Our guidelines / Personal Data Policy

Personal Data Policy

Your personal data

Care of Sweden AB is open about the data we collect and for what purpose. Our goal with this policy
is to describe, accurately and transparently, how we collect, use, display, transmit and store your
information, so you can feel confident that your personal data is kept safe. Care of Sweden performs
all processing of personal data in accordance with the EU General Data Protection Regulation
(GDPR). This policy applies for all circumstances when you are in contact with us in any way.

Who is responsible for your personal data?

The Swedish-owned company, Care of Sweden AB, is the data controller for the personal data that
you send to us and is responsible for your personal data in accordance with the applicable data
protection regulations.

Care of Sweden AB
Box 146
514 33 Tranemo
Sweden
Business register: Swedish Companies Registration Office
Corporate identification number: 556524–0578

What is personal data?

Personal data is any kind of information that can be directly or indirectly attributed to a natural person.
This applies, for example, to your name, national identification number, address, e-mail address, and
phone number. This also applies to encrypted data and different types of electronic identities, such as
IP numbers for example, if they can be linked to natural persons.

Why do we use your data?

We use your information to deliver the services and products you have ordered from us and to handle
queries and customer care.

Where is your personal data stored?

We handle personal data in our computer systems.

Who has access to your personal data?

Your personal data is shared within Care of Sweden with access control at different levels.

Microsoft
We use Microsoft Office products and system services for our work internally. This means that your
personal data will be processed by Microsoft, which has been engaged by us as personal data
processor. The personal data is stored by Microsoft in a cloud service in the EU. The personal data
can be transferred by Microsoft to a third country (i.e. a non-EU/ESS country) in the event of a major
IT incident. This transfer is solely for the purpose of protecting the data.

Contracting partners and IT suppliers
We use a number of different IT services and IT systems in our business. We safeguard your privacy
and the security of your data during all such processing. Some systems are installed locally with us
and, in these cases, only our staff have access to the data. In these cases, there is no transfer to a
third party. Some systems are cloud solutions, or installed at the supplier, which means we transfer
personal data to the supplier. In these cases, the supplier is our data processor and handles the data
on our behalf through contracts between us and the supplier.

On what lawful basis is the data handled?

As lawful basis, we cite contract, legal obligation and legitimate interests.

 

What are your rights?

Right of access

You have the right to contact Care of Sweden to obtain information about the personal data we
process about you and how we process your data.

It may be the case that some information cannot be provided due to other statutory provisions.

Right to extract from the register

If you would like information about the information we have registered about you, you can apply for
this by writing to the address above. The extract from the register is provided on request and is free of
charge once a year.

The request has to be sent by mail, because it has to contain your signature, so you cannot send an
e-mail. Mark the letter with "Personal Data Extract".

The legal support for this right to register extracts can be found in Section 26 of the Personal Data Act

Right to data portability

You have the right to have your data transferred to you in a structured format to facilitate data
portability.

Right to rectification

You have the right to have your data corrected, as well as to complete data if it is incomplete, if it is
relevant to the purpose of the personal data processing.

Right to erasure

You have the right to delete all personal data processed by Care of Sweden at any time, with the
exception of the following situations:

  • you have a current case with us,
  • you have a current order that has not yet been dispatched or has been partially shipped;
  • you have an unpaid debt to Care of Sweden, regardless of your payment method,
  • you have bought a product from us and thus fall within the Medical Device Directive, where we
    must maintain traceability of the product for at least 10 years,
  • if you have made a purchase, we store your data in connection with the transaction for accounting
    purposes and it is stored in accordance with the Accounting Act.

Right to restriction

You have the right to demand that Care of Sweden restricts the processing of your personal data in
the following circumstances:

  • If you object to the processing of your personal data on the basis of Care of Sweden's
    legitimate interest, we will limit all handling of the data while the investigation is underway.
  • If you claim that your personal data is incorrect, Care of Sweden must restrict all handling of
    this data during the ongoing investigation into the accuracy of the personal data.

 

How can you exercise your rights?

  • Right to complain
    If you believe Care of Sweden is processing your personal data incorrectly, you can contact
    Customer Service at gdpr@careofsweden.se
    You also have the right to lodge a complaint directly with the Swedish Authority for Privacy
    Protection.
  • Right to object
    In some cases, you have the right to object to the processing of your personal data.
    This applies when your personal data is used following a balance of interests, but not if the
    legitimate reasons outweigh your interests.
    You always have the right to object, if the data is used for direct marketing purposes.
  • Damages
    If you have suffered harm from the processing of your personal data in violation of the General
    Data Protection Regulation, you may have a right to damages.

