SWEDENCAREPARTNER’S DATA PRIVACY POLICY
This Data Privacy Policy (‘privacy policy’) explains how Swedencare AB and the website swedencarepartner.com (‘Swedencare’, ‘we’ or ‘us’) collects and uses your personal data when you use Swedencare's services or otherwise interact with us. This privacy policy also describes what rights you have towards us and how you can exercise such rights. You can always contact us with questions about privacy and data protection by sending an e-mail to partnerportal@swedencarepartner.com Swedencare is the controller of your personal data and we process your personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (‘GDPR’). We therefore encourage you to read this privacy policy in its entirety to ensure that you fully understand how we process your personal data in connection with the products and services which we provide you with.Personal data means any information relating to you as a data subject that can directly or indirectly identify you, such as your name, date of birth and social security number. Processing means any operation on personal data, such as the use, collection and organisation of personal data.
1. Contact information to the controller
Company name: Swedencare AB
Registration number: SE556470379001
Postal address: Per Albin Hanssons väg 41 214 32 Malmö Sweden
E-mail: partnerportal@swedencarepartner.com
2. What information do we collect?
We process personal data that you provide to us, as well as personal data generated when you use our products and services. You may directly or indirectly provide us with the following categories of personal data:
Category of personal data Type of personal data
Identification data Name, birthday, social security number, etc.
Contact data E-mail address, invoice address, delivery address, phone number, etc.
Payment information Credit and debit card information, etc.
Online identifiers IP address, device-ID, etc.
Behavioural data Purchase history, website heat map data, etc.
3. What do we do with your personal data?
In the tables below, you will find information regarding;
1. The purposes for which we process your personal data, i.e. why the processing is necessary,
2. The types of personal data we use for each purpose, and whether such personal data is obtained directly from you or from a third party,
3. What legal basis we have under the GDPR to process personal data about you,
4. and what Retention period we have for each processing activity, i.e. after how long Swedencare deletes the personal data for each respective purpose.
3.1. When you contact and interact with us
When you contact us via phone, e-mail or any of our social medias, we will collect the personal data which you provide us with for the purpose of being able to answer any of your questions, handle your requests, or interact with you.
Purpose
When you contact our customer support via phone or e-mail, we will process your personal data in order to assist you in your customer support matter.
Personal dataI
Identification data, contact data
Legal basis for processing (‘why is the processing activity necessary’)
We base our processing on article 6.1 (b) GDPR. The processing is necessary in order for us to assist you with your customer support matter, thereby performing our part of the contract in which you are part in.
Retention period
In order to perform our part of the contract in which you are part of, Swedencare will store your data for three (3) years, after which your personal data will be deleted immediately.
Purpose
When you contact us on social medias, we will process your personal data in order for us to answer any of your question and/or interact with you.
Personal data
Identification data, contact data
Legal basis for processing (‘why is the processing activity necessary’)
We base our processing on article 6.1 (f) GDPR. We have a legitimate interest of being able to process your personal data in order to answer any of your questions and/or interact with you on social medias. After careful consideration, Swedencare makes the assessment that our legitimate interest of processing your personal data for these purposes outweighs your interest of us not processing your personal data. Furthermore, we deem that the processing in question is necessary in order to fulfil the purpose behind the processing.
Retention period
Swedencare will process your personal data for three (3) years, after which your personal data will be deleted immediately.
3.2. When you make a purchase from us
When you make purchases from us, we will collect the personal data which you provide us with for the purpose of being able to provide you with our products, process your payments and send you an invoice.
Purpose
When you purchase products from us, we will process your personal data in order for us to provide you with our products, process your payments and send you an invoice.
Personal data
Identification data, contact data, online identifiers, payment information
Legal basis for processing (‘why is the processing activity necessary’)
We base our processing on article 6.1 (b) GDPR. The processing is necessary in order for us to provide you with our products,thereby performing our part of the contract in which you are part in.
Retention period
In order to perform our part of the contract in which you are part of, Swedencare will store your data for three (3) years, after which your personal data will be deleted immediately. To the extent that your personal data must be stored in order for us to fulfil our legal obligations according to the Swedish Accounting Act (1999:1078) (Sw: Bokföringslag (1999:1078), Swedencare will store your personal data for seven (7) years after such accounting has been consolidated.
3.3. When you interact with our website
When you interact with our website, Swedencare will collect your personal data in order for us to provide you access to our website, and to analyse how you use our website. Swedencare uses cookies and other tracking technologies on our website in order to improve your user experience. You can find more information regarding our usage of cookies in our cookie policy.
Purpose
When you interact or otherwise use our website, we will process your personal data in order for us to provide you access to our website and analyse your usage of our website.
