PERSONAL DATA POLICY
Synbiotics AB (”The Company”, ”We” or ”us”) is responsible for ensuring that all processing of your personal data is in conformity with the General Data Protection Regulation (GDPR) and other privacy legislation. This personal data policy explains in more detail which personal data we process and the purpose of personal data processing. The policy also describes your rights and how to exercise them as well as what we do in order to process your personal data in a secure way.
1. What is personal data and what does processing of personal data entail?
All types of information that refer directly or indirectly to a natural person who is alive constitutes personal data. Names, addresses, photos as well as encrypted data or different types of electronic identities such as an IP number are examples of information that can constitute personal data. We only process your personal data. Processing can entail, for example collection, storage, registration, sorting, compilation, transfer or erasure of such data.
2. Who is the data controller and what does this entail?
Synbiotics AB (with Swedish organisation no. 556569-8965) is the data controller for the company’s personal data processing. This means that we have a responsibility to process your personal data in conformity with applicable privacy legislation, including the General Data Protection Regulation (GDPR). If we call upon a service provider to process your personal data, the service provider is recognised as a data protection officer. In the event of the above, we ensure that a personal data assistant agreement is established with the supplier.
3. Personal data that is processed, purpose of and legal basis for such processing
The purpose of Synbiotics AB is to use the StigBengmark.com website to share editorial information in the fields of research and health through posts on the website, newsletters that you may subscribe to and questions you have asked us via email and the chat service on the website. In addition to the information that you actively disclose to us, the company collects cookies when you visit our website in order to provide you with customised service and marketing material that we believe may be of interest to you (See below regarding cookies). Our data processing falls under the categories below.
Registration to receive newsletters
When you register to receive our newsletter, we request that you disclose information such as your name and e-mail address. We do this so that we are able to administer the newsletter and send new information to you. We justify processing for the administration of the newsletter on the legal basis of our legitimate interest to do so where our interest in sending you the information you requested by signing up for the newsletter has been weighed against your interest in protecting your personal data.
You are entitled to stop receiving the newsletter at any time and the easiest way to do this is by clicking “Unsubscribe” in the newsletter or contacting us at firstname.lastname@example.org After you unsubscribe, we will delete your personal data.
Statistics and analytics
Your personal data can also be used for statistical and marketing analyses for the purpose of improving our services, our website and its accessibility, our systems and their development and maintenance, and customer surveys. The personal data is stored for this purpose for 36 months.
It is stipulated in our policy that we do not request or process sensitive information from our website visitors. Therefore, please do not disclose such information (information on, e.g. ethnic background, political points of view, religious convictions or philosophical beliefs, membership in trade unions, health or sexual activity) to us.
Contact via chat or email
If you contact us via chat or email and, for example, with regard to a question about our posts and news, we handle the information that you have chosen to submit to us. Depending on what your particular case concerns, we may store your personal data for up to 12 months to ensure traceability in your communications with us. This processing is done based on a weighing of interests where we have a legitimate interest in processing your personal data. After careful consideration, we have found that your interests or fundamental rights and freedoms in this context do not outweigh our legitimate interests and do not require the protection of your personal data.
4. How have we obtained your data?
The personal data we process has been obtained from you when you registered for our newsletter, contacted us via email or chat or when you visited our website (cookies).
5. Transfer of personal data to third parties
We always strive for your personal data to be processed within the EU/EEA, and all of our own IT systems are located within the EU/EEA. However, during system support and maintenance, we may need to transfer the data to a country outside the EU/EEA, e.g. if we share your personal data with a personal data processor who, either on its own or through a service provider, is established or stores information in a country outside the EU/EEA. In such cases, the processor may only access the data that are relevant for the purpose (e.g. log files). Regardless of which country your personal data is processed, we take all reasonable legal, technical and organisational measures to ensure that the level of protection is equivalent to that in the EU/EEA. In the event that personal data is processed outside the EU/EEA, the level of protection is guaranteed either by a decision of the European Commission that the country in question ensures an adequate level of protection or through the use of appropriate safeguards. Examples of appropriate safeguards are an approved code of conduct in the recipient country, standard contract clauses, binding corporate rules or Privacy Shield.
6. Security and how we protect your personal data
We use IT systems to protect your confidentiality, privacy and access to your personal data. We have taken special security measures to protect your personal data from illegal or unauthorised processing (such as illegal access, loss, destruction or damage). Only those persons who need to process your personal data for us to fulfil our stated purposes will be granted access to that data.
7. What are cookies and how do we use them?
By configuring your web browser, you may limit the scope of cookies yourself. You can, for example, block or erase cookies. You can also choose to browse in an anonymous mode. Please note that certain services may not work if you erase cookies.
Information stored in cookies can also be used to allow our partners to send you digital direct marketing in areas we believe may be of interest to you. We justify processing for direct marketing purposes on the legal basis of our legitimate interest to do so.
We have assessed that there is a legitimate interest in allowing our partners to communicate with you about products and offers that relate to the information you have chosen to disclose on StigBengmark.com. We have assessed that, in this case, this interest outweighs the need for the protection of your personal data. If you do not wish to receive marketing communications, you can of course send us a message to inform us at email@example.com.
8. Your rights and information on the regulatory authority
You are entitled to receive information on what personal data concerning you we process, to request rectification, erasure or transfer of personal data, as well as to request that we restrict the processing of your personal data. You are also entitled to request an extract from the data register containing information about you that is stored.
If you have any questions about information concerning you that we process or you want to exercise any of your rights, please contact us; see our contact details below.
If you have a complaint concerning our processing of your personal data, you are always entitled to contact the regulatory authority: The Swedish Data Protection Authority (Datainspektionen), Box 8114, 104 20 Stockholm
9. Contact information
If you would like to update or amend the information you have provided or have any questions or points of view concerning our business, the information we process or your rights, you are welcome to contact our customer service by e-mail: [firstname.lastname@example.org]
10. Updates to the personal data policy
We are entitled to amend this personal data policy. We do this in order to be able to adapt the policy to changes in applicable legislation, for commercial purposes or to respond to the needs of our stakeholders, marketing partners and service providers. Updated versions are published on our website at [https://stigbengmark.com] with the amendment date such that it is clear when the last update occurred.
The personal data policy was last updated on 10/07/2019.