Privacy Policy

1. Background

This Privacy Policy (the “Privacy Policy“) describes how we MetaSafe Sweden AB obtain and process your personal data. The Privacy Policy also describes your rights in relation to us and how you can assert these rights.
We ask you to carefully read this Privacy Policy before you share any personal data with us.

2. Controller

MetaSafe Sweden AB, corp. reg.no 559102-8666 with address Forskargatan 20J, 151 36 Södertälje, Sweden, is the controller for the processing of your personal data as described in this Privacy Policy.If you have any questions concerning integrity or data protection, please feel free to contact us. The easiest way to do that is to send an e-mail to johanna.haglund@metasafe.se.

3. Who is this Privacy Policy for?

This Privacy Policy addresses how we process personal data regarding

(a) Representatives from our existing and potential contracting parties, such as customers, subcontractors and business partners,

(b) job applicants,

(c) visitors to our website www.metasafe.se

(d) others who interact with us in any way.

Please note that our website is not intended for individuals under the age of 18. We do not intentionally collect personal data from children. If you are the parent or guardian and believe your child has provided us with personal data, please contact us at the address below to request deletion.

In addition to what is stated above, we would like to mention that we may process individual’s pseudonymised personal health data on behalf of our customers as part of a specific research project that we perform for the customer in accordance with what has been approved by the competent authority for such project. In such case, the customer in question is the controller of the processing of your personal data, but you are welcome to contact us if you wish to receive further information of such processing.

4. How do we collect personal data?

 4.1 Information from you

In general, we collect personal data directly or indirectly from you in a variety of ways, such as

(a) when we are engaged or preparing, administering or performing our business,

(b) when we enter into, administer or perform agreements,

(c) when you apply for a job or otherwise announce your interest in working with us,

(d) when we meet at meetings, events, seminars, fairs, etc.,

(e) when you participate and sign up to participate in our events and surveys,

(f) when you visit our facilities or our website,

(g) when you contact us through our website, social medias, by e-mail, letter or phone or face-to-face, or

(h) when you in any other way interact with us.

4.2 Information from other sources

We may also collect personal data from the following sources:

(a) from other companies within our company group,

(b) from other persons connected to the party for which you are a contact person, as well as,

(c) from your references or from any recruitment consultant or other service provider employed in connection with recruitment.

5. What personal data do we process?

 The categories of personal data that we may process about you may be:

(a) Identity information, such as national personal identity number, date of birth, name, initials, signature, etc.

(b) Contact information, both personal and professional, such as postal address, phone number, mobile phone number, e-mail address, principal, employer, job title, job role, workplace, information about contact person, contact details for the principal or employer etc.

(c) Photos that you share with us or photos that we take, such as portraits, photos from events etc.

(d) Billing information, such as billing address, reference person and other billing information, billing history, payment reminders, costs and cost specifications, account information and other payment information, payment history, etc.

(e) Qualification and recruitment information, i.e. information about the applied appointment or appointment of interest, information in any personal letter, CV, resume and submitted credentials and other documents, information provided by references, test values, notes and summaries of interviews and other contacts during the recruitment process, summaries and analyses from any recruitment consultant or other service provider employed in connection with recruitment, certificate of service and testimonials, etc.

(f) Technical information, such as IP address, language settings, browser type, browser settings, time zone, operating system, platform, screen resolution, response time, download error, your geographical location, and related traffic and usage information, such as which links you click and when, the address of the website you arrived from, what marketing information you received and opened.

In addition, we may treat other categories of personal data provided by you or the party for which you are a contact person.

We will only process your national identification number if and to the extent that it is clearly motivated by the purpose of the treatment, the importance of a secure identification or other relevant reason.

6. What do we do with your information?

6.1 The purposes of, legal basis and storage periods for, our processing of your personal data

Below we have compiled our various purposes with our processing of your personal data, the categories of personal data pertaining to the respective process, the legal basis for the processing and how long we store your personal data:

Purpose Personal data Legal basis Storage period
To manage and administer our business relationship to the contracting party you represent and fulfilment of each party’s rights and obligations under the agreement with such contracting party Identity information
Contact information
Photos
Billing InformationOther information that you share with us related to our business contract
Contract During our contractual relationship and thereafter as long as there are any outstanding rights or obligations arising from our contractual relationship.

