English
Svenska
Privacy
EXTERNAL PRIVACY POLICY FOR MYCRONIC AB (PUBL)
Privacy is recognized as a fundamental human right and Mycronic AB (publ) (”we”, ”us” and ”our”), company registration number 556351-2374, understands that privacy is important for visitors of the Mycronic website, our customers and our suppliers.
This privacy policy (the “Privacy Policy”) is designed to help you understand how we process personal data in our capacity as a data controller. This Privacy Policy also describes your rights and how to proceed in case you wish to exercise them.
Please note that if you do not provide personal data when requested, access to certain services may be restricted.
Mycronic may make changes to this policy.
1. What personal data does Mycronic process about you and why?
Your ”personal data” means data that allows us to, directly or indirectly, identify you as an individual. This typically includes information such as your name, address, email address, and telephone number, but can also include other information such as IP address.
Below, we explain for what purposes we process your data, what data we process about you, what legal basis we have for the processing and how long we keep your personal data. The information is directed towards job seekers, investors visiting the Mycronic website and visitors to Mycronic’s premises (1.1), customers of Mycronic (1.2) and suppliers of Mycronic (1.3).
In cases where we process your personal data based on a balance of interests, we have assessed that our interest in the processing outweighs your interests and fundamental rights and freedoms. We have described our legitimate interest in this policy. If you want to know more about our assessment of the balancing of interests, you can contact us at dataprivacy@mycronic.com.
As a general rule, Mycronic only processes personal data provided by you. In certain cases, Mycronic may supplement this data with information from third parties for the purpose of evaluating and improving our digital channels and services or if needed for a certain job position (in such case this information will be provided in the specific job ad).
1.1 For job seekers, investors visiting the Mycronic website and visitors to Mycronic’s premises
|
What is the purpose of processing the personal data? |
What data do we process about you? |
|
To handle job applications. |
Name, e-mail address, address, telephone number and data contained in CV and cover letter. |
|
Legal basis: Legitimate interest. Mycronic’s legitimate interest is to administer recruitments. |
|
|
Retention period: The data is retained until the position is filled, or as agreed with the candidate. |
|
|
What is the purpose of processing the personal data? |
What data do we process about you? |
|
To provide you with information about open job positions. |
Name, e-mail address. |
|
Legal basis: Consent. |
|
|
Retention period: The data is retained until the recipient unsubscribes from open job positions or for 12 months. |
|
|
What is the purpose of processing the personal data? |
What data do we process about you? |
|
To comply with the rules on providing information about qualifications according to the Discrimination Act (2008:567). |
Name, e-mail address, address, telephone number and data contained in CV and cover letter. |
|
Legal basis: The processing is necessary to fulfill a legal obligation according to the Discrimination Act. |
|
|
Retention period: The data is stored for two years from the date the position is filled. |
|
|
What is the purpose of processing the personal data? |
What data do we process about you? |
|
To answer your questions regarding our products or services. |
Name, e-mail address, telephone number. |
|
Legal basis: Legitimate interest. Our legitimate interest is to answer questions regarding our products and services. |
|
|
Retention period: The data is stored until your request has been responded to. |
|
|
What is the purpose of processing the personal data? |
What data do we process about you? |
|
To provide you with requested invitations, newsletters and investor related information. |
Name, e-mail address, telephone number. |
|
Legal basis: Consent. |
|
|
Retention period: The data is retained until the recipient unsubscribes from such invitations, newsletters and investor related information. |
|
|
What is the purpose of processing the personal data? |
What data do we process about you? |
|
To provide a secure environment at our premises.
