Privacy policy

With this Privacy Policy, Abion AB ("Abion", "we", "our", "us") will explain how we
Process your Personal data and how we ensure that data Processing is conducted responsibly
and in accordance with applicable legislation. Starting May 25th 2018 the General Data
Protection Regulation (GDPR) is applicable within the EU / EEA.[1].

1. General

1.1 At Abion we respect the integrity of our customers and others. We have
adopted this policy as a step towards providing strong protection for the Personal
data we Process. Taking great care to protect and respect your privacy, we strive to
maintain a high level of security in all Processing of Personal data. For that reason,
Abion has taken necessary and appropriate technical and organisational
measures in order to protect your Personal data from improper access, use, change
and deletion.

2. Definitions

2.1 ‘Personal data’ is any information relating to an identified or identifiable natural
person. Such data may for example be name, picture, social security number, e-mail
and home address, IP-address, information regarding skills, education or previous
experience. Although a single piece of data may not be enough to identify you as
an individual, a piece of data can amount to Personal data if it, in combination with
other data, can be linked to you.

2.2 The ‘Controller’ is the natural or legal person, public authority, agency or other body
which determines the purposes and means of the Processing of Personal data, i.e.
why and how Personal data is Processed.

2.3 The ‘Processor’ is an entity that Processes Personal data on behalf of a Controller.

2.4 The ‘sub-Processor’ is a third party Processer engaged by the Processer that
Processes Personal Data pursuant to this Privacy Policy.

2.5 ‘Processing of Personal data’ means, in essence, any operation taken with Personal
data, such as collection, recording, organisation, structuring, storage, adaptation or
alteration, retrieval, consultation, use, disclosure by transmission, dissemination or
otherwise making available, alignment or combination, restriction, erasure or
destruction.

3. Our Processing of your Personal data

3.1 Introduction

Abion Processes data on your behalf. This means that you determine why and
how we Process your Personal data. If you have any questions concerning how your
Personal data is Processed, please contact us using the contact details listed on our
website.

3.2 What Personal data is collected and why?

Abion collects data when you for example use our services, register for our
courses and seminars, subscribe for our newsletter, apply for a job, participate in
surveys or contact us in different types of matters.

Abion collects Personal data which is necessary to administer your customer
relation with us and to provide services in accordance with our mutual agreement.
This typically includes information such as your name, address, email address, and
telephone number, but can also include other information such as IP address. We
may collect Personal data about you from different sources, including;

Information you give us directly

We may collect information from you directly when you provide us with personal
information. The types of information we may collect from you directly include your:
- name;
- social security number;
- address;
- email address;
- telephone number;
- fax number;
- title and workplace;
- Curriculum Vitae;
- photo;
- copy of ID-card;
- signature.

Information collected automatically when you use our websites

We (and third party service providers acting on our behalf) use cookies and other
tools (such as web analytic tools and pixel tags) to automatically collect information
about you when you use Abion’s websites, subject to the terms of this Privacy
Policy and applicable data laws and regulations. The types of data collected
automatically may include:
- information about the type of browser you use;
- user behaviour and interaction data for the web pages you have viewed;
- your IP address;
- the language set in your browser;
- your geolocation (limited to city and country);
- your network provider.

Information we collect from other sources

We may receive personal information about you from other legitimate sources,
including information from commercially available sources, such as public
databases and data aggregators, and information from third parties. The types of
personal information that we may collect from such sources include your:
- name;
- address;
- email address;
- telephone number;
- fax number;
- title and workplace;
- references (in hiring process).

3.3 For what purposes are Personal data Processed?

3.3.1 Abion strive to comply with the applicable laws, rules and regulations
governing privacy and data protection. Where necessary, we will adjust our
Processing of your Personal Data as described in this policy to ensure legal
compliance.

3.3.2 The Personal Data which Abion collects about you will be used:
- to comply with legal requirements or lawful authority requests;
- for administrative and internal business purposes,
- to provide you with products and services as well as to inform you of new
products, services and events;
- to evaluate and improve our offering to, and communication with customers;
- for development of our business and services;
- in data Processing for advertising purposes;
- for statistics.

3.3.3 When evaluating potential new candidates for employment at Abion we will
also collect Personal Data to be used:
- to evaluate the applicants qualifications;
- for profiling in the employment process.

3.4 Legal basis for Processing Personal data

3.4.1 We will always Process your Personal data in accordance with applicable law.

3.4.2 Consent to data Processing

Data can be Processed following consent by the data subject. Before giving
consent, the data subject must be informed in accordance with this Privacy Policy.
The declaration of consent must be obtained in writing or electronically for the
purposes of documentation. In some circumstances, such as telephone
conversations, consent can be given verbally. The granting of consent must be
documented.

3.4.3 Data Processing pursuant to legal authorisation

The Processing of Personal data is also permitted if national legislation requests,
requires or allows this. The type and extent of data Processing must be necessary for
the legally authorised data Processing activity, and must comply with the relevant
statutory provisions.

3.4.4 Data Processing pursuant to legitimate interest

Personal data can also be Processed if it is necessary for a legitimate interest of Abion. Legitimate interests are generally of a legal (e.g. collection of outstanding
receivables) or commercial nature (e.g. avoiding breaches of contract). Personal
data may not be Processed for the purposes of a legitimate interest if, in individual
cases, there is evidence that the interests of the data subject merit protection, and
that this takes precedence. Before data is Processed, it is necessary to determine
whether there are interests that merit protection. For example, Abion may have
deemed that we have a legitimate interest in order to be able to fulfill our obligations
towards you and to administer your client account.