Personal data
Identification data, contact data, online identifiers, behavioural data
Legal basis for processing (‘why is the processing activity necessary’)
We base our processing on article 6.1 (f) GDPR. We have a legitimate interest of being able to process your personal data in order to provide you access to our website and to analyse how you use our website. After careful consideration, Swedencare makes the assessment that our legitimate interest of processing your personal data for these purposes outweighs your interest of us not processing your personal data. Furthermore, we deem that the processing in question is necessary in order to fulfil the purpose behind the processing.
Retention period
Swedencare will process your personal data for six (6) months, after which your personal data will be deleted immediately.
3.4. When we communicate with you
We may process your personal data in order for us to communicate relevant information and marketing to you regarding products which you have previously purchased, or similar products which we sell which may be of interest to you. If you do not want to receive such communication from us, you may at any time request that we stop processing your personal data for these purposes by send an e-mail to partnerportal@swedencarepartner.com
Purpose
In order for us to market our products, send you other relevant information and to develop and improve our business, we may process your personal data.
Personal data
Identification data, contact data
Legal basis for processing (‘why is the processing activity necessary’)
We base our processing on article 6.1 (f) GDPR. We have a legitimate interest of being able to process your personal data in order to market our products, send you other relevant information and improve our business. After careful consideration, Swedencare makes the assessment that our legitimate interest of processing your personal data for these purposes outweighs your interest of us not processing your personal data. Furthermore, we deem that the processing in question is necessary in order to fulfil the purpose behind the processing.
Retention period
Swedencare will process your personal data for six (6) months, after which your personal data will be deleted immediately.
Purpose
We may conduct surveys and ask you to participate. For this purpose, we may process your personal data.
Personal data
Contact data
Legal basis for processing (‘why is the processing activity necessary’)
We base our processing on article 6.1 (f) GDPR. In case that you participate in our surveys, we have a legitimate interest of being able to process your personal data in order to follow up any of your answers for business development purposes. After careful consideration, Swedencare makes the assessment that our legitimate interest of processing your personal data for these purposes outweighs your interest of us not processing your personal data. Furthermore, we deem that the processing in question is necessary in order to fulfil the purpose behind the processing.
Retention period
Swedencare will process your personal data for three (3) months, after which your personal data will be deleted immediately.
4. YOUR RIGHTS REGARDING swedencare’s PROCESSING OF YOUR PERSONAL DATA
As a data subject, you have several rights in relation to your personal data under the GDPR. These rights are listed below. If you wish to exercise your rights, you can contact us at the contact details provided above in section 1 of this privacy policy.
4.1. Right to information
You have the right to receive information regarding how Swedencare processes your personal data. Such information is provided through this privacy policy in connection with the collection of your personal data and is always available at our website swedencare.com. You also have the right to receive specific information in the event of a personal data breach that affects your personal data and there is a risk of e.g. fraud or identity theft. We will communicate such information directly to you by e-mail.
4.2. Right of access
You have the right to receive a summary of your personal data which Swedencare processes (register extract). However, under certain conditions, Swedencare may deny your request for access, e.g. if you request access many times over a short period of time.
4.4. Right to erasure (’right to be forgotten’)
You have the right to request the erasure of your personal data when it is no longer necessary to process it for the purpose for which it was collected. You can notify us by e-mail to partnerportal@swedencarepartner.com if you wish us to delete your personal data. However, there are legal requirements and obligations set forth in laws that may prevent us from deleting certain information, such as the Swedish Accounting Act (1999:1078) (Sw: Bokföringslag (1999:1078)). We then ensure that such personal data is not processed other than to the extent required for us to fulfil these obligations and limit the access of Swedencare's employees to such personal data. You may also have the right to have certain personal data erased when you object to processing under section 4.6 below provided that Swedencare does not have an overriding legitimate ground for the processing.
4.5. Right to restriction of processing
You have the right to request the restriction of our processing of your personal data in certain cases. If you believe that the personal data we process about you is inaccurate and you have requested rectification, you may request a restriction of processing of your personal data. In such cases, restricted processing will take place during the time we are working on verifying whether or not the personal data is accurate. You may also request the restriction of our processing of your personal data if the processing is unlawful and you oppose the erasure of the personal data and instead request a restriction of its use. Another scenario where you have the right to request restriction of or processing of your personal data is if we no longer need the personal data for the purposes of the processing, but you need it for the establishment or defence of legal claims. You can also request that our processing of your personal data is restricted if you have objected to processing based on a balance of interests (legitimate interest), in which case the processing of personal data will be restricted during the time we establish whether our legitimate interests outweigh your legitimate interests. In case the processing has been restricted under any of the above situations, we may only process your personal data, in addition to the retention itself, for the establishment, exercise or defence of legal claims, for the protection of the rights of another person or because you have given us your consent to do so.
