How and why does Swedish Berries collect personal data?
Swedish Berries collects personal data when carrying out its work. In most cases it relates to data that she requests from the person concerned or that the person concerned provides on his own. Think of a first telephone conversation between Swedish Berries and a (potential) customer or a situation where a (potential) customer sends an e-mail to Swedish Berries. Swedish Berries will work as carefully as possible when processing personal data. An essential part of that care is transparency. It is important that third parties and those involved understand the way in which personal data are being used and the reasons behind it. That is why this statement has been drawn up.
Who is Swedish Berries exactly?
In many cases, Swedish Berries is responsible for the processing of personal data. She is registered at the Chamber of Commerce under number XXXXXXXXX and established at the XXXXXXXXX in XXXXXXXXX, contactable on phone number XXXXXXXXX and by mail at firstname.lastname@example.org
Does Swedish Berries have a Data Protection Officer?
Swedish Berries did not appoint a Data Protection Officer.
Which personal data does Swedish Berries process and why does she do this?
Swedish Berries processes various types of personal data for various reasons. The data that is processed the most:
- Identification data (name, e-mail address, contact person, phonenumber, Chamber of Commerce number)
- Location data (postal and / or corporate address)
- Financial data (bank account number, payment details)
If you visit Swedish Berries’s website, it also processes other data than indicated above. This can be:
- your IP address, lifestyle, composition of the family, leisure activities and interests and personal characteristics (age category, areas of interest, income category). !!!! This remark only if you use tracking cookies (Analytics e.g.) !!!!
The first main goal of the above data processing is to create an agreement with the customer. That is why Swedish Berries and the customer must be able to communicate with each other. Consider, for example, making an inventory of the wishes of the customer and preparing an offer. The second main goal is to be able to execute the contract. Consider, for example, periodic consultation on progress. The third main goal is to enable invoicing for the work or services, as well as to facilitate payment (and, if necessary, collection). The last main goal is to inform the customer about developments that may be relevant to him or her.
Is Swedish Berries allowed to process those details?
Swedish Berries processes personal data where necessary in order to establish or execute an agreement with a customer and / or a supplier. This is the case, for example, when a quote is requested or when an order is placed. Furthermore, Swedish Berries processes personal data if its own interests justify it. This will be the case if it is reasonably impossible for Swedish Berries to carry out its work without processing this data. Finally, in some cases Swedish Berries also requests permission to use the data. The formal legal grounds for processing are therefore:
- that processing is necessary for the performance of an agreement in which the person a part is, or is made at the request of the person concerned for the conclusion of an agreement.
- that processing is necessary for the representation of the legitimate interests of Swedish Berries (or a third party)
- that the person concerned has given permission for the processing
With regard to legal grounds (ii), it applies in all cases to processing operations that are necessary for Swedish Berries to be able to realize its services. She simply cannot do his work (communicating with the customer, assembling documents, offering support, sending out invoices, etc.) without using the personal data of the customer. The importance that Swedish Berries has in these processing operations is therefore considerable. This is especially true now that there is no possibility for Swedish Berries to achieve its goals without making use of that data. Swedish Berries believes that its importance must be given priority when weighed against the interest of the person concerned. Firstly because she knows from experience that such processing as a rule does not encounter any objections. That is why she can take that as a starting point. Secondly, because Swedish Berries only uses the data that she actually needs to achieve his goal. Thirdly, because the relevant data is not kept any longer than necessary. As a result, Swedish Berries limits the infringement of the rights of the person concerned to the minimum. With regard to category (iii), permission given can be withdrawn at any time without giving any reason. The permission to process data via the website is requested when the website is visited.
Do these personal data end up with others?
In some cases, Swedish Berries will share personal data with parties with which it cooperates. These are so-called 'processors'. Swedish Berries has concluded agreements with those processors. These serve to ensure that those processors (like Swedish Berries herself) handle this information carefully. For example, a processor is obliged under the agreement to ensure proper security, to deal confidentially with those data and to destroy the data.
Swedish Berries does not intend to share personal data with parties other than processors.
At most, she foresees that, in a single case, information will be shared with (another) employee of the customer or with parties that are in direct contact with the customer.
Will the personal data remain in Europe?
This is the context of the European Economic Area (EEA). It consists of the countries of the EU, supplemented by Norway, Liechtenstein and Iceland. All countries that fall outside it are considered a 'third country'. Swedish Berries does not transmit personal data to third countries. The personal data therefore remains in Europe. If in an exceptional case there is still a transfer to a 'third country' then this will only happen to a country of which it has been explicitly established at European level that an appropriate level of personal data is guaranteed there.
How long will these data be kept?
Swedish Berries stores the data collected by her for different time periods, depending on the category of data and the way in which they were collected. The precise terms are included in the register of processing activities that Swedish Berries has drawn up. When setting the applicable terms, Swedish Berries is initially based on statutory (minimum) periods. Think of the statutory duty to keep accounting information. Furthermore, where possible, Swedish Berries has sought to connect to the storage periods included in the Wbp Exemption Decision. For example, with regard to the contact details of the customer, a storage period of up to one year after termination of the relationship between the parties applies. Finally, Swedish Berries was guided by its interests and those of its customers when setting the storage periods. For example, it can be important for both parties that documents in which (further) agreements have been recorded are kept for more than two years. If such documents (such as mail correspondence, for example) contain personal data, they will then also be kept.
What rights do I have?
According to the law, you are a 'person concerned' and those concerned have a number of specifically defined legal rights. You can submit a request to Swedish Berries to view, receive, change or delete your personal data. You can also object to the (further) processing of your data. If Swedish Berries processes your personal data on the grounds of your consent, you can revoke that permission at any time. For all these matters and for other questions, please contact:
Swedish Berries will respond to your message within a month.
If you believe that Swedish Berries is acting in violation of applicable laws and regulations on personal data, you can submit a complaint to the Dutch Data Protection Authority (PO Box 93374, 2509 AJ DEN HAAG).
Is there automated decision-making with Swedish Berries?
No automated decision making take place with Swedish Berries.
What else should I know?
- Swedish Berries does not have an automated system
- Swedish Berries has taken appropriate technical and organizational measures to protect your personal data. A description of this is also included in the processing register. Swedish Berries periodically assesses whether these measures are sufficient.
- From time to time it will be necessary to change this Statement. Swedish Berries has the right to do so. We advise you to occasionally check this Statement for possible changes.
Version 25 May 2018