Policy for processing personal data
Purpose
HIAK AB protects integrity. Counterparties should feel secure in g’s at entrusting the basis of personal data.
This policy is based on current data protection legislation (GDPR) and clarifies how we work to take care of rights, obligations and integrity.
The policy is that counterparties should know how HIAK AB handles personal information, what’s the use, who may take part of them, under what conditions and how counterparty can take advantage it’s rights.
Background
HIAK AB processes personal information to fulfil the company’s obligations. The base is not to process more personal data than is necessary for the purposes. The company always tries to minimize the use of privacy- sensitive data.
Personal data may be necessary to provide good service in terms of monitoring, analysis and information, and in contacts with customers and suppliers. It is also necessary to comply with laws and regulations.
Counterparty has the right to refuse that the company uses personal data for direct marketing. If HIAK AB intends to use personal data for direct marketing, counterparty shall be informed and consent.
Guidelines
HIAK AB Handles only personal information when there is legal, factual or commercial reason. HIAK AB does not process personal data in any case other than when required to fulfil obligations under law and agreement. Here are examples of personal data that processes.
Non-integrity-sensitive data:
Name
Address
Phone number
E-mail address
Title
Information of the counterparty register for spontaneously and voluntarily
Content that the counterparty publishes itself, so-called user – generated content.
Etcetera.
Privacy-sensitive data:
Payroll information
CV at the job application
Union Accompanying (Employees)
Medical certificate (employee and CEO)
Social security number (employees, board and CEO)
Account number and other bank-related information (employees)
Employee number
User name
The time worked, etc. absence.
Photographs.
Etcetera.
HIAK AB shall obtain consent before treatment of data if there is no legal, factual or commercial reason. Counterparty agrees to treatment by accepting the company policy for processing personal data or when signing employment contracts.
Counterparty may at any time revoke agreement. HIAK AB will then no longer be process existing personal data or obtain new, if it is not required to fulfil obligations by law or business.
HIAK AB, for example, has access to personal data as follows:
• Information provided p direct to company
• Data registered at visit of the company’s website
• Data in public record
• Data given the counterparty hire one of our employees
• Data given in contact with the company, seeking employment, visit us or otherwise contacting us.
Counterparty can contact the company’s Personal Data Responsible and Request Out the personal information that exists or with any other request relating to personal data.
Security
HIAK AB Group has routines and procedures for managing personal data safely. The starting point is that only workers and other persons in the organization who need Privacy Sensitive personal data to perform their duties, shall have access to them.
In the case of sensitive personal data, higher data security applies, which implies an elevated level of protection for individual personal data.
Security systems are developed with individuals’ integrity in focus and protect against intrusion as well as other changes that could endanger the privacy of individual.
HIAK AB working with IT security to ensure that personal data is treated securely and is protected.
We do not transfer personal data in cases other than those expressly stated in this policy.
HIAK AB do not transfer privacy sensitive personal data to third parties unless consent is available or if it is not compelled to comply with statutory and contractual obligations. In cases where the company disclosing privacy-sensitive personal data to third parties, there is a confidentiality agreement between the parties.
