Personal data policy

Personal data policy

What is personal data and what is personal data processing?

Everything that can be directly or indirectly traced to a natural person who is alive is covered by the concept of personal data. It is not just about names and social security numbers but also about, for example, photos and e-mail addresses.

Processing of personal data is everything that happens with the personal data in the IT systems, regardless of whether it is mobile devices or computers. These include collection, registration, structuring, storage, processing and transfer. In some cases, things that happen outside the IT systems can also be seen as treatment. This applies when it comes to registers.

Personal data manager

For the treatments that take place within the operations of Teknikföretagen, Teknikarbetsgivarnas and Tekniktjänstearbetsgivarna, Teknikföretagen (corp. No. 802016-1140, Box 5510, 114 85 Stockholm), Teknikarbetsgivarna (corp. No. 802003-6938, Box 5510, 114 85 Stockholm) and Tekniktjänstearbetsgivarna (org. no. 802476-9765, Box 5510, 114 85 Stockholm) personal data controller. For certain treatments, such as the member register, we use common systems with the Confederation of Swedish Enterprise. The responsibility between us and the Confederation of Swedish Enterprise is then regulated in an agreement.

What personal information do we collect about you and why?

We mainly process your name, your e-mail address, your telephone number and your position. Sometimes additional information can be processed, for example if you are a member of parliament or a local politician, but only if you yourself can be considered to have published the information. For some services, you can also, but do not have to, specify areas of interest. If you create a user account with us, we will also process your login information.

We process your personal data in order to provide the services and products you have requested (for example, a newsletter or participation in a training). We will also process your personal data to nurture and administer our relationship with you and, where applicable, to administer the agreement with you or with your employer. We may also inform you about our courses, events and other things that we find to be in both your and our interest.

In addition, we may use your personal information to inform you about products and services that we offer and that may be of interest to you. If you are a professional user, we can also inform you about products and services from our member organizations and partners.

If you are a professional user, analysis and processing of the information (including for profiling) that we may take part in as above (such as information in connection with ordering services or products or participation in seminars or activities organized by us) may take place. The purpose is to provide you with more personalized and relevant information.

Teknikföretagen / Teknikarbetsgivarna / Tekniktjänstearbetsgivarna always process your personal data in accordance with applicable legislation. We process your personal data when it is necessary to fulfill an agreement with you or respond to your request for service or when we have another legitimate and legitimate interest in processing your personal data, such as an interest in marketing our services.

If Teknikföretagen / Teknikarbetsgivarna / Tekniktjänstearbetsgivarna were to process your personal data for any purpose that requires your consent, we will obtain your consent in advance. Some personal information may be mandatory to provide, for example in order for us to provide a service or fulfill another request from you. This will then be stated or stated in connection with the data being collected.

Especially about labor law disputes

Teknikarbetsgivarna / Tekniktjänstearbetsgivarna is an employer organization. This means that in negotiations and proceedings in court, etc., we act as representatives of our member companies or as an independent party in labor law disputes. Within the framework of such disputes, we collect contact information regarding persons at member companies, trade union counterparties at central and local level, any other representative for the counterparty, as well as contact information for employees or former employees of the company as well as other persons the dispute may affect. In addition, personal data concerning employees or former employees of member companies that are the subject of the dispute, as well as personal data concerning other persons that may be important in clarifying the circumstances of the case in question. As some of this information is of a sensitive nature, we have signed a collective agreement with our union counterparts that we and they need to handle such personal information in the area of ​​labor law, but that the information must be handled with a duty of confidentiality. We will therefore not disseminate any such information, nor will it be disseminated outside the circle of our employees who represent members in labor disputes. You can read this collective agreement here .

For employees in member companies

For employees in member companies, we may also process personal data in other ways than those mentioned above. This is mainly linked to the employer's membership and applies to various contact persons. Contact information may be needed to manage membership and issues related to it. This may concern, for example, contact persons during negotiations or tasks concerning membership in various working groups.

From what sources do we collect personal data?

The collection of your personal information takes place, for example, when you enter your information in connection with signing up to receive newsletters, participating in seminars and other events, ordering services and / or products from us or contacting us. Even when the company you work for applies for and / or is part of a recruitment campaign, information can be collected about people in leading roles at the company. Sometimes we collect information from third parties.

Who can we share your personal information with?

In some situations, it is necessary for us to hire other parties to be able to perform our work. For example, we use different IT suppliers. They are to be regarded as personal data assistants to us.

Teknikföretagen / Teknikarbetsgivarna / Tekniktjänstearbetsgivarna are responsible for signing agreements with all personal data assistants and providing instructions on how they may process personal data. Of course, we check all personal data assistants to ensure that they can provide sufficient guarantees regarding the security and confidentiality of the personal data.

When personal data assistants are hired, it only happens for the purposes that are compatible with the purposes we ourselves have for the processing.

We also share your personal data with certain other actors who are independently responsible for personal data. This can be about authorities, such as the Swedish Tax Agency, and other member organizations. Some information is also provided for statistical purposes.

When your personal data is shared with an actor who is independently responsible for personal data, that organization's privacy policy and personal data management apply.

