Privacy Policy

Nilar AB, 556790-0815 (“Nilar” or “we” in any form) is committed to protect the personal data and safeguard the privacy of our job applicants, contact persons representing our customers, suppliers and other business partners. For more information about us, see Section 7.

This Privacy Policy describes how Nilar, in its capacity as a data controller, processes personal data in accordance with the General Data Protection Regulation (EU Regulation 2016/679) (hereinafter referred to as the “GDPR“).

1. Categories of personal data, processing purposes and legal bases

We generally collect personal data directly from you. Not providing your personal data may result in disadvantages for you, e.g. you may not be able to receive desirable information about us. However, unless otherwise specified, not providing your personal data will not result in any legal consequences for you. We may also collect personal data from third party sources. 

1.1 Business partners (e.g. customers and suppliers)

If you represent an organization that we do business with, we process personal data in order to facilitate our business relationship with the organization which you represent, i.e. name and contact details such e-mail address, full name, title, telephone number, which organization you represent as well as correspondence between us and you. We also share technical data (which may constitute personal data) as needed for technical purposes, e.g. where our products are integrated in those of our business partners.

Our legal basis for processing of the personal data is our legitimate interests to conduct our business.

We will retain the personal data for as long as we have a business relationship.

1.2 Potential business partners

If you represent an organization that we consider to do business with, we process personal data in order to facilitate our potential business relationship with the organization which you represent, i.e. name and contact details such as name and contact details such e-mail address, full name, title, telephone number. Our legal basis for processing of the personal data is our legitimate interests to conduct our business.

We will retain the data for as long as it may be relevant and up to five (5) years following our latest contact. Where the contacts have led to a business relationship, the personal data will be processed as described in the previous section, Business partners.

1.3 Job applicants

If you apply for a job at Nilar, we process personal data during the application or recruitment process, including name and contact details such as e-mail address, telephone number and other contact information. We may further collect your resume or CV, cover letter, previous work experiences, transcripts or other information to support your application and to facilitate the application or recruitment process. 

Our legal basis for processing of the personal data is to take steps prior to entering an employment contract with you and/or our legitimate interests to conduct recruitments.

We will retain the data for as long as it may be relevant and up to the appropriate statutory limitation period.

1.4 Customer support

In order to provide customer support, we process personal data regarding organizational belonging (if applicable), name, email address, phone number, product ID, location data, correspondence, matter number and information about the relevant enquiry. The correspondence data may be processed for the purposes of communicating with you, record-keeping. Our legal basis for processing personal data is our legitimate interests to conduct our business and communication with the person that has reached out to our customer support.

We may retain the data during the entire expected usage period of the product to be able to provide support. We will otherwise retain the data  during the applicable statutory limitation period following the end of the relevant contractual relationship.

1.5 Product and services development

In order to improve and develop our products and services, we may process personal data collected from our Customer support, such as statistics relating to sources of errors, as necessary.

We may retain the data during the usage period of the respective relevant products. 

1.6 Correspondence with other individuals

Occasionally, we engage in correspondence with individuals in other matters than those accounted for above. This may be the case where individuals have general questions about our services. 

Our legal basis for processing personal data in this respect is our legitimate interests to conduct our business, including to respond to such queries.

We will retain the data for as long as it may be relevant and up to five (5) years following the latest contact.

1.7 Newsletters, press releases and financial reports communication

We process personal data in the form of email addresses, name and company of subscribers to our newsletters, press releases and financial reports. Such personal data may be provided by the data subjects themselves when visiting our web site and subscribing to the desired communication, or when the subscribers otherwise have been in touch with us. We may also collect such data from third party sources. 

Our legal bases for processing personal data in this context is consent or legitimate interests. Where the legal basis is consent, this can be withdrawn at any time. You can also opt-out from future communication in each message.

We will retain the data until you opt-out or withdraw your consent or for five (5) years following your latest activity.

