Last changed: 2024-05-28
Axians AB, reg.no. 556590-7069 (”Axians”, ”we”, ”our” or ”us”) respects and protects your privacy. This privacy notice (”Privacy Notice”) aims to describe how Axians as a data controller processes your personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and other applicable privacy legislation. It also describes what rights you have under the GDPR and how you can enforce them.
1 To whom does this Privacy Notice apply?
This Privacy Notice applies when Axians, as a data controller, processes personal data pertaining to you who visit our website https://www.axians.se/ or contact us by our website, email, telephone, our social media accounts or in any other way.
2 Contact details to data controller
Axians is the data controller for the processing of your personal data as described in this Privacy Notice. As the data controller, we are responsible for ensuring that our processing of your personal data takes place in accordance with the GDPR and other applicable data protection legislation.
If you have any questions about this Privacy Notice, our processing of your personal data or if you wish to exercise any of your rights, please contact us at info.axiansse@axians.com or through the contact details below.
Axians AB, reg.no. 556590-7069
Address: Råsundavägen 4, 169 67 Solna
E-mail: info.axiansse@axians.com
3 How do we collect your personal data?
We process personal data provided by you when you contact us by, for example, our website, email, telephone, or our social media accounts.
When you visit and interact with our website, we may collect data such as information about a unique identifier or an ad click that brought you to our website from your device. We collect this personal data from your device through the use of cookies, server logs, pixels and similar technologies (”Cookies”).
4 Our processing of personal data
In the tables below, you will find a summary with information about why we process your personal data, the categories of personal data processed for the stated purpose, how long we process your personal data and the legal basis on which we base the processing. If we base the processing on a legitimate interest as a legal basis, we have also stated what the legitimate interest is.
4.1 To be able to communicate with you |
||
Purpose of processing: We process your personal data to answer your questions or otherwise communicate with you who contact us by our website, e-mail, telephone, our social media accounts or in any other way. |
Categories of personal data:
First and last name Employer/company name Phone number and email address Your correspondence with us Any other information you might have provided |
Retention period: Your personal data is processed for up to twelve (12) months, unless circumstances clearly require otherwise and we need to keep your personal data for a longer period of time to follow up on correspondence. For example, we may process your personal data for a longer period of time if there is an ongoing case that has not been closed or if we need to save your personal data for any other purpose stated in this Privacy Notice. |
4.2 To track website conversions |
||
Purpose of processing:
We process your personal data to track website conversions. We track website conversions to learn which of our ads are best at driving valuable customer activity and to make better informed decisions about our ad spend. |
Categories of personal data:
Information about your interaction with an ad Unique identifier, i.e., a string of characters that can be used to uniquely identify your browser, app, or device Ad click that brought you to our website |
Retention period:
Your personal data is processed and deleted after you close your web browser. |
Legal basis: Consent. We process your personal data for the stated purpose based on your consent. |
4.3 To send direct marketing by email |
||
Purpose of processing:
We process your personal data to send direct marketing to you in your professional role by e-mail to provide you with information and to send you invitations to events and seminars organized by Axians. |
Categories of personal data:
First and last name Employer/company name E-mail address |
Retention period:
Your personal data is processed for two (2) years from the time you provided your consent. If you have renewed your consent, the retention period will be extended by another two (2) years. This requires that you have not withdrawn your consent or objected to the processing for direct marketing purposes. |
Legal basis: Consent. We process your personal data for the stated purpose based on your consent. |
4.4 To defend our interests in the event of a dispute |
||
Purpose of processing:
We may need to process your personal data in order to defend our interests in the event of a dispute, such as to establish, exercise or defend legal claims, e.g., in the event of a payment dispute. |
Categories of personal data:
First and last name Employer/company name Phone number and email address Any other information you might have provided |
Retention period:
Your personal data is retained for as long as it is needed to establish, exercise, and defend our interests in the event of a dispute. For example, during the time that the dispute is ongoing, before it is finally settled. |
Legal basis: Legitimate interest. We process your personal data based on our legitimate interest to establish, exercise or defend legal claims, which we consider outweighs your right not to have your personal data processed for this purpose. |
4.5 To enable the restructuring, sale or liquidation of Axians or our assets |
||
Purpose of processing:
If Axians is to be restructured (e.g., split into several different businesses) or if a third party wishes to acquire Axians or our customer database, Axians may disclose your personal data to the acquiring Company. This may also occur in the event of a merger or if Axians is liquidated or goes bankrupt. In such cases, the acquiring company will continue to process your personal data for the same purposes as stated in this Privacy Notice, unless you receive other information in connection with the transfer. To enable a restructuring, sale or liquidation, personal data may also be shared with other companies as part of the process. In such cases, the companies have undertaken to observe confidentiality. |
