investors, research and development contacts, and suppliers).
If you are or represent a customer, partner, or other business contact of ours we process your personal data as follows.
Purpose | Processing | Categories of personal data |
To be able to contact you in your capacity as a representative of our customer, partner, or other business contact. To provide our services, and administrate orders, deliveries, and billing. | Storage of personal data, including communication and documentation, in our business and backup systems. Communication with you. |
Name Contact details (such as e-mail address, telephone number, location, and business address). Professional role/title. If required by applicable law, a copy of the identification document. Information regarding the company you represent. |
Lawful basis: Legitimate interest: The processing is necessary to fulfil our legitimate interest in creating and thereafter maintaining and developing a business relationship with you or the company you represent. | ||
Storage period: As long as necessary for the purposes above during the time we have an ongoing business relationship with you or the company you represent. We erase or anonymize your data when it is no longer necessary or adequate, for example, if our business relationship with you or the company you represent ends. Your personal data may also be stored by us for other legitimate purposes, such as fulfilling our legal obligations or exercising legal claims, see section 3.4 below. |
3.3 To create, maintain, and develop potential business relationships
If you visit our global website or national websites we collect and process information generated by your visit to analyze and produce statistical information regarding our web traffic in order to evaluate, develop, and improve our websites and web-based communication.
Purpose | Processing | Categories of personal data |
To evaluate, develop, and improve our websites and web-based communication. | Analysis and production of statistics regarding our web traffic and the use of our websites. | Browser information. IP-address. The time zone from where you visited our website. Other website traffic data. |
Lawful basis: Legitimate interest. The processing is necessary to fulfil our legitimate interest in evaluating, developing, and improving our websites and web-based communication. | ||
Storage period: As long as necessary for the purposes above, however not longer than for a time period of three (3) months. In most cases, the collected personal data is converted into aggregate data (anonymized data) within a shorter period of time, in connection with our production of statistical information. |
3.4 To comply with legal obligations or to exercise legal claims
We may process your personal data to comply with legal obligations set out in law or other legal statutes, or as decided by a court or other authorities, in order to comply with legal obligations that we are subject to. These requirements may be related to matters such as bookkeeping, tax administration or money laundering legislation.
We may also process your personal data if the processing is necessary for the establishment, exercise or defense of our legal claims.
3.5 To send you newsletters and other marketing messages
We process your name and email address to send you newsletters if you have opted in (registered) for such letters. You may opt-out (unregister) from further messages at any time by using the unsubscribe link provided in every message.
We store your data for this purpose as long as you subscribe to our newsletters.
If you opt-out (unregister) from further messages from us, we will delete your personal data and erase it unless necessary for other purposes covered by this Policy (please note that we will continue to process your email address in order to mark it as blocked from further messages from us).
4. How we process your personal data
The personal data that we collect is shared among us with the following types of third parties:
1. Intra-group transfer: Any information we have about you may be transferred or disclosed within our group of companies. This is in order to fulfil our legitimate interest in effectively conducting and improving our business. If we share your personal data within the group, we will ensure that your data is still processed in accordance with corresponding conditions set out in this Policy.
2. Suppliers and other business partners: We may use third parties to manage some aspects of our business operations, including the processing or handling of personal data for purposes set forth in this Policy. We may share your personal data with such third parties with regard to sales, production, logistics, installation, maintenance, accounting, financial services, IT systems and other administrative functions, such as marketing and communication services. When we use such service providers or work together with other third parties, we typically enter into data processing agreements, or make other relevant arrangements, to ensure that your personal data is processed in accordance with this Policy.
3. Authorities: We may share your personal data with public authorities such as the police or tax authorities when it is required by applicable law or regulation or in order to exercise or defend legal claims during a legal process.
4. Sale or transfer of business or assets: Any information we have about you may be transferred or disclosed to a purchaser or prospective purchaser in the event of a sale, assignment, or other transfer of all or a portion of our business or assets. Should such a transfer occur, we will use reasonable efforts to ensure that the transferee uses your information in a manner that is consistent with this Policy.
5. Where we process your personal data
We may process your personal data in a country outside of the EU/EEA. Furthermore, we may transfer your personal data, such as name and contact details to suppliers and other business partners who, either themselves or by their subcontractors, are located in or have business activities in a country outside the EU or EEA. In the event of such processing and transfer, it will be made in accordance with applicable data protection legislation, for example by ensuring that the country in which the recipient is located ensures an adequate level of data protection according to the European Commission, or by use of standard contractual clauses that the European Commission has issued ensuring suitable measures to safeguard your rights and freedoms.