4.6. Right to object and automated decision-making
You have the right to object at any time to our processing of your personal data if such processing is based on a legitimate interest. The further processing of your personal data requires us to demonstrate a legitimate reason for the current processing activity. Otherwise, we may only process the data for the establishment, exercise or defence of legal claims. For reasons related to your specific situation, you also have the right to object to profiling and other processing of personal data concerning you, when the processing of the information is based on the customer relationship between you and Swedencare. You always have the right to object to direct marketing without a balancing of interests. As a data subject, you also have the right not to be subject to decisions based solely on automated decision-making, where such decision-making results in legal consequences or similarly significantly affects you. You have the right to object to such processing, including profiling. However, this right does not apply if the decision-making is necessary for the conclusion or performance of a contract with you or if you have provided us with your explicit consent. Swedencare does however not conduct any automated decision-making or profiling.
4.7. Right to data portability
In certain cases, you have the right to have your personal data transferred to you in a structured, commonly used and machine-readable format to another controller (register extract), provided that the transmission is technically feasible and can be automated. This applies to personal data that you have provided to us and that we process with the legal basis of performance of a contract or based on your consent. You can contact us by e-mail at partnerportal@swedencarepartner.com if you wish to receive a register extract of your personal data.
4.8. Right to withdraw consent
Where you have given your consent for the processing of your personal data, you have the right to withdraw such a consent at any time. You can withdraw your consent by notifying us via the contact details provided in section 1 above.
4.9. THE RIGHT TO LODGE A COMPLAINT
If you believe that we are processing your personal data in breach of the GDPR, you have the right to lodge a complaint with the Swedish Data Protection Authority (Sw: Integritetsskyddsmyndigheten, ‘IMY’) via the contact details provided in section 8 below. For more information on how to lodge a complaint, please visit the IMY website at https://www.imy.se
5. WHO MIGHT WE SHARE YOUR INFORMATION WITH?
Transfers of your personal data within the EU/EEA
Swedencare does not sell information about you to third parties. However, in the conduct of our business, it is necessary for us to share your personal data with certain third parties in order to, among other things, provide you with our services and products and fulfil our agreement with you. We then take all reasonable technical, legal and organisational measures to ensure that your personal data is handled securely and with an adequate level of protection. The following categories of third parties may receive and process your personal data.
Suppliers and sub-contractors
Suppliers and sub-contractors are companies that provide Swedencare with the services and functionalities required for us to provide you with our services and products. In most cases, suppliers and/or sub-contractors are companies that only have the right to process the personal data they receive from Swedencare on behalf of Swedencare, so-called processors. Examples of such suppliers and sub-contractors are financing partners, e-mail-, print- and logistics companies. However, in some instances some of these suppliers and/or sub-contractors process your personal data for their own purposes and are thus separately responsible for that part of the personal data processing as independent controllers. To learn more about how these companies process your personal data, we refer you to their privacy policies which you can find in the tables below under section 5.2. Swedencare needs access to services and functionality from other companies that Swedencare cannot provide itself. We may therefore share your personal data with suppliers or sub-contractors to access these services and functionalities in the performance of our contractual obligations to you or to fulfil our legitimate interest and for the other purposes set out in this privacy policy. We ensure that the processing involved is necessary to fulfil such interests, and that our interests outweighs your interests not to have your data processed. Based on the circumstances of your individual case, you have the right to object to our processing of your personal data where we rely on legitimate interest to support the transfer. More information on your rights can be found in section 4 above.
Advertisement Companies
In order for Swedencare to create and realise marketing and advertisement strategies and/or campaigns, it is necessary for us to share your personal data with advertisement companies. We base such transfers of your personal data on our legitimate interests to market our products and business to you and other potential customers. You have the right to object to transfers of your personal data which we base on our legitimate interests. Such objections will be evaluated on a case-by-case basis. You can find more information regarding your rights in section 4 above.
Payment Service Providers, Financial Partners and other Financial Service Providers
We will share your personal data with our payment service providers, financial partners and other financial service providers. This is necessary in order for us to administer your purchases. Our legal basis for such transfers is performance of the contract which you have entered into with us when purchasing any of our products.
Transport and Logistics Companies
We ship all of our products, therefore it is necessary for Swedencare to share your personal data with transport and logistics companies in order for your parcels to be delivered. We base such transfers of your personal data on the performance of the contract which you have entered into with us when purchasing any of our products.
