This policy applies to the processing (collection, storage, transfer, etc.) of personal data performed within Swedese Möbler AB, ("Swedese"). Swedese only processes personal data in accordance with the current personal data legislation to protect privacy.
Personal data refers to any information relating to an identified or identifiable natural person. An identifiable natural person is a person who can be identified directly or indirectly, for example, by a user name, an identification number, a localization task, online identifiers or one or more factors specific to the physical person's identity.
Processing of personal data
We are transparent about how and why personal data is collected and processed. Processing means all treatment of personal data such as collection, storage and use.
In the main, we mainly process the following personal data:
Name, personal identity number, contact details, credit information, payment information and history regarding private customers
Name and contact details of current business contacts
Name and contact details of previous business contacts
Name, personal identity number, image, application documents and contact details for jobseekers
Swedese does not handle sensitive personal data (special categories of personal data).
Collection of personal data
Preferably, we collect personal information directly from the data subject via personal meetings, e-mail and telephone contact, or via website and social media.
In some cases, we collect data from a party other than the data subject, for example from publicly available sources and from third parties in the form of contact lists or data from credit information agencies. When we collect data from a party other than the data subject, the data subject is informed of the processing as soon as possible and at the latest within one month from the time the data was collected.
The purposes of the processing
Swedese only processes data for the purpose for which the information was collected according to the following:
Entering into and maintaining contractual relations
We process personal data in connection with the preparation of contracts (potential customers, suppliers or partners) as well as for the administration and performance of contractual agreements (current and former customers, suppliers or partners).
Personal data about customers who are private individuals is processed to comply with our obligations under the agreement with the data subject, such as the processing of payments, delivery and the handling of complaints and warranty matters.
Personal data about business contacts is registered in order to maintain a contact list. The processing takes place on the grounds of our legitimate interest in maintaining business relationships and communicating with the data subjects. This is based on our judgement that this interest outweighs the data subjects’ interests in protecting their privacy. The personal data will be processed solely for the intended purpose and only for as long as the data subject is a business contact to Swedese.
Processing personal data is necessary to enable us to submit tenders and fulfil commitments according to contracts.
Data on previous customers is deleted according to Swedese’s procedures.
Swedese processes personal data collected in connection with recruitment procedures.
Personal data may be processed in computer systems at Swedese’s associated companies and organisations with which we cooperate during the recruitment process. The personal data will be kept by us and our partners for the time necessary, taking into account the time needed to complete the recruitment procedure.
During recruitment procedures, applicants are given the opportunity to consent to us keeping their personal data for future recruitment needs. The applicant can withdraw such consent at any time. When the data subject no longer consents to the processing of personal data by Swedese for future recruitment procedures, the data is deleted.
Swedese processes e-mail addresses to conduct direct marketing of the company's products. The data is processed on the grounds of our legitimate interest in maintaining a contact list, maintaining business contacts and communicating with the data subject in the role of a business contact. We deem that these legitimate interests outweigh the data subject’s interest in the data not being processed.
Development and improvement of Swedese’s products
We process correspondence and feedback regarding the company's products, purchases and user generated data, such as click and visit history, technical data concerning the devices used as well as information about the interaction with Swedese, such as information on how long pages were visited and how pages were reached. The data is processed on the grounds of our legitimate interest in developing and improving the company's products and systems as well as for statistical purposes and quality work. This is based on our judgement that this interest outweighs the data subject’s interest in the data not being processed.
Deletion of personal data
Personal data is not stored for any longer than necessary to fulfil the purpose of the processing. We regularly delete personal data when it is no longer relevant for the purposes for which it was collected. As a starting point, this means that personal data is only kept until all transactions between Swedese and the data subject are finally settled.
Handover of personal data
We may share personal data with our Personal Data Processors. Our Personal Data Processors process personal data on behalf of Swedese and according to our instructions. We have Personal Data Processors who manage the transport and delivery, marketing and IT services.
Swedese has written agreements with the company's Personal Data Processors. These agreements guarantee the security of the personal data processed and the Personal Data Processor undertakes to comply with our security requirements and requirements concerning any international transfer of personal data.
We may share personal data with suppliers and resellers for administrative purposes regarding customers and contact persons and for the direct marketing of Swedese’s products. If such sharing takes place, the companies that receive the data are the Data Controllers for the personal data.
Swedese never sells any personal data to another party for direct marketing purposes or similar. Otherwise, we will only provide information if mandatory law so requires or if the data subject has consented thereto.
The data subject has the right, in accordance with the applicable data protection legislation, to ask for a register extract containing information about the personal data concerning the individual that is processed by Swedese. The request under this paragraph must be made in writing and be signed by the individual in person to prevent unauthorised access to personal data.
In addition, the data subject has the right, at any time, to request that we correct, block or delete the data subject’s personal data. If Swedese is required by law to continue storing the personal data, the data can only be blocked.
The data subject has the right to unsubscribe at any time whatsoever from our newsletter or mailing of direct marketing. This can be done by a link in the mailing or by contacting our customer service. In this case, Swedese will stop processing the data subject's personal data for this purpose.
Information security and measures
Swedese takes the necessary technical and organisational measures to ensure that processing takes place in accordance with the applicable personal data legislation, this policy and to ensure the personal data is not lost, or becomes available to unauthorised parties.
Responsibility for personal data
Swedese is the Data Controller for the processing of personal data that takes place on our behalf and thus answers for the lawfulness and correctness of such processing.
Any questions, comments and complaints regarding Swedese’s processing of personal data are to be sent to:
firstname.lastname@example.org or by ordinary post
Swedese Möbler AB
SE-567 23 Vaggeryd, SWEDEN
Supervisory Authority - Datainspektionen
If you consider Swedese to be in breach of the applicable data protection law, you can contact Datainspektionen. Further information on how to proceed can be found on Datainspektionen's website.