Categories of personal data:
First and last name Employer/company name Phone number and email address Any other information you might have provided |
Retention period:
If Axians ceases to exist, e.g., through a merger, division, liquidation or bankruptcy, or if Axians customer database is transferred to an acquiring company, we will delete your personal data as long as the retention of such personal data is not required by law. |
Legal basis: Legitimate interest. We process your personal data based on our legitimate interest to enable the restructuring, sale or liquidation of Axians or our assets, which we consider outweighs your right not to have your personal data processed for this purpose. However, this presupposes that the acquiring company carries on similar activities as Axians. |
4.6 To help us understand which businesses are visiting our website |
||
Purpose of processing:
Our website uses the technologies of Dealfront (Liidio Oy as part of Dealfront Group GmbH) to analyze visitor behavior. This processing has the purpose of helping us understand which businesses (B2B) are visiting our site, by enriching IPs with associated information such as the company name or industry code. To do this, at the beginning of the visitor’s session, their IP address and corresponding session data is matched against a large whitelist of known companies. |
Categories of personal data:
In this process, the IP address of a visitor is processed |
Retention period:
The data will be deleted as soon as it is no longer required for its intended purposes. Statutory retention obligations can lead to a longer retention period of the data in question. |
Legal basis: Consent. We process your personal data for the stated purpose based on your consent. |
5 Legitimate interest
When Axians has stated ”legitimate interest” as the legal basis in the section above, it means that we have assessed that we or a third party have a legitimate interest in the processing being carried out (you will also find information about what the identified legitimate interest is in the section above). In addition to identifying the legitimate interest, we have also weighed this interest against your interests or fundamental rights and freedoms that require the protection of personal data. We can only base the processing of your personal data on a legitimate interest as a legal basis if we have carried out a balancing of interest and concluded that our or a third party’s interests outweigh your interests or fundamental rights and freedoms.
If we process your personal data on the basis of a legitimate interest, you can contact us through the contact details provided in section 2 to obtain further information about the performed balancing of interest, through a so-called legitimate interest assessment. Please note that the assessments are general (e.g., based on an average individual in the relevant category) and that no individual assessment has been made.
6 Automated decision-making
We do not use automated processes to make decisions that significantly affect you.
7 How long we retain your personal data
We will only retain your personal data for as long as it is needed for the purposes for which we collected the personal data and as described in this Privacy Notice. When we no longer need your personal data, we will remove it from our systems, databases, and backups unless we have a legal obligation to save your personal data for a longer period. More specific retention periods are provided in the tables above under section 4.
8 With whom do we share your personal data?
Axians may disclose your personal data to the categories of recipients listed below. For a detailed list of the recipients to which we have disclosed your personal data, please contact us through the contact details provided in section 2.
8.1 Data processors
Axians may engage other companies to process your personal data on our behalf as data processors. Such companies may only process your personal data in accordance with our instructions. We enter into data processing agreements with these companies and ensure a high level of protection to safeguard your personal data. We use the following types of data processors:
- IT and system suppliers – Axians may share your personal data with IT and system suppliers to manage necessary operation, technical support and maintenance of our IT services.
- Marketing and communications agencies – Axians may share your personal data with marketing and communications agencies engaged to assist Axians with marketing communications to customers and potential customers.
- Accounting firm – Axians may share personal data contained in invoices and accounting information with our accounting firm, which has been engaged to enable Axians to fulfill its obligations under the Accounting Act.
8.2 Independent data controller
The Axians may share personal data with parties who are independent data controllers, which means that the party independently determines the purposes for which the personal data will be processed and how the processing will be carried out (i.e., the means for the data processing). When sharing personal data with these parties, they have an obligation to inform you about their processing of your personal data. Hence, their respective privacy notice applies to their processing.
- Authorities and the judiciary – in some cases, we may need to disclose your personal data to courts and law enforcement authorities (e.g., the police authority) in accordance with law or in the context of court proceedings. Additionally, we may also need to disclose personal data to other parties in court proceedings or similar. Such disclosure is based on a legitimate interest as a legal basis or to fulfill a legal obligation under law.
- External advisors – we may share your personal data with external advisors, such as audit firms or law firms, in accordance with law or to obtain advice. These advisors usually act as independent data controllers, and a disclosure is usually based on a legitimate interest as a legal basis.
