GDPR personal data policy

POLICY

Handling of personal data at IdentSystem AB

This integrity policy at IdentSystem AB describe IdentSystem ABs work to follow the new european General Data Protection regulation (GDPR). This policy show hos IdentSystem AB take care of our rights and obligations to our customers, suppliers and other related persons. The reason for this policy is to make visible how and why IdentSystem Ab handles personal data and how persons we are in contact with can protect their information.

Background
IdentSystem AB handles personal data for different persons at out customer companies with the main purpose of keeping accurate business registry for accounting reasons, inform about news and changes in out product offerings and about IdentSystem AB itself as well as to be able to give existing customers with running installations ongoing service. For this reason we need to keep a register over persons at the customer companies that we need to be able to contact. We also handle personal data so that we can handle incoming requests, send out information in form of newsletters to interested parties and so that we can correct possibly erroneous information. Our ficus is pn the company and not on the individual and we store as little information as possible to be able to carry out the tasks described above. We do not store any personal data that according to GDPR is classified as sensitive. Responsible for question about the personal data is Gert Lundh.

Guide lines
What personal data do we handle?
IdentSystem AB only handles personal data after approval and in order to fulfil our duties according to contracts as well as laws and regulations. The information we collect are those needed t be able to contact a person/persons at existing or potential customer companies, as well as suppliers ad other related persons. Erroneous data will be corrected on request.

How do we collect personal data?
IdentSystem AB use in first hand our own database where we store personal data according to the above section. In this case IdentSystem AB is responsible for the data stored.

Collection of data is mainly conducted through our webpage or through references internally or externally at the customer company. Persons in our database have the right to get their data deleted. We will then no longer handle these personal data, or collect any new under the condition taht they are not needed in order for us to comply with our contractual or legal obligations. In every newsletter will also be included a link where a person directly can unsubscribe to the newsletter – separately from being deleted form our main database.

Are personal data handled in a safe manner?
All personal data are handled in a safe manner. Only IdentSystem AB and the persons within the company tha need to handle the data for their job duties have access to them. All personal data is stored safely locally in our business system and in the few cases where we for example online, or in a newsletter publish a case study, this is always with the knowledge and approval of the customer company in the case study, as well as the individual person(s) if such are mentioned.

When do we hand out personal data?
Personal data os only shared by IdentSystem AB in the case that the person himself has approved of this or in the case its required by our legal or contractual duties.