WHY COOKIES?

A cookie is a small text file placed on your device. The information in the text file is used to give you access to different features. It can also be used to track your browsing.

There are two types of cookies. One type uses features that tells what's been updated on the website since the you visited the site last time. Then there are session cookies, this cookie is temporarily stored in your device's memory to, for example, keep track of which language you have chosen.

We use cookies to track traffic. By learning more about our site visitors, we can improve the experience for you.

HOW TO TURN IT OFF

If you do not want to allow the collection of this information, you can turn off the use of cookies in your browser by downloading Google Analytics Opt-out browser plug-in. When you have enabled it, no information is collected.

PROCESSING OF PERSONAL DATA

ANY QUESTIONS?

If you have any questions concerning the processing of personal data described below, please get in touch with your contact at Vinngroup or its subsidiary.

VINNGROUP AND PERSONAL PRIVACY

Personal privacy is important to us at Vinngroup and we are responsible for the personal information that our customers, suppliers, employees and others provide us with. This privacy policy describes how Vinngroup processes, stores and manages personal data. Vinngroup or its subsidiary is responsible for your personal data being processed in a lawful way.

• Privacy policy
• Who does this privacy policy apply to?
• Why do we collect personal data?
• How Vinngroup and its subsidiaries protect your data
• How we collect your personal data
• Examples of data that we process
• What we use your data for
• Who can see your personal data
• How long do we store your personal data?
• Your rights

PRIVACY POLICY

WHO DOES THIS PRIVACY POLICY APPLY TO?

This policy applies to employees, customers, suppliers, those attending events or training, consultants, partners and visitors. It also applies to the use of our services. Personal data is information that individually or in combination with other services can be used to identify a living natural person. For example, this might be a name, address, email address, photo or telephone number.

WHY DO WE COLLECT PERSONAL DATA?

Our main purpose in collecting the personal data is to be able to fulfil the commitments that we have to our customers, but we also collect data from individuals who are not currently customers of ours who attend our events or visit us for some reason. As data controller, Vinngroup is responsible for your personal data being processed securely and in accordance with current legislation.

HOW VINNGROUP PROTECTS YOUR DATA

Vinngroup protects your personal data through a combination of technical and organisational solutions. Access systems are required on all computers and phones that process personal data. Personal data in hard copy files, folders etc. is stored in locked cabinets.

HOW WE COLLECT YOUR PERSONAL DATA

We collect personal data from our customers, suppliers and employees, and from individuals who attend events. When you go to an event or otherwise pass on your personal data to us we ask you to consent to the processing of your personal data.

EXAMPLES OF DATA THAT WE PROCESS

Such data might be a name, email address, telephone number, postal address or other information that you have provided and that is required for us to be able to fulfil our commitments to you.

WHAT WE USE YOUR DATA FOR

Vinngroup has the right to process the personal data that we need to fulfil our commitments to you. Alternatively, we may process your data if you have given your consent. We may also need to process your data because of legal or regulatory requirements. In certain cases Vinngroup may need your consent in order to be allowed to process your data. In these cases you will receive clear, unambiguous information concerning what it is that you are consenting to. We may use your data for the following purposes, among others:

To provide you with a good service:

• When you attend events and training

To provide you with relevant information:

• Mailings in the form of invitations to events at one of our companies
• Mailings of information from Vinngroup or its subsidiaries

WHO CAN SEE YOUR PERSONAL DATA

Your personal data is used by Vinngroup and the companies that act as data processors for Vinngroup. We do not pass on your personal data to any other companies unless we are obliged to do so by law, regulation or a decision by an authority, or to safeguard our rights or the rights of third parties. We never sell your personal data or share or exchange it with third parties for marketing purposes. Data is only passed on to third parties (companies) if this is necessary in order to provide a service.

HOW LONG DO WE STORE YOUR PERSONAL DATA?

We process different categories of personal data for different purposes, and the legal basis for this may also vary. Consequently, the storage periods vary depending on the purpose for which your personal data is processed.

YOUR RIGHTS

As a data subject of Vinngroup, you have the following rights:

• You have the right to find out which personal data has been collected about you
• You have the right to request rectification if we have recorded incorrect information about you
• You have the right to be erased from our systems in the following circumstances:
• if the data is no longer required for the purpose for which it was originally intended
• if the data has been saved with your consent, you may withdraw your consent at any time
• if the personal data has been processed incorrectly The right to be erased does not apply if we are obliged by law to retain the data (for example, by the Bookkeeping Act).

WANT TO KNOW MORE?

If you have any questions concerning the processing of personal data described above, please get in touch with your contact at Vinngroup or one of its subsidiaries by email or phone.

EMAIL POLICY

This policy regulates how we at Vinngroup use our email.

How we are to work

We will restrict the communication that takes place by email and will not send unnecessary personal data. We will avoid emailing sensitive personal data such as data concerning health and civil registration numbers. We will not use the email server as storage space, but instead will store the data on a separate secure server and then delete the email. At latest six months after an employee has left the company their email will be deleted. Employees must not store their emails containing personal information for more than 10 years.

Our aim

The aim of the policy is to safeguard personal privacy by processing personal data securely and correctly in accordance with the EU General Data Protection Regulation (GDPR) and other data protection rules. This means that privacy-sensitive data is not to be sent by email.

Why have a policy?

We need to have a policy to protect the privacy of the data subjects. The GDPR demands that personal data is not processed unnecessarily and that it is erased when it is no longer relevant. The GDPR also requires that personal data is processed only to the extent necessary and that no more data than necessary is used or stored for a period longer than necessary. The data subject has the right to object to the processing and may ask to see the personal data stored at any time. This data must then be able to be erased easily if the data subject so requests.

What is personal data?

Personal data means any information that can be linked to a living natural person, either directly or indirectly when combined with other data. Names, telephone numbers, images and IP addresses can be personal data. Bookings, behaviours and orders can also be personal data if, when combined with other data, they can be linked to a living natural person. Actions taken involving personal data are classed as personal data processing, for example storage, collection, editing, erasure and dissemination. All dealings involving email are considered to be processing of personal data.

If you have any questions please contact Vinngroup, corporate reg. no. 556768-8345, tel. +46 (0)708 53 62 75