Whistleblowing Service Providers
In order for us to comply with whistleblowing legislation, we will share your personal data to providers of our whistleblowing service in cases where you have filed a whistleblowing report. We base such transfers of your personal data on our legal obligation to do so according to e.g. the Swedish Whistleblowing Act (2021:890) (Sw: Lag (2021:890) om skydd för personer som rapporterar om missförhållanden).
Providers of Shareholder Management Systems
We may have to share our shareholder’s personal data with providers of our shareholder management systems. Such transfers are necessary in order for us to e.g. comply with the Swedish Companies Act (2005:551). We base such transfers of your personal data on our legal obligation to do so according to e.g. the Swedish Companies Act (2005:551) (Sw: Aktiebolagslag (2005:551)).
Digital Signature Providers
In order for us to streamline and digitalise our contractual processes, we will share your personal data with digital signature providers when your sign digital agreements with Swedencare. We base such transfers of your personal data on our legitimate interests to streamline and digitalise our contractual processes. You have the right to object to transfers of your personal data which we base on our legitimate interests. Such objections will be evaluated on a case-by-case basis. You can find more information regarding your rights in section 4 above.
Survey Service Providers
We may conduct surveys in order to improve our business. In such cases where you participate in such surveys, we will share your personal data with our survey service providers. Such a transfer is necessary for us to administer your answers in our surveys and we base such transfers on our legitimate interests to improve our company. You have the right to object to transfers of your personal data which we base on our legitimate interests. Such objections will be evaluated on a case-by-case basis. You can find more information regarding your rights in section 4 above.
Collaboration Brokers
A part of Swedencare’s marketing and advertisement strategy is to collaborate with content creators. We use collaboration brokers for this purpose and will transfer your personal data to such collaboration brokers during any collaborations that have been entered through said collaboration broker. We will base such transfers of your personal data on the performance of contract which you have entered with us through the collaboration broker within the scope of the collaboration.
Transfer of your personal data outside the EU/EEA
Where applicable, we may share your personal data with other companies in a country outside the EU/EEA, a so-called ‘third country’. In a third country, the GDPR does not apply, which may entail an increased risk from a privacy perspective regarding, among other things, the possibility for authorities in a third country to gain access to your personal data and for your ability to exercise control over the personal data. In order to protect your personal data and to maintain an adequate level of protection of your personal data, such transfers are based either on an adequacy decision of the European Commission or through appropriate safeguards such as binding corporate rules approved by the competent supervisory authority, or the European Commission's standard contractual clauses in combination with organisational and technical safeguards. You can read more about which countries are considered to have an adequate level of protection on the European Commission's website by following this link: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en. You can read more about standard contractual clauses by following this link: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en. We always intend to carry out a risk assessment before a transfer to a third country and take both technical and organisational safeguards to ensure an adequate level of protection. We always strive to transfer as little personal data as possible to countries outside the EU/EEA, and if possible, in anonymised form. For more information on the safeguards that Swedencare takes, please see section 6 of this privacy policy. The tables below show which companies outside of the EU/EEA which might receive your personal data.
Suppliers and sub-contractors
In some cases, your personal data may be shared with suppliers and sub-contractors outside the EU/EEA. This may involve suppliers of, e.g. marketing services, IT services and financial services required to conduct our business, with a registered office or server in a country outside the EU/EEA.
6. How do we protect your personal data?
Swedencare takes a range of technical and organisational security measures in order to protect your personal data against loss, misuse, unauthorised access, unauthorised disclosure, alteration or destruction. By combining organizational measures such as access control and incident response plans, with technical safeguards such as firewalls and encryption, we have created a robust defence strategy to protect personal data on our web server from a wide range of potential threats. Our commitment to continuous monitoring, improvement, and adaptation ensures that we stay ahead of evolving security challenges. For more information about which security measures we take and what they mean for you and your personal data, please send an e-mail to partnerportal@swedencarepartner.com
7. Updates to this privacy policy
We are constantly improving and developing our services, products and our website se.swedencare.com, and the content of this privacy policy may therefore change over time. We encourage you to read this privacy policy every time you use our services and products. If significant changes are made to our services, products or this Privacy Policy, we may notify you by e-mail or by other appropriate means.
8. Contact information to Swedencare and the swedish data protection authority
Swedencare is constantly working to ensure that we comply with data protection legislation in all the markets where we offer our products and services. If you have questions or complaints about our processing of your personal data, or if you wish to enact any of your rights as stated above in section 4, you are welcome to contact us at partnerportal@swedencarepartner.com In case you are not satisfied with our handling of your query or case, you have the right to file a complaint with the Swedish data protection authority
(Sw: Integritetsskyddsmyndigheten, ‘IMY’). Integritetsskyddsmyndigheten E-mail: imy@imy.se Website: www.imy.se
This Data Privacy Policy was last updated 2024-10-21.