Thereafter, only necessary information is saved if and to the extent (i) you or a third party can take legal actions against us due to your employment or (ii) we have a legal obligation to save the information.

To inform you of our business, provide proposals and interact with you in a variety of ways, for the purpose of establish, manage, administer, evaluate, and develop our relationship with you and the company you represent (as applicable) Identity information
Contact information
PhotosOther information that you share with us related to our business discussions
Legitimate interest Personal data is kept for such time we consider that the information is necessary to maintain the relationship with you and the company/organization in question that you represent. At longest, personal data will be retained until our company dissolves.
To collect, administer and evaluate your submitted application and perform related recruitment activities and interact with you and your references for this purpose Identity information
Contact information
Photos
Qualification and recruitment informationOther information that you share with us related to your application
Legitimate interest Personal data is kept for as long as necessary for us to assess your application and suitability for employment.
To improve, streamline, simplify and develop our website and attract more visitors and customers Technical information Legitimate interest Personal data is kept only for as long as there is a need to keep the personal data to fulfil the purposes for which the data was collected.
To comply with applicable legislation, such as accounting and tax laws as well as anti-money laundry laws Identity information
Contact informationInformation related to our business relationship with you
Legal obligation During our contractual relationship and thereafter as long as there are outstanding rights or obligations arising from applicable legislation. Necessary accounting information is stored for a period of seven years in order to comply with statutory storage time.

 

6.2 If you choose not to provide certain personal information to us?

You are not required to provide personal information to us except when provided by law. But please note, if you choose not to provide us with certain personal data or limit our right to process your personal data, that may result in that we cannot fully manage our relationship with you, process your job application or fail to meet an agreement we have with you.

6.3 What are our legitimate interests?

As you can see in the list above, we may process your personal information because it is necessary for the purposes of our legitimate interests. Our “legitimate interest” corresponds to the purpose for which we perform each processing based on our interest.

When we process your personal information for our legitimate interests, we perform a balancing test where we make sure to consider and balance any potential impact on you (both positive and negative), and your rights under data protection laws. Our legitimate interests, such as business, commercial and employer interests, do not automatically override your interests. We will not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).

We do not consider that our processing disadvantages you in any way. We use your information only in ways you would understand and reasonably expect, and which have a minimal privacy impact, or where there is a compelling justification for the processing.

You have a right to object to processing that is based on our legitimate interests. If you wish to do so, please send an e-mail to johanna.haglund@metasafe.se.

6.4 How to revoke your consent

We do not process your personal data based on your consent. If we at any point in the future will process your personal data based on your consent (in such case you will be duly informed beforehand), you have a right to revoke your consent to this processing of your personal data at any time. If you would like to make use of this right and revoke your consent, please contact us at Johanna.haglund@metasafe.se. Please note, if you revoke your consent, it does not affect the legality of the processing we have performed based on your consent before it was revoked.

6.5 Cookies

We may, with your consent, use cookies when you use our website www.metasafe.se. We will inform you about what cookies we use from time to time when we collect your consent on our site. More information about cookies can be found in our cookie policy.

7. Sharing or transferring your information

We may disclose your personal information to chosen third parties in accordance with this Privacy Policy. In the event of such sharing or transfer we will take every reasonable legal-, technical- and organizational action in order to make sure that your personal data is handled in a safe manner and that the level of security is adequate. Any third party that process your information on our behalf are bound by processor contracts which includes a provision that such third party shall follow our instructions, take the measures that we find necessary and observe confidentiality.

We may disclose your personal information to any of our consultants, insurers, professional advisers, suppliers, subcontractors, advertisement partners, business partners, customers and companies within our company group insofar as reasonably necessary for the purposes set out in this Privacy Policy. Hence, we might share your personal data when a third party provide us with services such as providing, hosting and maintaining IT systems, accounting, technical support, testing, surveys, etc. on our behalf.

We may also disclose your personal information to the extent that we are required to do so by law or a court order, in connection with any ongoing or prospective legal proceedings, in order to establish, exercise or defend our legal rights, for archival purposes of public interest, scientific or historical research or statistical purposes.