- Acquiring company – if Axians is to be restructured (e.g., split into several different businesses), or if a third party wishes to acquire Axians or our customer database, Axians will disclose your personal data to the acquiring company. This may also occur in the event of a merger or if Axians is liquidated or goes bankrupt. In such cases, the acquiring company will continue to use your personal data for the same purposes as stated in this Privacy Notice, unless you receive other information in connection with the transfer. However, this presupposes that the acquiring company carries out similar activities as Axians. In order to enable a restructuring, sale or liquidation, personal data may also be shared with other companies as part of the process. In such cases, the companies have undertaken to observe confidentiality. This is described in more detail in sections 5.
- Social media – if you contact Axians through our corporate social media accounts, the social media platforms will process your personal data in accordance with their respective privacy notice as an independent data controller.
- Google – we share your personal data with Google to be able to track website conversions. Disclosure of personal data to Google is based on consent as a legal basis. Google will process your personal data in accordance with its own privacy notice as an independent data controller.
9 Where do we process your personal data?
Axians strives to process your personal data within the EU/EEA. In certain circumstances, we may need to transfer your personal data to a country outside the EU/EEA (”Third Country”), as set out below.
We transfer your personal data to recipients in the United States that have certified their participation in the EU-US Data Privacy Framework with the US Department of Commerce and thereby subject to the EU Commission’s adequacy decision. This means that the EU Commission has assessed that the level of data protection in this country is essentially equivalent to the level of protection within the EU/EEA and it is therefore possible to transfer personal data to such country without additional safeguards.
10 Your rights
10.1 Our responsibility for your rights
Axians is responsible, in its capacity as data controller, for ensuring that your personal data is processed in accordance with applicable data protection legislation and that you can effectively exercise your rights under the GDPR. You can find more information about your rights in the sections below and at the Swedish Authority for Privacy Protection (IMY’s) website, available here. In order to exercise your rights, you may contact us at any time through the contact details provided under section 2 in this Privacy Notice. Please do not forget to specify the right to which the request relates.
Time limits
Axians is obliged to respond to your request to exercise your rights within one month of receiving your request and to inform you of the action taken. In the event that a request is complex or if we have received a large number of requests, we are entitled to extend the time limit by two additional months (i.e., in total no later than three months from receipt of the request). We will notify you of such an extension including the reason for the extension within one month. If we do not take any action in response to your request, we are obliged to notify you within one month of receipt of your request: (i) that the action has not been taken; (ii) the reason for this; and (iii) inform you of your right to lodge a complaint with the supervisory authority and seek judicial redress.
As a general rule, it is free of charge
All information, communication and actions we carry out are free of charge for you. If requests related to your rights are manifestly unfounded or unreasonable, we have the right to either charge a reasonable administrative fee for providing the information or carrying out the requested action. We may also refuse to comply with your request.
We may need to identify you
If we have reasonable grounds to doubt the identity of the applicant, we may request additional information necessary to confirm your identity. We will not collect more personal data than necessary.
10.2 Your rights of access, rectification, erasure and restriction
According to the GDPR, you have certain rights in relation to the data we process about you, which are described below. Some of these rights apply under certain conditions, which you can read more about below. You have the right to request the following rights.
- Access to your personal data. In order for you to check whether processing of your personal data is taking place and whether the processing is lawful, you have the right to request access to your personal data. This means that you have the right to receive confirmation of whether we process your personal data and, if so, receive a copy of the personal data we are processing about you, free of charge. If you are only interested in a certain category of personal data or data processed for a specific purpose (for example, direct marketing), please indicate this in your request. In connection with the access request, you will also receive information about the processing, such as the reason why we process your personal data (i.e., the purpose of the processing), the envisaged period for which the personal data will be stored (if possible), to whom the personal data have been or will be disclosed, etc. For any additional copies you request, we are entitled to charge a reasonable administration fee to cover our administrative costs. If you make a request in electronic format, such as by e-mail, we will provide you with the information in a commonly used electronic format, unless you request otherwise.
- Rectification or completion of your personal data. If we process personal data that is inaccurate, you have the right to request rectification. We will also, on our own initiative, rectify or erase information that we discover to be inaccurate. You also have the right to complete any incomplete personal data by providing a supplementary statement.
- Erasure of your personal data. In some cases, you have the right to have your personal data deleted. This applies in the event that:
- the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
- we process your personal data on the basis of your consent and you withdraw the consent, provided that there is no other legal basis for the processing of the personal data;
- we process your data for direct marketing purposes and you object to this processing;
- you object to our processing of your personal data that takes place based on the legal basis legitimate interest or a public interest, and we have no compelling legitimate grounds for the processing which override your interests, rights and freedoms;
- we have processed the personal data unlawfully; or
- we have a legal obligation to delete the personal data.