|
Footage from camera surveillance. |
|
Legal basis: Legitimate interest. Mycronic’s legitimate interest is to provide a secure environment at our premises. |
|
|
Retention period: The data is deleted after four days. In the event of a clear suspicion of a crime requiring a longer retention period, the data may be stored for a longer period. |
|
|
What is the purpose of processing the personal data? |
What data do we process about you? |
|
To assert legal claims in connection to crimes committed on our premises. |
Footage from camera surveillance. |
|
Legal basis: Legitimate interest. Mycronic’s legitimate interest is to assert legal claims in connection to crimes committed on our premises. |
|
|
Retention period: The data is deleted after four days. In the event of a clear suspicion of a crime requiring a longer retention period, the data may be stored for a longer period. |
|
1.2. For customers of Mycronic
|
What is the purpose of processing the personal data? |
What data do we process about you? |
|
To provide goods and fulfil the purchase in accordance with the contract, when the customer is a sole trader. |
Name, e-mail address, address, title, telephone number and personal identity numbers. |
|
Legal basis: The processing is necessary for the performance of a contract with you. Personal identity numbers are processed on the basis that it is clearly justified by the importance of secure identification. |
|
|
Retention period: The data is stored for as long as necessary to provide goods in accordance with the contract. |
|
|
What is the purpose of processing the personal data? |
What data do we process about you? |
|
To provide goods and fulfil the purchase in accordance with the contract, when the customer is a legal person. |
Name, e-mail address, address, title and telephone number belonging to the contact person of the customer. |
|
Legal basis: Legitimate interest. Our legitimate interest is to provide goods and fulfil the purchase in accordance with the contract. |
|
|
Retention period: The data is stored for as long as necessary to provide goods in accordance with the contract. |
|
|
What is the purpose of processing the personal data? |
What data do we process about you? |
|
To maintain the business relationship with existing customers. |
Name, e-mail address, title and telephone number. |
|
Legal basis: Legitimate interest. Our legitimate interest is to maintain the relationship with our customers. |
|
|
Retention period: The data is retained during the business relationship and 12 months after the end of the business relationship. |
|
|
What is the purpose of processing the personal data? |
What data do we process about you? |
|
To send direct marketing to you, provided we have an existing customer relationship with you.
|
Name, e-mail address, title and telephone number. |
|
Legal basis: Legitimate interest. Our legitimate interest is to send direct marketing to you. |
|
|
Retention period: During the customer relationship and 12 months after the end of the customer relationship. |
|
|
What is the purpose of processing the personal data? |
What data do we process about you? |
|
To provide customer service. |
Name, e-mail address, title and telephone number. |
|
Legal basis: Legitimate interest. Our legitimate interest is to provide customer service. |
|
|
Retention period: The data is stored during the customer relationship. |
|
|
What is the purpose of processing the personal data? |
What data do we process about you? |
|
Bookkeeping purposes. |
Name, e-mail address, address, title and telephone number. Personal identity numbers may be processed in relation to sole traders. |
|
Legal basis: The processing is necessary to comply with a legal obligation according to the Accounting Act (1999:1078). Personal identity numbers are processed on the basis that it is clearly justified by the importance of secure identification. |
|
|
Retention period: The data is deleted seven years after the invoice is issued. |
|
1.3. For suppliers of Mycronic
|
What is the purpose of processing the personal data? |
What data do we process about you? |
|
To fulfil contracts with the supplier, when the supplier is a sole trader. |
Name, e-mail address, address, title, telephone number and personal identity numbers. |
|
Legal basis: The processing is necessary for the performance of a contract with you. Personal identity numbers are processed on the basis that it is clearly justified by the importance of secure identification. |
|
|
Retention period: The data is retained during the supplier relationship and 12 months after the supplier relationship has ended. |
|
|
What is the purpose of processing the personal data? |
What data do we process about you? |
|
To fulfil contracts with the supplier, when the supplier is a legal person. |
Name, e-mail address, address, title and telephone number belonging to the contact person of the customer. |
|
Legal basis: Legitimate interest. Our legitimate interest is to fulfil contracts with our suppliers. |
|
|
Retention period: The data is retained during the supplier relationship and 12 months after the supplier relationship has ended. |
|
|
What is the purpose of processing the personal data? |
What data do we process about you? |
|
To maintain the business relationship with existing suppliers. |
Name, e-mail address, title and telephone number. |
|
Legal basis: Legitimate interest. Our legitimate interest is to maintain the relationship with our suppliers. |
|
|
Retention period: The data is retained during the business relationship and 12 months after the end of the business relationship. |
|
|
What is the purpose of processing the personal data? |
What data do we process about you? |
|
Bookkeeping purposes. |
Name, e-mail address, address, title and telephone number. Personal identity numbers may be processed in relation to sole traders. |
|
Legal basis: The processing is necessary to comply with a legal obligation according to the Accounting Act (1999:1078). Personal identity numbers are processed on the basis that it is clearly justified by the importance of secure identification. |
|
|
Retention period: The data is deleted seven years after the invoice is issued. |
|
- Cookies
We use cookies on our website. For information on how we use cookies, please refer to our cookie policy.