Please note that our website may contain links to other third-party sites, plug-ins, applications or other online services. If you click on a link to a third-party site or other online service, you will be taken to a site or other online service we do not control and that is not governed by this Privacy Policy. We are not responsible for the privacy practices used by third-party sites and other online services. We suggest that you read the privacy policies of those sites and other online services carefully.

8. How do we protect your information?

You should always feel secure when you provide us with your personal data. Therefore, we have taken the suitable legal, technical and organisational precautions to prevent unauthorized access, use, change and deletion of your personal information. All our processing of your personal data is in accordance with current applicable data protection legislation.

9. Where are we processing your information?

It is our objective to process all your personal data within the EU/EEA. In some situations, however, your personal data may be transferred to and processed by a supplier, a subcontractor or another business partner with registered office in a country outside the EU/EEA. All such sharing and processing of information will be in accordance with current applicable data protection legislation, and we will take all reasonable legal, technical and organisational actions to make sure that your personal data will be processed securely and with an adequate level of protection comparable with, and at the same level as, the protection that is provided within the EU/ EEA.

If you have any questions regarding a transfer, please contact us through the contact details provided in this Privacy Policy.

10. Your rights

10.1 Right of access and to information

You have the right to obtain a confirmation from us as to whether or not personal data concerning you are being processed by us, and, where that is the case, you have the right to access that personal data.

We will, free of charge and once per year upon your request, provide a copy of your personal data undergoing processing. If you make the request by electronic means, and unless otherwise requested by you, the information will be provided in a commonly used electronic form.

10.2 Right to rectification

You have the right to obtain from us, the rectification of inaccurate personal data concerning you. Taking into account the purposes of the processing, you also have the right to have incomplete personal data completed.

10.3 Right to erasure (“right to be forgotten”)

You have the right to obtain from us, the erasure of personal data concerning you and we have the obligation to erase your personal data in some situations, for example

(a) if the personal data is no longer necessary in relation to the purposes for which they were collected,

(b) if the processing is based on your consent and you withdraw that consent (and there is no other legal basis for the treatment),

(c) if the processing is based on our legitimate interests and you object to the processing and there are no overriding legitimate grounds for the processing,

(d) if the personal data have been unlawfully processed, or

(e) if the personal data have to be erased for compliance with a legal obligation, etc.

There might be reasons as to why we cannot immediately erase all your personal data. Our continuous processing of your personal data might for example be necessary in order for us to fulfil a legal obligation that requires processing of your personal data, for example bookkeeping and tax legislation, or to establish, exercise or defend a legal claim. In that case we will block the information that could not be immediately erased from use for any other purposes than the ones that hindered the information from being erased immediately.

10.4 Right to restriction of processing

You have the right, under certain conditions, to obtain from us restriction of processing of your personal data. Restriction of processing means that your stored personal data will be marked with the aim of limiting their processing in the future to certain given purposes.

The right to restriction applies for example when you have contested the accuracy of your personal data, for a period enabling us to verify the accuracy of the personal data, and when you have objected to our processing based on our legitimate interests, pending the verification whether our legitimate grounds override yours.

10.5 Right to data portability

You may have the right, under certain conditions, to receive the personal data concerning you that you have provided to us in a structured, commonly used and machine-readable format and the right to transmit those data to another controller without hindrance from us.

When exercising your right to data portability, you have the right to have your personal data transmitted directly from us to another controller, where technically feasible.

10.6 Right to object

You have the right to object, on grounds relating to your particular situation, at any time to certain processing of your personal data. The right to object applies when we process your personal data including profiling, to perform an engagement of public interest, as part of the exercise of public authority or after a balance of interest.

Where personal data are processed for direct marketing purposes, you have the right to object at any time to our processing of your personal data for such marketing.

10.7 Right to lodge a complaint

If you consider that our processing of your personal data infringes the GDPR you have the right to lodge a complaint with the Integritetsskyddsmyndigheten, which is the supervisory authority in Sweden.

10.8 Exercise your rights

If you wish to exercise any of your rights you can easily do that by contacting us using the contact information below. In order to protect your integrity and your personal data we might require that you identify yourself when you require our assistance.

10.9 Contact information

MetaSafe Sweden AB

Corp. reg.no: 559102-8666
E-mail: contact@metasafe.se
Phone number: +46767797734
Adress: Forskargatan 20 J, 151 36 Södertälje, Sweden

___________________

Our Privacy Policy was updated December 2023