You may access a list of the countries that the European Commission has decided to provide an adequate level of data protection at http://ec.europa.eu/justice/data-protection/international-transfers/adequacy/index_en.htm.
You may access the European Commission’s standard contractual clauses at http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex%3A32010D0087.
6. Security measures
We have taken a number of security measures to ensure that the personal data we store is secure. For example, access to areas where personal data is stored is limited to our employees and service providers who require it in the course of their duties and who are informed of the importance of maintaining the security and confidentiality of the personal data we keep. We maintain appropriate safeguards and security standards to protect your personal data against unauthorized access, disclosure, or misuse. We also monitor our systems to discover vulnerabilities in order to protect your personal data.
7. Your rights
7.1 Introduction
In this section, we describe your rights as a data subject under applicable data protection legislation. You are welcome to email us at gdpr@wibe-group.com to exercise your rights or if you have any questions or comments regarding our processing of your personal data or this Policy. We will respond within a reasonable period of time upon verification of your identity.
7.2 Right of access and rectification
You have the right to information regarding which of your personal data we process and to access such personal data. You also have the right to rectify the personal data we process concerning you, should it be incorrect or incomplete considering the purpose for which your personal data is processed.
7.3 Right to erasure
You have the right to obtain that we erase your personal data without undue delay in the following circumstances:
1. the personal data is no longer necessary in relation to the purposes for which they were collected or otherwise processed;
2. you withdraw your consent on which the processing is based (if applicable) and there is no other legal ground for the processing;
3. you object to our processing of personal data, and we do not have any overriding legitimate grounds for the processing;
4. the processed personal data is unlawfully processed; or
5. the processed personal data has to be erased for our compliance with one or more legal obligations.
We may deny your request if we are prevented from erasing your personal data by requirements set out in applicable laws and regulations (e.g. in relation to accounting and tax legislation) or if it is needed for the establishment, exercise, or defense of legal claims. If we are prevented from meeting your request to erase your personal data, we will instead restrict our continued processing of your personal data to the extent possible for us to do so.
7.4 Right to restriction
You have the right to obtain that we restrict the processing of your personal data in the following circumstances:
1. you contest the accuracy of the personal data during a period enabling us to verify the accuracy of such data;
2. the processing is unlawful, and you oppose the erasure of the personal data and request restriction instead;
3. the personal data is no longer needed for the purposes of the processing, but is necessary for you for the establishment, exercise, or defense of legal claims;
4. you have objected to the processing of the personal data, pending the verification of whether our legitimate grounds for our processing override your interests, rights, and freedoms.
If your personal data has been restricted in accordance with this section they may, with the exception of storage, only be processed for the establishment, exercise, or defense of legal claims, or for the protection of the rights of a third party or for reasons of important public interest according to EU or EU member state legislation.
7.5 Right to object
You have the general right to object to our processing of your personal data when it is based on our legitimate interest. If you object and we believe that we may still process your personal data, we must demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or for the establishment, exercise, or defense of legal claims.
7.6 Right to data portability
If your personal data has been provided by you and our processing of your personal data is based on your consent or on the performance of a contract with you, you have the right to receive the personal data in a structured, commonly used, and machine-readable format, provided that the personal data requested concerns yourself and our processing of your personal data is carried out by automated means (personal data that we only process manually is thus not covered by this right). In such circumstances, you also have the right to transfer your personal data to another party without hindrance from our side. Where technically feasible, you also have the right to obtain that your personal data is transferred directly from us to another data controller.
7.7 Right to withdraw consent
Your personal data will not be processed for purposes related to direct marketing if you oppose such processing. Please note that the lawfulness of any processing based on your consent before its withdrawal is not affected by the withdrawal.
7.8 Right to file a complaint
You may at any time file a complaint with the supervisory authority if you believe that our processing is performed in breach of applicable data protection legislation. Please note that you are also always welcome to contact us in such an event.
8. The use of cookies
We use cookies on our websites to enhance your website experience and to improve our websites and services. You have the option to change the settings in your browser for the use of cookies. You have, for instance, the ability to adjust your settings to block all cookies or delete them when you close your web browser. For more information on how we use cookies, please see our Cookie Policy.