Climber International AB, registration number 556993-9902, (below referred to as ”Climber”) is the data controller. Contact details of Climber: Sveavägen 17, SE-111 57 Stockholm, SWEDEN, e-mail firstname.lastname@example.org.
Climber needs to process your personal data with the aim to fulfil our commitments towards our customers, suppliers and partners and towards applicants. Climber may also process your personal data to be able to answer requests from you, correct wrongful information or send information which you have demanded. Climber also needs to process personal data to be able to fulfil legal obligations. Furthermore, Climber may process personal data for marketing purposes.
Processing: operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
Data protection legislation: means such data protection legislation and all other possible legislation (including ordinances and regulations) which is applicable on the processing of personal data which is being performed, including EU’s General Data Protection Regulation (GDPR) and the Swedish supplementary act on data protection and the Swedish Data Protection Authority’s decisions, regulations and guidelines.
Personal data: any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
Data controller: the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data;
Data processor: a natural or legal person, public authority, agency or other body which processes personal data on behalf of the data controller.
LEGAL BASIS AND TYPE OF DATA
Climber processes personal data which data subjects have provided to us or which Climber has collected itself. Climber processes personal data concerning natural persons who are representatives of or contact persons for or employed by customers, suppliers and partners to be able to perform contracts with such persons and parties. Furthermore, personal data concerning persons who are visiting our offices or our website or who contact Climber via telephone, e-mail or otherwise is processed. Information that will be processed is name, address, telephone number and e-mail.
Personal data about applicants may be processed on the basis of the legal grounds performance of contract or legitimate interest. Information may include name, address, telephone number, personal identification number, e-mail.
Information about name, address, telephone number and e-mail may also be used for business and method development, marketing analysis, statistics and risk management. The legal basis for the processing of personal data with the aim to develop and analyse the business is legitimate interest. Climber has a legitimate interest to process the personal data because the processing is necessary in order for us to be able to perform, fulfil and administer our business and server our customers’, partners and other stakeholders’ interests and legal claims. Climber also has a legitimate interest to distribute marketing and offers about our business as such information may be of interest for our customers, partners and other stakeholders and that the integrity risk for natural persons is very small. In each marketing message the possibility to say no to further marketing is given.
Climber also processes personal data to be able to fulfil legal obligations.
TRANSFER OF PERSONAL DATA
Climber will not transfer personal data to any third party except if i) it has been specifically agreed between Climber and you, ii) it is necessary within the framework of a specific assignment to take account of your rights, (iii) it is necessary for us to be able to fulfil legal obligations, adhere to a decision of an authority or of a court, or iv) we engage an external service supplier who performs assignments on our behalf.
Personal data is only stored as long as it is necessary for the purpose of the processing.
Personal data about applicants is not stored longer than six months after that the application was received by Climber, unless the applicant has provided her/his consent to the personal data being stored for a longer period.
The Swedish Book-keeping act and other acts may require longer storage periods. Such acts prevail over the data protection legislation.
Right to access to personal data
You have the right to obtain confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data.
Right to rectification
Climber shall make sure that the personal data which is processed is correct and is kept up to date. You have the right to have inaccurate personal data about you rectified.
Right to erasure
You have the right to have your personal data erased in some situations. This is the case if the personal data is not required anymore for the purpose which it was collected for, if the personal data has been processed unlawfully or if the processing is based on the legal basis legitimate interest and there exists no legitimate interest which weighs heavier than your interest of having your personal data protected.
Restriction of processing
You have the right to demand that the processing is restricted.
You have the right to so called data portability in certain situations, i.e. to get access to personal data about you which you have provided to Climber, in a structured, commonly used and machine-readable format, and have such personal data transmitted to another data controller.
You have the right to demand that your personal data is not processed for marketing purposes.
To be able to show that the processing is performed in accordance with the data protection legislation and taking into consideration the nature, scope and context and purposes of the processing and the risks for natural persons’ rights and freedoms, Climber performs appropriate technical and organisational measures to ensure a level of security which is appropriate in relation to the risks. Such measures shall be reviewed and updated when needed.
Climber engages in some cases data processors, which perform processing of personal data on behalf of Climber. The data processors shall provide sufficient guarantees that they have implemented appropriate technical and organisational measures in such a manner that the processing fulfils the requirements of the data protection legislation and ensures that the data subjects’ rights are protected.
Climber enters into an agreement with each data processor in which agreement it is stipulated the subject-matter of the processing, the duration, nature and purpose of the processing, the type of personal data and categories of data subjects and the rights and obligations of the parties.
The Swedish Data Protection Authority is the supervisory authority as regards processing of personal data. You can read more on the Swedish Data Protection Authority’s website datainspektionen.se.
RIGHT TO LODGE A COMPLAINT
You have the right to lodge a complaint with the Swedish Data Protection Authority if you are of the opinion that the processing of personal data concerning you is in breach of the data protection legislation.
If you have questions regarding our processing of personal data please contact us at email@example.com.