There are exceptions to the right to erasure. For example, there may be requirements in law or other compelling reasons that prevent us from deleting your personal data. A strong reason may be, for example, to establish, exercise or defend Axians against legal claims. We may also be prevented from deleting your personal data due to archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes.
- Restriction of processing. This means that we temporarily restrict the processing of your personal data so that they are only processed for certain limited purposes. We will inform you before the restriction of processing ends. You have the right to request restriction when:
- you consider your data to be inaccurate and you have requested rectification as defined in section 10.2 b), while we establish the accuracy of the personal data;
- the processing is unlawful, and you do not want the personal data to be erased;
- we, as the data controller, no longer need to process your personal data for the purposes of the processing, but you need them to be able to establish, exercise or defend a legal claim; or
- you have objected to the processing as set out in section 10.3, while pending verification of whether our legitimate grounds override yours.
We will take all reasonable measures possible to notify all recipients of your personal data as set out in section 8 above if we have rectified, erased or restricted access to your personal data after you have requested us to do so, provided that it is not impossible or if it would involve a disproportionate effort. At your request, we will inform you about who we have disclosed personal data to.
10.3 Your right to object to our processing of your personal data
You have the right to object to our processing of your personal data if we base the processing on a legitimate interest as a legal basis (see section 4 above). When you object, you must provide reasons for your objection that are related to your specific situation. If you object to a processing, we will only continue the processing if we have compelling legitimate grounds to continue the processing which override your specific reasons, interests, rights and freedoms or if the processing is necessary to establish, exercise or defend legal claims.
10.4 Your right to object to direct marketing including profiling
If you do not want us to process your personal data for direct marketing purposes, which include profiling, you always have the right to object to such processing (including profiling) by contacting us. Once we have received your objection, we will cease to process your personal data for this purpose. If you receive marketing communications from us by e-mail or text message, you can also click on our unsubscribe link at the bottom of each e-mail and text message.
10.5 Your right to withdraw your consent
If we process your personal data based on your consent as a legal basis (see section 4 above), you have the right to withdraw your consent at any time by contacting us. We are then not entitled to continue the processing of your personal data if there is no other legal basis for the processing. You will find our contact details in section 2 of this Privacy Notice.
If you wish to withdraw a consent that you have given to us in order to receive our direct marketing by email or SMS, you can choose between contacting us to withdraw your consent or clicking on our unsubscribe link which you will find at the bottom of each email.
If you have given your consent to the placement of Cookies on our website, https://www.axians.se/, you can withdraw your consent by [clicking on the icon in the bottom left corner of our website and then clicking on ”refuse; Neka alla”].
10.6 Your right to data portability
You have the right to data portability when we process your personal data by, for example, automated means and when the legal basis for the processing is your consent or performance of a contract. Your right to data portability means that you have the right to receive the personal data that you have provided to us in a structured, commonly used, and machine-readable format and to transfer this personal data to another data controller. You may also request that we transfer the personal data directly to another data controller, provided that such direct transfer is technically possible.
10.7 Your right to lodge a complaint with the relevant supervisory authority
You always have the right to lodge a complaint with the relevant supervisory authority if you believe that our processing of your personal data violates the GDPR. This is particularly the case in the member state where you have your habitual residence, place of work or where the infringement was committed. The supervisory authority in Sweden is the Swedish Authority for Privacy Protection (IMY). You can contact IMY through the e-mail address imy@imy.se or through the contact details provided on IMY’s website, available here.
11 We protect your personal data
Our mission is that you feel comfortable when we process your personal data. We have therefore implemented both technical and organizational security measures, including access restrictions and regular internal controls, to protect your personal data against, for example, unauthorized access, alteration, or loss. In the event of a personal data breach that could significantly affect you or your personal data, such as the risk of fraud or identity theft, we will contact you to explain what has happened and advise you on how to reduce the risk of potentially harmful effects.
12 Cookies and similar technologies
We use Cookies on our website and in our services to, among other things, improve your experience with us and adapt our services to your needs and preferences. Our Cookie Policy explains in more detail how we use Cookies and what choices you can make about our Cookies. Please see our Cookie Policy (https://www.axians.se/cookie-policy/) for more information.
13 Changes to this Privacy Notice
Axians may change this Privacy Notice. In the event of a change, you will receive clear information about the change and what it means for you within a reasonable time before the amended version becomes effective. This applies provided that the change is not merely linguistic or editorial but involves a fundamental change in the processing itself, or if the change is not a fundamental change but we consider it to be relevant and to affect you. If a change in the processing of your personal data requires that your consent is obtained, you will be notified of this and given the opportunity to provide your consent.
You can always find the latest version of the Privacy Notice on our website and we will always indicate the date of the last update at the top of the Privacy Notice.