1.2 PAX Scandinavia AB, 556253-8685 (the “Company”, “we” or “us”) is the controller of personal data.
2. COLLECTION OF PERSONAL DATA
2.1 We collect personal data to provide our Services in the best possible manner. When you use the Services, we collect and store the following information that you provide: company name, customer number, name, address, email address and phone number.
2.2 If you contact us or our customer service in relation to your order, we may – in addition to what is set out above – store such information you provide to us or our customer service. It may e.g. be in relation to inquiries regarding our business operations or products or if you send us your CV or apply for a job.
2.3 If you take part in an event that we arrange, we may take pictures that we use for marketing purposes and which we publish in various internal and external channels.
2.4 Please note that information that may identify you as an individual is considered personal data, even if you place the order on behalf of a company.
3. OUR USE OF YOUR PERSONAL DATA
3.1 We use the personal data we collect for the following purposes:
To accept and process your order.
To, when needed, contact you in relation to your order or to get back to you if you have contacted us.
To deliver and invoice the goods you have ordered (including notifying you of delivery).
To manage complaints and warranty related matters, legal matters and questions to our customer service.
To administer and improve the Services.
To provide such services you have requested (e.g. to receive our newsletter).
Provided that you have not opted out, to send you information regarding us, our products and our services – if you have provided your address or email address in connection with an order, or discussion regarding an order, of a product or service.
To market us, our products and services.
3.2 The Company does not collect or purchase customer data from a third party. Neither do we disclose your personal data to a third party, except and insofar it is necessary to fulfill the purposes set out in section 3.1, to manage our IT systems or if it follows from law or a decision by a public authority.
3.3 Partners who process personal data on our behalf will always enter into a data processing agreement with us, to ensure that our partners maintain a high level of security for your personal data.
4. LEGAL GROUND FOR PROCESSING OF PERSONAL DATA ETC.
4.1 Personal data may only be processed if there is legal ground, and the Company will always process your personal data in accordance with applicable law.
4.2 In connection with purchases, the Company will process personal data since it is necessary for us to fulfill the purchase agreement with you. Certain processing is based on a balancing of interest, i.e. that it has been assessed that we have a legitimate interest to process the data for a certain purpose and the processing is assessed not to infringe your integrity. This is e.g. the case when we send marketing to customers, which is based on our legitimate interest to provide relevant information and offers to our customers. The assessment is primarily based on that the data we process is harmless and that the extent of the processing is limited. In case we need to process personal data for legal matters (e.g. in relation to product liability), it is a legitimate interest for the company to protect our legal interests.
5. HOW LONG DO WE KEEP DATA?
5.1 We will only keep your personal information for as long it is necessary according to the purposes set out in section 3.1, or is mandated by law.
6. HOW WE PROTECT YOUR PERSONAL DATA
6.1 The Company has taken necessary and appropriate technical and organizational measures to protect your personal data from unauthorized access, disclosure, loss or use of personal data. For example, our systems have restricted access and the data is protected behind firewalls and through encryption.
6.2 If your data is processed by us or a partner outside the EU/EEA, we will take additional security measures, such as entering into an agreement containing the Standard Contractual Clauses for Data Processors established in third countries which have been adopted by the European Commission.
7.1 Please note that the Website may contain links to other websites which are outside the control of the Company. These links may be provided to help you find information we believe are of interest to you as a customer. The Company is not responsible for the protection of your integrity or the contents on such websites, and we ask you to observe that such websites have their own terms and conditions and to review how they process your personal data.
8. SPECIFIC TERMS AND CONDITIONS
9. YOUR RIGHTS
9.1 You have the right to, in accordance with applicable data protection legislation, at any time request access to the personal data concerning you that we process. Further, you have the right to obtain rectification of inaccurate personal data concerning you, to obtain erasure or restriction of processing of personal data concerning you, to exercise your right to data portability and to object the processing of personal data concerning you.
9.2 In case you would like to exercise any of your rights, please contact us:
PAX Scandinavia AB, Stubbengatan 2, 703 44 Örebro, Sweden
firstname.lastname@example.org (write “Data Protection” in the subject line)
9.3 You are further entitled to, at any time, lodge a complaint with the competent supervisory authority if you consider that your personal data has been processed in violation of applicable data protection legislation:
104 20 Stockholm