The Data Protection Regulation (GDPR, General Data Protection Regulation 2016/679 / EC) regulates how we may process your personal data. It is important to us that you are aware of how we collect, use and protect your personal information. We have therefore listed below basic privacy principles to clarify this.
Personal data controllers - our basic principles of privacy
Umeå Kommunföretag AB protects your personal privacy and your personal information. We strive for a high level of data protection and comply with applicable laws, industry rules and other related standards that exist to protect the privacy and rights of individuals.
Umeå Kommunföretag AB (Umeå Kommunföretag “we”, “us”) is responsible for the processing of your personal data. We are responsible for your information (eg name, birth data, contact information) and handle them regarding current data protection legislation.
You are welcome to contact us if you have questions about privacy and data protection:
Collection of personal data
When you are in contact with us, you may provide information to us about yourself or your business that is considered to be personal data in accordance with data protection legislation, for example if you:
- Signs agreements with us for services (data collection via e-services; eg web forms).
- Provides personal information in connection with events and fairs etc.
- Provides information about yourself via communication with us in other ways eg; writing / email, phone calls or social media.
Information that we collect in connection with the above activities may, for example, contain:
Your name, social security number, billing address and property address, contact information, all necessary information for invoicing (if applicable) and any additional information you provide to us.
From which sources do we collect your personal information
In addition to personal data that you provide to us, your information may be updated against the population register at the Swedish Tax Agency. This may be necessary to ensure that the information is correct and that agreements can be fulfilled.
What we use your personal information for (purpose / purpose)
In general, we process (eg register and store) the information you have provided to us if it is relevant for us to be able to fulfill, improve and adapt our commitments, products and services or to be able to communicate with you postally or digitally.
Examples of how your personal data may be used (if applicable):
- To process job applications when you have applied for or submitted an expression of interest;
- To register as a customer
- For preparation for or administration of the services that we have entered into an agreement with you for (for example, credit information from credit information companies, business assessment or debt collection management) and activate and perform invoicing
- To secure your identity
- To communicate with you through various channels, including providing customer service; if you report a move-in or submit a request or customer point of view, to send service-related messages, confirmations and updates
- For certain statistics (such as statistics to Statistics Sweden or internal statistics)
Contact us via social media
When you contact us via social media, for example Facebook, information and personal data are always transferred to third parties (ie the company / organization that runs the social media you use).
Unfortunately, we can not regulate this, but are happy to answer your questions on social media. If you do not want third parties to collect the information you send to us, we recommend that you instead contact us by phone 090-16 10 00.
How we handle your social security number
We will only process your social security number when it is clearly justified with regard to the purpose, necessary for secure identification or if there is some other notable reason. We always minimize the use of your social security number as much as possible.
If you have a protected identity or want to remain anonymous
If you want to perform a service that requires login or identification, you can not have a protected identity or be anonymous. As you identify yourself, the system knows it's you. If you have a protected identity, it is better that you contact us in person. We have special security routines for handling protected personal data and therefore it is important that you always state that you have a protected identity when you contact us so that we can ensure that the routines are followed.
If you want to leave a comment or contact us anonymously, you can not provide any personal information (for example in an e-mail) because this information is registered and becomes what we call a public document.
Who can we share your personal information with
Personal data may be handed over to another company within the Umeå Municipal Group or to partners (for example service providers), for example to carry out the assignment requested by the person concerned. This may be necessary in connection with a service being delivered from us. Additional examples are service providers who help us with, for example, IT services (companies that handle the necessary operation, technical support and maintenance of our IT solutions).
Personal data is not regularly provided to companies in countries outside the EU or the EEA. If so, we promise you that we will take all reasonable legal, technical and organizational measures to ensure that your data is processed securely.
Umeå Kommunföretag is covered by the principle of public access and information in public public documents may be disclosed to the person requesting it, unless the information is covered by confidentiality.
Your personal data will not be used for direct marketing purposes (so-called profiling).
Access to your personal information and information
We are always open and transparent about how we process your personal data and if you want to know what information we have about you, you can request access to the information in the form of a register extract. Keep in mind that if we receive a request for access, we may ask for additional information to ensure efficient handling of your request and that the information is provided to the right person. You will receive such an extract from the register within one month after we have received your request. In certain circumstances (such as the number of requests received), this time can be extended to two months (in which case you will be informed within one month).
When you provide information to us, you have the right to receive information that we process your personal information and why we do this. Feel free to contact us if you do not think you have received sufficient information.
Right to data portability: If our right to process personal data is based either on consent or performance of an agreement with you, you have the right to request that the data concerning you and that you have provided to us be transferred to another data controller, so-called data portability. A prerequisite for data portability is that the transfer is technically possible and can take place automatically.
Umeå Kommunföretag uses IT systems to protect the confidentiality, integrity and access to personal data. We take special physical, technical and organizational security measures to protect your personal data against unlawful or unauthorized processing (such as unauthorized use, loss, destruction or damage). Only those persons who actually need to process your personal data in order for us to fulfill our stated purposes have access to them. We continuously adapt our security measures to the continuous technical development in relation to reasonableness and the amount and sensitivity of personal data.
How long do we keep your personal information
We hold your information for as long as necessary to fulfill our contractual obligations to you and in accordance with statutory storage periods for each purpose. These obligations come, for example, from publicity and secrecy legislation, accounting and tax legislation, banking and money laundering legislation and the Archives Act. It may also be that the processing is necessary for us to be able to establish, assert or defend legal claims.
This means, among other things, that we will delete or anonymise your information (so that it can not be linked to you personally or used for other purposes) and other information in our databases when transactions in the agreement are finally settled. This provided that the information is no longer necessary for the purpose for which it was collected or that it is deemed to have a conservation value based on the Archives Act. Information that is necessary to be able to fulfill agreements or other legal grounds may, for example, be collected measured values, information about agreements, invoiced products and services which therefore cannot always be limited or deleted.
Contact us with questions about data protection
Umeå Kommunföretag does everything to ensure that all data we process is correct. Of course, this also applies to all personal information we process. You have the right to correct incomplete, misleading or incorrect information about yourself, request an extract from the register, and to some extent request the deletion or restriction of your personal data. Please note, however, that certain legal obligations may prevent us from deleting all parts of your personal data. To protect your privacy and your personal information, we may require that you identify yourself in connection with our assistance.
According to the data protection legislation, you have the right to submit complaints regarding the processing of your personal data to the Data Inspectorate;
More information on current data protection legislation can be found at www.datainspektionen.se
Personal data controller:
Umeå Kommunföretag AB
City Hall Plan 8
903 28 UMEÅ
Phone: 090-16 10 00