Integrity and data protection are important to us at Testpower AB 556920-6310 (hereinafter Testpower). You should feel safe when you provide us with your personal data. We process your personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons regarding the processing of personal data and on the free flow of such data and on the repeal of Directive 95/46/ EC (hereinafter the Data Protection Regulation), and applicable national legislation.
This privacy protection policy applies to everyone who ever comes into contact with Testpower. In this policy, Testpower explains its personal data processing and what rights you have according to current personal data legislation.
Unless otherwise stated, Testpower is responsible for the processing of your personal data. You are always welcome to contact us with any questions regarding this policy or other questions related to data protection.
What is personal data?
Personal data is information that can be directly or indirectly attributed to a living natural person. Examples of such data are social security numbers, personal e-mail addresses, telephone numbers and the like, but even encrypted data can constitute personal data if they can be linked to natural persons. All information that can identify a natural person’s physical, physiological, genetic, psychological, economic, cultural and/or social identity is personal data.
What is a processing of personal data?
Processing refers to any act that is carried out with personal data. This can be anything from collection and storage, to modification, use or deletion. It is irrelevant whether the handling is done manually or automatically.
When do we collect personal data about you?
Information that you yourself provide to us.
We process personal data that your employer provides to us or that you yourself provide to us before entering into an agreement and during the duration of the agreement. Data is collected when you visit our digital channels or when you otherwise contact us by phone or email or when we contact you or your employer for a collaboration.
Information from other sources
In the event that, in order to fulfill our obligations under our agreement, we need to get in touch with you or supplement the personal data we have about you, we may process personal data about you that can be found on public databases, customers’ and suppliers’ websites or social media. This is relevant if we e.g. notice that a contact information you have provided to us is incorrect.
We may also collect personal data from a third party in the event that you have shown an interest in purchasing our products or services and have an agreement with the third party that the third party may refer you as a customer to providers of the services you searching.
Categories of personal data collected from third parties are:
- Identity information: name of contact person.
Contact details: phone number, e-mail.
Why do we process your personal data?
We process your personal data to be able to fulfill our obligations towards you in accordance with our agreement and to be able to conduct our business. We also process your personal data in order to be able to enter into agreements with third parties, where the third parties must be able to access your contact details in order for our cooperation according to our agreement to work.
Mainly, we process your personal data for:
- To be able to carry out our work from an inquiry to support, which includes
all steps in the contract chain; enquiry, quotation, purchase agreement/service agreement as well as
support and warranty matters.
- Marketing of our products and services.
- Support of our services such as new functions or changes in software.
- Follow-up and statistics of sales and sales patterns
We must also process your personal data to fulfill our accounting legal obligations and to protect your or our legal interests.
What legal basis do we have for processing your personal data?
In order to process your personal data, we must have a legal basis for this. We process your personal data on the following grounds:
- As the processing of personal data is necessary for us to be able to fulfill an agreement we have with you or your employer.
- When the processing of personal data is necessary to fulfill a legal obligation, such as our accounting obligation.
- When for marketing reasons we have a legitimate interest in processing your personal data, such as when contacting you to be able to offer you relevant products/services based on your profile or feedback to a previous customer to request continued cooperation.
How long do we save your data?
Your personal information is only processed for as long as is necessary for the purposes for which they were collected – for example, as long as it is required for us to be able to fulfill the obligations, we have due to an agreement with you. We may save the data longer if required by law or to protect our legal interests, e.g. if there is an ongoing legal process.
Your personal data is deleted or anonymized when it is no longer relevant for the purposes for which it was collected. Personal data that is not needed in our day-to-day operations is separated, if limited access is required.
Personal data collected for marketing purposes is deleted no later than two (2) years after collection or no later than two (2) years from the termination of the customer agreement. Accounting information is saved for seven (7) years after the calendar year in which the accounting year ended.
Contact information for people in a customer’s organization or with a subcontractor is saved for 1 year or for the longer period when it is still necessary to save this information due to our agreement. When we have ended a collaboration, we archive the collaboration and the personal data contained in the documents for 1 year.
Who can we share your data with?
We may share your personal data with our partners who will then have access to your contact details.
Our partners are external subcontractors who help us conduct our business and fulfill our contractual obligations towards our customers.
Your personal data may also be shared with other partners, such as service providers who provide customer platforms, cloud services, email services and similar that we need to be able to conduct our business. These service providers are usually our data processors. In the event that data is processed with these collaboration partners when we are not the personal data controller for the data stored with the collaboration partner, you have the right to access information about the collaboration partner before entering into an agreement with us in order to be able to take a position on whether you want to approve the subcontractor or not.
We require our partners to adequately protect your personal data in accordance with this policy and the Data Protection Regulation. We actively work with data minimization and do not share more personal data than is necessary to achieve the purpose of the processing.
We may share your personal data when required because of law or authority regulation with an external third party who is then independently responsible for personal data. The same applies when Testpower must share your personal data with a third party when it is necessary to establish, assert and Testpower’s legal interests.
Where is your data processed?
Your personal data is processed within the EU/EEA. In the event that we use service providers who transfer your personal data to countries outside the EU and EEA, we will take measures to protect your personal data in accordance with applicable legal requirements, for example by requiring guarantees that the provider protects the data in accordance with applicable data protection regulations. If you want to know more about the protective measures we have taken, you can contact us.
Correction and access to your data
When we process your personal data, you have the right at any time to request the correction of incorrect data or change the data you have provided. You also have the right to request a so-called register extract to find out what personal data we have registered about you.
You have the right to object to processing that we carry out on the legal basis balancing of interests, i.e. where we have indicated that we have a legitimate interest in the processing.
Under certain circumstances, you have the right to have your personal data deleted from us. However, this does not apply if, for example, we are obliged by law to preserve the data.
You may also have the right to request that the processing of your personal data be restricted whenever possible. However, if you request such restriction of processing, it may result in us not being able to fulfill our obligations to you during the time that the restriction is in place.
If you yourself want to be able to store and use the personal data we process about you or if you want this personal data to be transferred to another personal data controller, you have the right to access the personal data in a structured, generally used and machine-readable format. This right to transfer only applies to personal data that you yourself have provided to us and that we process based on your consent or on the basis of our agreement.
Right to lodge a complaint
If you are dissatisfied with the way we process your personal data, please contact us at firstname.lastname@example.org
You also have the right to address any complaints to the Swedish Data Protection Authority.
Changes to the privacy protection policy