Welcome to Nordkap’s page about our processing of personal data This page will help you make a well-informed decision about your relationship with us.
EU’s new General Data Protection Regulation (GDPR) comes into effect on 25 May 2018. This regulation poses stricter requirements for the processing of personal data. The GDPR replaces the Swedish Personal Data Act (PUL), and it affects all companies that collect, process, store and distribute data that can be connected in one way or another to an individual, both structured and unstructured data (such as e-mail).
The difference between the Swedish Personal Data Act and the GDPR can be briefly described as being that companies no longer have the right to own personal data, but rather the data now, and the companies must show what they are using the personal data for.
The data protection regulation applies only to natural persons, no legal entities, whose data is processed within the EU. However the new regulation also applies to legal entities outside the EU who do business in the EU.
We process your personal data for the following purposes, with the support of agreements or a balancing of interests.
For Nordkap to be able to fulfil its agreements with its customers and partners for access to our services; to notify you about current and important system-related events, such as that our service desk will contact you with questions if they have any.
We process your personal data that you share with us when:
We do not share your personal data with any third parties unless this is necessary to deliver our services and fulfil our agreements. You personal data may be shared with parties that process personal data on our behalf, known as “processors”. These processors do not have the right to use the data for any purpose other than performing their assignment to manage the systems below on our behalf.
The company Upsales AB operates and supports Nordkap’s CRM system, where your data are stored.
The company Microsoft manages Nordkap’s IT environment by supplying, maintaining, operating and supporting the company’s IT structure.
The company Oneflow operates and supports Nordkap’s contract system where logs of any reviews and signing of agreements are stored.
The company Zendesk Inc (Privacy shield) operates and supports Nordkap’s service system, where inquiries you may have about Nordkap are stored.
We, our suppliers and our partners only process your personal data within the EU/EEA as a rule.
We never process your personal data for a period longer than allowed according to applicable law, regulation, practice or official decision. Initially we process personal data that we process in order to fulfil our agreement with your employer while this is necessary for us to administer the contractual relationship, exercise our rights and fulfil our obligations to you. However we may save your personal data for a longer period in order to comply with legal requirements or because we have the right to do so according to a balancing of interests.
In accordance with applicable data protection legislation, you have the right to receive information on which personal data about you we process. Under certain circumstances you also have the right to request correction, erasure or limitation of your personal data, or to object to our processing.
If you have any complaints concerning our processing of your personal data, you have the right to lodge a complaint with the Swedish Data Protection Authority or another supervisory authority that supervises processing of personal data by companies.
If you wish to exercise your rights according to the above, or you otherwise wish to contact us due to our processing of your personal data, please contact us by e-mail at email@example.com or by telephone at +46 (8) 649 55 50.