1.8 Handling Data Subject rights

We will process email address, name, correspondence and data associated with the request. 

Our legal basis for processing personal data is compliance with a legal obligation. 

The data will be retained as long as it may be relevant and for a maximum during the applicable statutory limitation period.

2. Retention

Your personal data will be retained as long as necessary to provide products, services or engaging in communication. In addition to retention for the foregoing purposes, we may also retain your personal data in order to comply with applicable laws, such as bookkeeping laws, or if we need your personal data to establish, exercise or defend legal claims. Where the data is only stored, it will be archived with highly limited access rights.

3. Who do we share your personal data with?

Nilar may engage external service providers, who act as data processors of Nilar, to provide certain services to Nilar, such as website service providers, marketing service providers or IT support service providers. When providing such services, the external service providers may have access to and/or may process your personal data. We request those external service providers to implement and apply security safeguards to ensure the privacy and security of your personal data. Your personal data may also be shared with our business partners for technical purposes and marketing purposes, to the extent permitted by applicable law. 

In addition to the foregoing, Nilar may transfer – in compliance with applicable data protection law – personal data to law enforcement agencies, governmental authorities, legal counsels, external consultants, or business partners. In case of a corporate merger or acquisition, personal data may be transferred to the third parties involved in the merger or acquisition, including potential buyers, investors and professional advisers.

4. International transfers of Personal Data

Personal Data may be transferred to and processed by recipients which are located inside or outside the European Economic Area (“EEA”). The countries include those listed at the European Commission website which provide an adequate level of data protection from a European data protection law perspective. Other recipients might be located in other countries which do not adduce an adequate level of protection from a European data protection law perspective. Nilar will take all necessary measures to ensure that transfers out of the EEA are adequately protected as required by applicable data protection law. With respect to transfers to countries not providing an adequate level of data protection, we base the transfer on appropriate safeguards, such as standard data protection clauses adopted by the European Commission or by a supervisory authority, approved code of conducts together with binding and enforceable commitments of the recipient, or approved certification mechanisms together with binding and enforceable commitments of the recipient. You can ask for a copy of the such appropriate safeguards by contacting us as set out below in Section 8.

5. Data subjects’ rights

You have a number of rights in connection with the processing of your personal data, subject to certain conditions set out in the GDPR and local data protection laws, including the right to:

  1. Request access to your personal data (“data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
  2. Request the rectification of the personal data that we process about you. This enables you to have incomplete or inaccurate data we hold about you corrected.
  3. Request the deletion of your personal data. This enables you to ask us to delete or remove personal data where there is no overriding reason for us to retain it.
  4. Ask us to stop processing personal data where we are relying on a legitimate interest and there is something about your particular situation which makes you want to object to processing on this ground.
  5. Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it.
  6. Request the transfer of your personal data to another party.

If you have given your consent for processing of your personal data and that consent has served as a legal basis for processing, you can withdraw this consent at any time with future effect by contacting us as stated in the Contact us section below.

To exercise your rights please contact us as stated below in Section 7.

In case of complaints you may contact us as set out in Section 7 and you also have the right to lodge a complaint with the competent data protection supervisory authority in particular in the EU Member State of your habitual residence, place of work or of an alleged breach of the GDPR. In Sweden, this is Integritetsskyddsmyndigheten, www.imy.se. 

6. Changes to the Privacy Policy

Nilar reserves the right to change this Privacy Policy at any time. We will give you reasonable notice of any changes to the Privacy Policy, where appropriate. If so, we will notify you by a message or by email. We also encourage you to visit this Privacy Policy now and then. You will find the date of the latest change to the Privacy Policy on this website.

7. Contact information

This website is owned and operated by the company Nilar AB, Stockholmsvägen 116B, 187 30 Täby, Sweden. 

If you have concerns or questions regarding this Privacy Policy, please contact us by email at marketing@nilar.com.

 

Last updated: 2021-03-24