Policy: General Data Protection Regulation PHI
Processing of personal data, policy document for Phase Holographic AB.
We take care of your privacy. You should be able to feel secure when entrusting your personal data to us. For this reason, we have drawn up this policy. It is based on current data protection legislation and clarifies how we work to safeguard your rights and privacy.
The purpose of this policy is to make you aware of how we process your personal data, what we use them for, who may view them and under what conditions, and how you can safeguard your rights.
We are personal data controllers
Phase Holographic Imaging AB (Phi AB) with company registration number 556542-7811 and address Scheelevägen 22, 223 63 Lund, Sweden, is responsible for the personal data processed about you. PHI AB is therefore the data controller for your personal data. However, for stock holders, personal data are also processed by Euroclear Sweden. As a central securities depository, Euroclear Sweden is, according to the Swedish law, the personal data controller for the processing of personal data performed by Euroclear Sweden, for example when Euroclear Sweden compiles the share register on behalf of PHI. In all processing of personal data, Euroclear Sweden complies with applicable legislation on personal data processing.
Why do we process your personal data?
We process your personal data in order to provide you with our services and products, i.e. only to enter into or fulfill a contract with you as a customer.
What data do we collect about you – and why?
We strive to process as little personal data about you as possible. This means that we do not collect any more personal data than is necessary to be able to enter into or fulfill contracts with you. In order to be able to enter into and fulfill contracts with you, we need data about your first name, surname, e-mail address, address and other contact details. We do not have more access to your personal data than the data that you have provided to us.
How do we protect your personal data?
Your security is important to us. Therefore, we have taken appropriate technical, organisational and administrative security measures to protect your personal data from unauthorized access and other unauthorized processing. We regularly analyse and evaluate the measures in order to ensure that protection of your data is as safe as possible.
Who do we disclose your data to?
We do not disclose your data to other companies or organisations unless required by law or necessary to perform our statutory or contractual obligations towards you.
We may disclose your personal data to any of our partners, suppliers or subcontractors, but only if that is necessary for us to meet our obligations in relation to you as a customer. We never provide more personal data than is necessary.
When required by law, we may need to disclose your data to public authorities and other organisations. We may also need to disclose your data if it is necessary to exercise, establish or monitor our legal claims.
We never disclose your personal data to other companies or businesses for marketing purposes.
On what legal basis do we process your personal data?
We only process the personal data that we need to enable us to perform our services or deliver our products to you, i.e. when we enter into or fulfill a contract with you. To the extent that we process further data, we will obtain your consent or ensure that processing is authorized on a different legal basis.
How long do we process your personal data?
We retain data about you as a customer for the duration of the agreement with you and for a reasonable time thereafter. In most cases, this means that we do not retain your personal data for a period of more than one year from the end of the agreement, but under certain conditions we may keep your data for a longer period of time. This applies, for example, when required by law or when the data may be needed to establish, exercise and monitor legal claims.
When we process personal data about you, you as registered have a number of rights. You have the right to contact us at any time with respect to these, and if you wish to exercise any of the rights described below, you can reach us most easily at firstname.lastname@example.org.
We reserve the right to take appropriate protective and security measures in order to ensure that you are the person you claim to be when you contact us. If you cannot satisfactorily demonstrate your identity, we may not be able to respond to your request.
Access to personal data
You have the right to know what personal data we process about you. If you wish to know, you can get a compiled register extract from us that contains all the personal data we process about you.
Correction and deletion
If we process your personal data incorrectly or if we no longer need the data, you are entitled to have it deleted. If the data is incomplete, you have the right to have it supplemented. Please keep in mind that we may not be able to provide you with our services if you request to have your personal data deleted.
In certain circumstances you have the right to receive the data that we process about you in a general, written, machine-readable and structured format. You have the right to do so for the personal data that you have provided to us and which we process with your consent or when the personal data is required to enter into or complete an agreement.
Restrictions to processing
Under certain conditions, you have the right to request that we restrict our processing of your data. This means that we mark the data so that in future we only process it for certain specific purposes. We may not be able to provide you with our services if we restrict the processing of your personal data.
Right to make objections
You have the right to object to the processing of personal data that is carried out to perform a task in the public interest, as part of an exercise by a public authority or after a balance of interests. We do not process your personal information for any of these purposes or on any of these grounds. Therefore, you cannot direct any objections towards our processing on this basis.
Right to lodge a complaint
You have the right to lodge a complaint with the Swedish Data Protection Authority if you believe that we are processing your personal data in an inappropriate manner. You can read more about this on the Swedish Data Protection Authority’s website www.datainspektionen.se.
You can contact us at any time by writing to email@example.com or by calling us on phone number +46 46-38 60 80 if you wish to learn more about how we process your personal data. You can also read more about us on our website phiab.com.