Last updated 2020-12-07

Introduction

On 25 May 2018, the General Data Protection Regulation (EU) 2016/279 “GDPR” entered into force. The Data Protection Regulation aims to protect the fundamental rights and freedoms of physical persons, in particular their right to the protection of personal data. Alteco Medical AB protects your personal privacy, and it is important to us that you feel safe with how we handle your personal information.

In this privacy policy, we explain how we, as responsible for your personal data, process it in accordance with GDPR. We state which personal data we process and the reasons on which the processing is based. We also tell you how you can access your personal information and how you can make comments to us on the processing.

What personal data we process, purpose and legal basis

Representatives from companies/organizations

Alteco Medical AB processes information about you that we need to be able to contact you as a representative of a company/organization. Your information is often collected from you directly or from the company/organization you represent.

Category of personal data

Personal and contact information (name, e-mail, address, telephone, e-mail, function in the company/organization

Purpose of the processing

The processing is necessary to be able to communicate with the company/organization regarding administration and performance of services, delivery of goods, technical issues, etc.

Meet legal requirements, such as accounting obligations

Enable marketing and communication with the company/organization

Lawful basis

Necessary to fulfil agreements with the company/organization.

Alteco Medical AB has a legitimate interest in fulfilling the agreement and administering the business relationship with the company/organization (balancing of interests).

The processing is necessary to fulfil the company’s legal obligations.

Alteco Medical AB has a legitimate interest in being able to market the company and its products/services.

Website visitors

Category of personal data

Device information, such as IP address, information from cookies, etc.

Purpose of the processing

To customize the company’s website based on how it is used.

Lawful basis

The processing is necessary to fulfil a legitimate interest in improving and simplifying the company’s website (balancing of interests).

Person discharging managerial responsibilities (PDMR) and their relatives

According to the EU Market Abuse Regulation (MAR), the company is obliged to keep records of the company’s executives and their relatives.

Category of personal data

Name, function in Alteco Medical AB, in what way the person is related.

Purpose of the processing

To fulfil legal requirements.

Lawful basis

Necessary to fulfil the company’s legal obligations.

Persons with access to inside information about the company

According to the EU Market Abuse Regulation, (MAR), the company is required to keep an insider list.

Category of personal data

Name (including surname at birth), work telephone number, name of the company that the person represents, company address, function, date of birth, personal ID-number, private telephone number, full home address

Purpose of the processing

To fulfil legal requirements.

Lawful basis

Necessary to fulfil the company’s legal obligations.

Persons who are looking for employment with us

Category of personal data

Contact information such as name, address, telephone number, e-mail, CV and any personal letter.

Purpose of the processing

To be able to fulfil the company’s recruitment needs.

Lawful basis

The processing is necessary for the company’s legitimate interest in recruiting the right staff for the company (balancing of interests).

People who subscribe to our newsletters

Category of personal data

Name and e-mail address.

Purpose of the processing

Necessary for the company’s legitimate interest in marketing news about the company and its products/services.

Lawful basis

The processing is necessary for the company’s legitimate interest in being able to market the company’s products/services.

People who contact us spontaneously

Category of personal data

Personal and contact information such as name, title, address, e-mail address and telephone number.

Purpose of the processing

To enable and facilitate communication with potential customers, shareholders, suppliers, partners and other stakeholders.

Lawful basis

The processing is necessary for the company’s legitimate interest in being able to communicate with potential customers, shareholders, suppliers, partners and other stakeholders.

Where do we collect your personal information from?

Alteco Medical AB processes personal data that you have provided to us when you contact us. We can also collect information from public registers.

Who do we share your personal information with?

Alteco Medical AB shares information with trusted suppliers who help us operate our website and manage accounting and payroll administration. There are Personal Data Processing Agreements with these parties that regulate how the personal data may be used and how they are protected. We may also share your personal information if we find it necessary due to statutory requirements.

Transfer to third countries

Alteco Medical AB only processes your personal data within the EU / EEA, ie. personal data is not transferred to third countries.

How long do we store your personal information?

We do not store your personal data for longer than is necessary with regards to the purpose for which the personal data is processed. Some personal data is stored for as long as necessary to be able to fulfil statutory provisions, for example the Swedish Accounting Act (Bokföringslagen). Information that you provide to us when you subscribe to our newsletter is stored as long as you subscribe to such mailings.

Security and protection

Alteco Medical AB has taken adequate technical and organizational security measures to protect your personal data from unauthorized access, alteration or dissemination.

Your rights

No matter what personal information we have stored about you, you will always have control over your own personal information. Therefore, according to the GDPR, you have the following rights:

Right of access and transparency (“register extract”) – You can request extracts from registered personal data and verify the information we have about you.

Right of correction – You have the right to have incorrect or incomplete information about you corrected.

Right to be forgotten – You have the right to request that your personal data shall be deleted if the data is no longer necessary for the purpose for which it was collected. However, if the data is saved due to statutory obligations, you do not have the right to request deletion of data.

Right to restriction – You have the right to restrict continued processing of data, for example if you question whether the processing has lawful basis.

Right to data portability – ie. the right to have some of your personal data transferred to another personal data controller.

Right to object – You always have the right to stop direct marketing or object to the processing of personal data based on a balance of interests.

If you are dissatisfied with our processing of your personal data

If you are dissatisfied with our processing of your personal data, you have the right to submit a complaint to the Swedish Data Protection Authority (Datainspektionen).

Changes to this Privacy Policy

We reserve the right to update or change this policy if necessary. You should visit the website regularly to obtain the latest version.

How to contact us

If you have questions regarding our processing of personal data or if you want to exercise any of your rights related to the processing of the same, please contact:

Personal Data Controller: Alteco Medical AB
Organisation number: 556625-0840
Address: Höstbruksvägen 8, 22660 Lund
Phone: +46 (0)46 – 32 86 00
Email: privacy@altecomed.com