Privacy Policy

Updated:
December 3, 2021

BACKGROUND 

ChainTraced, 559208-1607 ("Company","we" or "us"), collects and processes Personal Data relating to you as a contact person and/or representative of our customers and suppliers. This informational text specifies which categories of Personal Data we process, and how and why we do this. 

Throughout this informational text, the term "processing" is used, which includes all measures involving Personal Data, including without limitation, collection, handling, storage, sharing, access, use, transfer and deletion of Personal Data. 

"Applicable data protection legislation" means from time-to-time applicable legislation, rules and regulations, including regulations issued by the relevant regulatory authorities, regarding the protection of the fundamental rights and freedoms of natural persons and the right to the protection of their Personal Data in the processing of Personal Data applicable to the relevant case, including regulation (EU) 2016/679 of the European Parliament and of the Councils of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and the free movement of such data, and on the repeal of Directive 95/46/EC (General Data Protection Regulation) (“GDPR”), as well as legislation, rules and regulations complementing GDPR. 

"Personal Data" refers to any information relating to an identifiable or identified natural person. 

WHERE DO WE COLLECT PERSONAL DATA FROM?

We collect Personal Data from:  

  • You, e.g., when we are in contact with you within the framework of our contractual relationship with the company you are representing.
  • The company you represent, e.g., if your employer or client provides certain information regarding you, such as name, position and contact details.  
  • External sources, e.g., from publicly available company registries to verify that you are authorized, among other things, to enter into agreements on behalf of the company (which you represent).  

WHEN AND WHY DO WE PROCESS PERSONAL DATA?


Procurement of suppliers

In connection with the procurement of a new supplier, we process your Personal Data,  

e.g., to collect contact information related to you as a contact person for the supplier prior to a request or a procurement, to collect documentation and to carry out the procurement.  


Manage the contractual relationship with the customer and supplier

The Company will process your Personal Data to administer the relationship with the company's customer/supplier with whom we have entered or plan to enter into a contract with. This includes e.g., communication with you as a contact person and/or representative for the relevant company, billing, managing of order confirmations and complaints, and other actions in relation to the fulfilment of the customer/supplier relationship.


Evaluate and follow up customer and supplier relationships

We process, to the extent necessary, your Personal data to evaluate and follow up our customer and supplier relationships. This is done, among other things, by producing reports and statistics at an aggregated level (e.g., your personal data will be anonymised) in order to evaluate and improve our business.


Managing and responding to legal requirements

In order to deal with and respond to legal claims, e.g., in connection with a dispute or litigation, we must process your Person Data when applicable.


Complying with legal obligations

We process your Personal Data in order to comply with the legal obligations that apply to us, such as accounting requirements and obligations under Applicable data protection legislation.


Manage and protect systems and services

In order to manage and protect our IT-systems and services, e.g., when logging, troubleshooting, backing up, during change and problem management in systems and in connection to any IT incidents, we process your Personal Data if necessary.


TRANSFER AND DISCLOSURE OF PERSONAL DATA

We strive to restrict access to and protect your Personal Data. Only persons who have a specific need in relation to their position within the Company will have access to your Personal Data.

Data processors acting on behalf of the Company

In addition to the processing of Personal Data within the Company's operations, the Company may transfer your Personal Data to external actors such as service providers and partners, e.g. service providers in the IT field. These parties will act as the Company's personal data processors and are contractually obliged to process Personal Data on behalf of and in accordance with the Company's instructions.

Other recipients :

Appropriate safeguards for transfers of Person Data to third countries

If the Company transfers or discloses your Personal Data to recipients in a non-EU/EEA country (third country), the Company will ensure that appropriate safeguards have been taken (such as the European Commission's standard contractual clauses and other necessary measures) to protect the Personal Data.

Under Applicable data protection legislation, you have the right, upon request, to receive a copy of the documentation demonstrating that the necessary safeguards have been taken in order to protect your Personal Data when transferring it to a third country.

If you would like to know more about the processing of your Personal Data and/or if your Personal Data is transferred to a third country, please contact us using the contact details listed at the bottom of this informational text.

SAFETY

We will ensure that access to your Personal Data is adequately protected through the application of appropriate security measures and, depending on the circumstances, considering the latest developments, the cost of implementation and the nature, scope, circumstances, risk and purpose of the processing. In order to maintain this guarantee, we have also implemented appropriate technical, physical and organizational measures to protect your Personal Data against unauthorized or accidental destruction, alteration or disclosure, misuse, damage, theft or loss by accident or unauthorized access.

YOUR RIGHTS

Rights in relation to your Personal Data

In connection with the processing of your Personal Data, you have the right, under certain conditions, to assert the following rights:

Access

You can request confirmation of whether your Personal Data is being processed and, if processed, request access to your Personal Data and additional information such as the purpose of the processing. You also have the right to receive a copy of the Personal Data processed. If the request is made electronically, the information will also be obtained in a widely used electronic format, unless you request otherwise.

Amendment

If you find that the Personal Data related to you is incorrect, incomplete or inaccurate you have the right to have your Personal Data corrected.

Object to special treatment

You may object to the processing of your Personal Data based on a legitimate interest, against the background of the particular situation and to processing for direct marketing purposes. If the Company cannot provide a decisive legitimate reason for continuing the processing that outweighs your interests, or if the processing is not necessary to establish, enforce and defend legitimate claims, then we are obliged to cease processing.

Deletion

You may have your Personal Data deleted under certain circumstances, for example when the Personal Data is no longer needed to achieve the purpose for which the Personal Data was collected.

Restriction of processing

You may ask us to limit the processing of your Personal Data to only the storage of your Personal Data in special circumstances, for example when the processing is illegal, but you do not want your Personal Data deleted.

Withdraw consent

You always have the right to withdraw your consent to the processing of Personal Data to the extent that the processing is based on your consent.

Data Portability

You have the right to request a machine-readable copy of the Personal Data processed based on your consent or when the processing is necessary for the performance of a contract with you, and when Personal Data has been obtained by you (data portability), and to request that the information be transferred to another data controller (if possible).

Complaints to the regulatory authority

You are welcome to contact us with questions or complaints regarding the processing of your Personal Data. However, you also always have the right to lodge a complaint regarding the processing of your Personal Data with the Swedish Authority for Privacy Protection.

CONTACT US

If you have any questions regarding the processing of your Personal Data or if you wish to exercise any of your rights under Applicable data protection legislation, please contact the Company using the contact details below.

The data controller is:

ChainTraced

Wallingatan 12, 111 60

Stockholm, Sweden

E-mail address:

Hello@chaintraced.com