 

Care of Sweden's technical and organisational measures for the
secure processing of your personal data

We take ongoing measures to comply with the principles of "built-in data protection and data
protection as standard". We continuously evaluate the risks associated with the personal data
processing that takes place and take the necessary security measures to reduce the risks.

We continuously train our personnel on data protection issues.

 

Other

Care of Sweden reserves the right to change/update policies. The latest version is available on our
Website.

If you have any questions about Care of Sweden's policy, please contact us by e-mail at
gdpr@careofsweden.se or phone +46 (0) 771-106 600. You can also write to us at the address below

Care of Sweden AB, Box 146, SE-514 23 Tranemo, Sweden

 

Order reception

Why do we use your data?

We use your personal data to send an order confirmation to the e-mail address provided when
ordering or to the specified contact person.

We send information about deviations, such as, for example, delivery delays. Such information is
provided by e-mail or by telephone, depending on the nature of the deviation and the contact details we have about you.

We send payment reminders by e-mail.

What kind of personal data do we store?

The following data is stored in our system:

  • Name
  • Address
  • E-mail address
  • Telephone number
  • Order history
  • Delivery information
  • Payment history
  • Reference numbers

Who has access to your personal data?

When you buy from us, your information is recorded in our business system and customer system and
is shared within Care of Sweden.

Supplier of installations for rental systems
To provide the installations, we use subcontractors and contracting partners. Sometimes, it is
necessary for us to we provide or receive personal data from them to enable the performance of the
service.

On what lawful basis is your personal data handled?

In connection with purchases, your personal data is processed with contract as lawful basis.

How long is your personal data stored?

According to the Medical Devices Directive, we need to store information for 10 years. The purpose of
the storage period is to maintain the product’s traceability for safety reasons.

 

Customer care

Why do we use your data?

We use your personal data to handle queries from you, handle complaints and guarantee
issues regarding products as well as technical support via email, telephone and personal
contact.

We can also contact you if there is a problem with your order.

What kind of personal data do we store?

  • Name
  • Address
  • E-mail address
  • Telephone number
  • Organisation/Company
  • Work Role/Position

Who has access to your personal data?

All cases are handled in our customer system and shared within Care of Sweden.

On what lawful basis is your personal data handled?

Processing of personal data is based on contract.

How long is your personal data stored?

The company stores personal data for as long as you are a customer with us and for as long as we
need the data to discharge our responsibility to you as a customer. Where the case concerns the
product, we may need to store your personal data for at least 10 years, in order to comply with other
legislation.

 

Development of digital services

Why do we use your personal data?

We use data on customer behaviour to develop and improve our digital channels, design offers and to
correct shortcomings and to increase security.
In the main, we use anonymous, or anonymized data at an aggregated level, to perform this type of
analyses.

We use personalisation in our communication via social media and web advertising on websites other
than careofsweden.se.

We collect your personal data when you subscribe, for example, to our newsletter, request
downloading documents or access to services, create an account or rent our products. If you have
signed up for our newsletter, we adapt the content of the newsletter to you.

What kind of personal data do we store?

  • First and last name
  • Address
  • E-mail address
  • Telephone number
  • Company/organisation
  • Department/unit
  • Work Role/Position
  • User behaviour
  • Your order history

Who has access to your data?

Your information is shared within Care of Sweden in our customer system.
Information forwarded to a third party is only used to allow us to develop the services given above. We
use web analytics companies to analyse our customers' online behaviour.

On what lawful basis is your data processed?

The processing of your personal data to develop and improve our services and service, is based on
legitimate interests.

How long do we save your data?

We save your contact information until you contact us and want to be removed from our register. If you
subscribe to our newsletter, you can easily unsubscribe by clicking on the link in the mail.

 

Compliance with legal obligations

Why do we use your personal data?

Processing of your personal data is necessary for us to comply with obligations under laws
and ordinances, for example, regarding patient safety and accounting.

What kind of personal data do we store?

  • Name
  • Address
  • E-mail address
  • Telephone number
  • Ordering history
  • Reference numbers

Who has access to your personal data?

Your information is shared within Care of Sweden.

On what lawful basis is your personal data processed?

Personal data processing is necessary to allow us to fulfil a contract with you or for us to be
able to fulfil a legal obligation.

Storage times

According to statutory requirements, we need to store information for at least 10 years. The purpose of
the storage period is to maintain the products’ traceability for safety reasons.

We reserve the right to store data in accordance with the Accounting Act.