3.4.5 User data and internet

If Personal data is collected, Processed and used on websites or in apps, the data
subjects must be informed of this in a privacy statement and, if applicable,
information about cookies. The privacy statement and any cookie information must
be integrated so that it is easy to identify, directly accessible and consistently
available for the data subjects. If use profiles (tracking) are created to evaluate the
use of websites and apps, the data subjects must always be informed accordingly in
the privacy statement. Personal tracking may only be effected if it is permitted under
national law or upon consent of the data subject. If tracking uses a pseudonym, the
data subject should be given the chance to opt out in the privacy statement. If
websites or apps can access Personal data in an area restricted to registered users,
the identification and authentication of the data subject must offer sufficient
protection during access.

3.4.6 In addition to the purposes specified above, your personal information is Processed
for the overall purpose of administering, managing and, fulfilling our obligations to
you in accordance with our mutual agreement.

3.4.7 In the event that we will Process your Personal data for any purpose other than those
mentioned above, we will inform you.

3.5 For how long is the data stored?

3.5.1 The data we collect about you will be saved for the duration of our business relation
with the customer. We will, however, delete your personal information three (3) year
from when the business relation is terminated.

3.5.2 Please note that certain data must be stored for a longer period of time, even after
a business relationship has been terminated, when this is required by national law.
Such requirements may for example be included in tax or book keeping laws. Please
also note that some domain name registries also require that certain data is stored
for a longer period of time.

3.5.3 No information about you will be saved for longer than is necessary or in a manner
that is inconsistent with law.

4. Disclosing of Personal data

4.1 We are entitled to hire sub-Processors for Processing Personal data on your behalf.
We undertake to inform you regarding our possible plans to hire and/or substitute a
sub-Processor, giving you the opportunity to object to such changes.

If we hire sub-Processors for Processing Personal data on your behalf, we are fully
liable towards you for such sub-Processors’ activities.

4.2 Companies that Process Personal data on our behalf will always enter into a data
Processing agreement with us in order to ensure that a high level of protection of
your Personal data is maintained by our partners. In relation to non-EU/EEA partners,
special safeguards are taken, such as to sign agreements that include standardised
clauses for data transfer adopted by the EU Commission.

4.3 Your Personal data may also be disclosed to third parties when (i) it is required by
law, other statutory or governmental decisions, or (ii) information is provided to
insurance companies, banks or benefit partners as described above.

4.4 We may also disclose Personal data to third parties, such as the police, the tax
authority or any other authority, in the case of a criminal investigation or if we are
otherwise required to provide such information based on law or authority decision.

4.5 Abion will not disclose your personal information to any extent other than
described in this Section 4.

5. Your Rights in Accordance with Applicable Data Protection Legislation

5.1 You are entitled, in accordance with applicable data protection laws, to request
access to the Personal data Processed about you at any time. You also have the
right to have incorrect Personal data about you corrected, to request that we erase
your Personal data, limit our Processing of your Personal data, exercise your right to
data portability, and object to the Processing of your Personal data.

5.2 Where Processing is based on consent you have the right to withdraw your consent
to that Processing at any time.

5.3 In case you would like to exercise any of your rights, please contact us through the
contact details listed below.

5.4 You also have the right to lodge complaints with a supervisory authority at any time
if you believe that your Personal data is Processed in violation of applicable data
protection legislation.

6. Cookies

6.1 We use cookies on this website. A cookie is a small piece of data sent from a
webpage and stored in a user’s web browser, mobile phone, tablet or other device
while the user is browsing that webpage. A cookie can help the webpage provider
to recognize your device the next time you visit that webpage, provide you with
access to certain functions on the webpage and/or register your surf patterns. There
are other technologies such as pixel tags, web bugs, web storage and other similar
files and technologies that may carry the same functions as cookies. We use the term
“cookies” for cookies and all such similar technologies.

We use both persistent cookies and session cookies. Whereas persistent cookies
remain on your computer for a longer period of time, session cookies are
automatically deleted when the browser window is closed.

6.2 We use the following cookies for the purposes set out below:

6.2.1 Functional cookies

We use functional cookies to operate certain functions of the webpage and to
optimise your use of our website, meaning that when you continue to use or come
back to the webpage, the site will be provided as you have previously requested,
e.g. remembering your customisation and preferences of the webpage.

6.2.2 Analytical/performance cookies

These cookies allow us to recognize and count the number of visitors to our website
and to see how visitors move around when they are using it. This helps us to improve
the way our website works, for example, by ensuring that users find what they are
looking for easily. We also use the information for statistical and marketing purposes.

6.2.3 Third party cookies

We may allow our partners to use cookies on the webpage for the same purposes
identified above. We may also use service providers acting on our behalf to use
cookies for the purposes identified above. Currently, we use a web analysis service
and tool provided by a third party that collects data such as your IP address.

6.3 Most web browsers allow you to manage your cookie preferences. You can set your
browser to refuse cookies, or delete certain cookies. In general you should also be
able to manage similar technologies by using your browser’s preferences.
Please note that if you choose to block cookies, the due functioning of this webpage
may be affected.

7. Contact details

7.1 Company contact details

7.1.1 The controller responsible for Processing your information is Abion. If you have
questions about how we Process your personal information or want information and
contact information for the designated responsible person for Personal data, please
feel free to contact us via the following contact information:

gdpr@abion.com

legal@abion.com

+46 31 720 20 00

 


1 Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons
with regard to the Processing of Personal data and on the free movement of such data, and repealing Directive 95/46/EC
(General Data Protection Regulation)