We may also disclose personal data to the Confederation of Swedish Enterprise to the extent necessary for collaboration between the organizations to work. Furthermore, we may hire suppliers and partners to perform tasks on our behalf, for example to provide IT services or assist with marketing, analysis or statistics. The performance of these services may mean that these recipients have access to your personal data.

Teknikföretagen / Teknikarbetsgivarna / Tekniktjänstearbetsgivarna may also disclose personal data to third parties, such as the police or another authority, if it concerns the investigation of a crime or if we are otherwise obliged to disclose such information on the basis of law or an official decision.

Where do we process your personal data?

We always strive for your personal data to be processed within the EU / EEA, but sometimes this is not possible.

For certain IT support, the information can be transferred to a country outside the EU / EEA. This applies, for example, if we share your personal data with a personal data assistant who, either himself or through a subcontractor, is established or stores information in a country outside the EU / EEA. As data controllers, we are responsible for taking all reasonable legal, technical and organizational measures to ensure that these processing takes place in accordance with EU / EEA regulations.

When personal data is processed outside the EU / EEA, the level of protection is guaranteed either through a decision by the European Commission that the country in question ensures an adequate level of protection or through the use of so-called appropriate protection measures. This includes "Privacy Shield", the use of "Binding Corporate Rules" and various contract solutions. If you would like further information about these protective measures, please feel free to contact us. Standardized model clauses for data transmission, adopted by the European Commission, are also available on the European Commission's website.

How long do we store your personal information?

We never store your personal information longer than is necessary for each purpose. We have developed cleaning routines to ensure that personal data is not stored longer than is needed for the specific purpose. How long this is varies on the reason for the treatment. Due to legislation, certain information in the accounting needs to be saved for at least seven years, while information on e.g. special diets for participation in events are deleted within a week or so after the event has ended.

What are your rights as a registrant?

As a registered person, you have a number of rights under current legislation. How to proceed to manage your rights, see the section "Managing your rights" below. Below we list the data subject's rights.

Right to register extract (right of access)

If you want to know what personal data we process about you, you can request access to the data. When you submit such a request, we may ask some questions to ensure that your request is handled efficiently. We will also take steps to ensure that the information is requested by and provided to the right person.

Right to rectification

If you discover that something is wrong, you have the right to request that your personal information be corrected. You can also supplement any incomplete personal information.

In some cases, you can make corrections yourself, which we will then inform you about.

Right to delete

You can request that we delete the personal data we process about you, including if:

  • The data are no longer necessary for the purposes for which they are processed.
  • You object to a balance of interests we have made based on our legitimate interest, where your reason for objection outweighs our legitimate interest.
  • Personal data is processed illegally.
  • The personal data has been collected about a child (under 13 years of age) for whom you have parental responsibility
  • If the information has been obtained with the support of your consent and you want to revoke your consent

However, we may have the right to deny your request if there are legal obligations that prevent us from immediately deleting certain personal data. It may also be that the processing is necessary for us to be able to establish, assert or defend legal claims.

If we are prevented from deleting your personal data, we will block the personal data from being used for purposes other than the purpose which means that they cannot be deleted.

Right to restriction

You have the right to request that our processing of your personal data be restricted. If you object that the personal data we process is correct, you can request a limited processing for the time we need to check whether the personal data is correct.

If, and when, we no longer need your personal data for the stated purposes, our routine is normal for the data to be deleted. If you need them to be able to establish, assert or defend legal claims, you can request limited processing of the data from us. This means that you can request that we not clear and delete your information.

If you have objected to a balance of interests of legitimate interest that we have made as a legal basis for a purpose, you can request limited processing for the time we need to check whether our legitimate interests outweigh your interests in having the data deleted.

If the processing has been restricted according to any of the above situations, we may only, in addition to the actual storage, process the data to establish, assert or defend legal claims, to protect someone else's rights or if you have given your consent.

The right to object to a certain type of treatment

You always have a right to object to any processing of personal data based on a balance of interests. You also always have the right to avoid direct marketing.

Right to data portability

As a registered person, you have the right to data portability if our right to process your personal data is based either on your consent or the fulfillment of an agreement with you. A prerequisite for data portability is that the transfer is technically possible and can take place automatically.

Manage your rights

The application for an extract from the register or if you wish to invoke any of your other rights must be in writing and signed by the person to whom the extract relates. We will respond to your requests without undue delay and within 30 days at the latest

How do we handle social security numbers?

As far as possible, we avoid processing social security numbers. In some cases, however, it is justified mainly by the fact that we need a secure identification. With regard to the processing of personal identity numbers in the form of organization numbers for sole proprietorships, this processing is required as long as the company is a member in that the organization number consists of the personal identity number.

How is your personal data protected?

We work actively to ensure that personal data is handled in a secure manner. This applies to both technical and organizational protection measures.

Supervisory authority

The Data Inspectorate (which will soon change its name to the Privacy Protection Authority) is the authority responsible for monitoring the application of data protection legislation. If you believe that we are acting incorrectly, you can contact Datainspektionen, see datainspektionen.se