- Who can access your personal data?
Data processors
Other than as provided in this Privacy Policy, Mycronic will not share personal data you provide with any third party. In cases where it is necessary for Mycronic to carry out our services, we may use external suppliers for services in connection to our digital channels or the services. These suppliers may process personal data.
Third party web applications
The Mycronic website includes social media features that run on our website. These features may collect your IP address, which pages you visit on our website, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by third parties or directly on our website. Our website may also provide hyperlinks to other websites which are provided by other group companies or companies which do not belong to the Mycronic group.
Please note that this Privacy Policy does not apply to these features. Your interactions with these features are governed by their privacy policies and other routines of the companies providing them.
- Is your personal data transferred outside the EU or EEA (third country)?
Mycronic endeavours to keep personal data within the EU/EEA but may engage suppliers located outside of the EU/EEA such as other companies within the Mycronic Group or companies that assist with our technical support and maintenance of our IT services.
Any such data will always be kept to a minimum relevant for the purpose. No matter where your personal data is transferred, Mycronic always take necessary measures to ensure that the security level and processing is in line with GDPR, for example by using the EU Commission’s Standard Clauses.
You can request a copy of the safeguards we have put in place and information on where the personal data has been made available by contacting us at dataprivacy@mycronic.com.
Security
Mycronic takes all appropriate technical and organizational security measures which are necessary to safeguard personal data against unauthorized access, modification, or destruction.
Mycronic has additional measures in place to protect sensitive personal data and personal identity numbers. Sensitive information provided to us on our website and/or transmitted to other websites is protected through the use of encryption.
Your rights
Below is a description of the rights you have regarding our processing of your personal data. To exercise your rights, you are welcome to contact us at dataprivacy@Mycronic.com.
Right to withdraw your consent (Article 7.3 GDPR)
You may withdraw all or part of the consent you have given at any time, with effect from the date of withdrawal.
Right of access by the data subject (Article 15 GDPR)
You have the right to request information about what personal data we process about you and how the data is processed (a so-called register extract). You also have the right to request a copy of the personal data processed by us.
Right to rectification (Article 16 GDPR)
You have the right to have inaccurate data rectified without undue delay and to ask us to complete incomplete data by providing us with accurate data.
Right to erasure (right to be forgotten) and restriction of processing (Articles 17 and 18 GDPR)
You have the right to request the erasure of your personal data at any time, e.g. if the processing is no longer relevant to the purpose for which the data was collected.
You can also request that certain processing of your data be restricted, for example if you object to the accuracy of the data.
Right to data portability (Article 20 GDPR)
Where you have provided your consent or where we base the processing on the performance of a contract with you, you have the right to obtain the personal data concerning you that you have provided to us in a structured, commonly used and machine-readable format and to transmit it to another controller or to obtain our assistance in transmitting it to another controller where technically feasible.
Right to object to processing (Article 21 GDPR)
You have the right to object to the processing of your data based on a balance of interests. If we cannot demonstrate that there are compelling legitimate grounds to continue processing the data, we must cease processing.
Right to lodge a complaint (Article 77 GDPR)
If you have any complaints regarding our processing of your personal data, you have the right to lodge a complaint with the Swedish Authority for Privacy Protection (www.imy.se/en/).
Contact information
If you have any questions regarding our Privacy Policy, want to exercise any of your rights, or have any other question regarding our processing, please contact us at dataprivacy@mycronic.com. If you wish to contact us by post, please send it to:
Postal address:
Mycronic AB
Box 3141
183 03 Täby
Sweden
Phone number: +46 8 638 52 00