We safeguard your personal integrity. It is therefore important for us to protect your personal data and ensure that our processing of your personal data is correct and lawful. This Policy will help you understand what kind of personal data we collect and how it is used as well as your rights as a data subject.
We may sometimes need to make updates or changes to this Policy. You can al-ways find the latest version of this Policy on our website, www.aacmicrotec.com/privacy-policy/.
We ask that you read this Policy carefully and familiarize yourself with its con-tent. If you have any questions, please contact us at the address above or at email@example.com.
2. How we collect your personal data
We collect personal data that you provide us with when we come in contact with you personally or you otherwise communicate with us. We may also collect your personal data from third parties, such as Euroclear Sweden for shareholders, the Swedish Central Securities Depository.
3. How we process your personal data
In this section, we describe how we process your personal data, what legal grounds our processing is based on and for how long we store the data.
3.1 To create, maintain and develop potential and existing business relationships
We process personal data to create and thereafter maintain and develop business relationships with potential and existing customers, partners and other business contacts (including for example consultants, potential investors, research and development contacts and suppliers).
If you are or represent a potential or existing customer, partner or other business contact of ours we may process your personal data as follows.
3.2 To comply with our legal obligations or to exercise legal claims
We may process your personal data in order to comply with legal obligations, set out in law or as decided by a court or other authorities. These requirements may be related to matters such as bookkeeping or money laundering legislation. Our processing for this purpose is that it is necessary for us to comply with legal obligations applicable to us.
We may also process your personal data if the processing is necessary for the establishment, exercise or defense of our legal claims.
4. Direct marketing
If you have subscribed for our newsletter and other marketing messages, such messages will be sent to your submitted e-mail address from our service provider beQuoted. beQuoted is, in relation to such marketing, data controller of your submitted e-mail address, why any objection to the processing of your personal data for marketing purposes shall be directed to beQuoted. You may opt-out from further marketing messages by using the un-subscription link in each message.
5. How we share your personal data
The personal data that we collect is shared with the following types of third parties:
a) Service providers: We use third party service providers to manage some aspects of our business operations. We share personal data with such third parties with regard to, for example, IT infrastructure, operating and hosting services, marketing and communications and other IT services, such as IT support, maintenance and development. When we use such service providers we will enter into a data processing agreement with the service provider which requires it to ensure that your personal data is only processed in accordance with this Policy.
b) Authorities: When we are required by law, we may share your personal data to public authorities such as the police or tax authorities.
6. Where we process your personal data
We strive to always process your personal data within the EU and EEA. However, we may transfer your personal data to service providers who, either themselves or by their subcontractors, are located in or have business activities in a country outside the EU or EEA. In the event of such transfer, it will be made in accordance with applicable data protection legislation, for example by ensuring that the country in which the recipient is located ensures an adequate level of data protection according to the European Commission or by use of standard contractual clauses that the European Commission has issued ensuring suitable measures to safeguard your rights and freedoms.
7. Security measures
We have taken a number of security measures to ensure that the personal data we keep is secure. For example, access to areas where personal data is stored is limited to our employees and service providers who require it in the course of their duties and who are informed of the importance of maintaining the security and confidentiality of the personal data we keep. We maintain appropriate safeguards and security standards to protect your personal data against unauthorized access, disclosure or misuse. We also monitor our systems to discover vulnerabilities in order to protect your personal data.
In this section we describe your rights under applicable data protection legislation. You are welcome to email us at firstname.lastname@example.org or send regular mail to the address above to exercise your rights, if you have any questions or comments regarding our processing of your personal data or this Policy. We will respond within a reasonable period of time upon verification of your identity.
8.2 Right of access and rectification
You have the right to information regarding which of your personal data we process and to access and rectify such personal data.
8.3 Right to erasure
You may request that we erase your personal data without undue delay in the following circumstances:
a) the personal data is no longer necessary in relation to the purposes for which they were collected or otherwise processed;
b) you withdraw your consent on which the processing is based (if applicable) and there is no other legal ground for the processing;
c) you object to our processing of personal data and we do not have any overriding legitimate grounds for the processing;
d) the processed personal data is unlawfully processed; or
e) the processed personal data has to be erased for compliance with legal obligations.
We may deny your request if we are prevented from erasing your personal data by requirements set out in applicable laws and regulations (e.g. in relation to accounting and tax legislation) or if they are needed for the establishment, exercise or defence of legal claims. If we cannot meet your request, we will instead restrict the personal data so they cannot be used for another purpose than the purpose preventing the erasure.
8.4 Right to restriction
You have the right to restrict the processing of your personal data in the following circumstances:
a) you contest the accuracy of the personal data during a period enabling us to verify the accuracy of such data;
b) the processing is unlawful and you oppose erasure of the personal data and request restriction instead;
c) the personal data is no longer needed for the purposes of the processing, but are necessary for you for the establishment, exercise or defense of legal claims;
d) you have objected to the processing of the personal data, pending the verification whether our legitimate grounds for our processing override your interests, rights and freedoms.
If your personal data has been restricted in accordance with this section they may, with exception of storage, only be processed for the establishment, exercise or defense of legal claims, or for the protection of the rights of a third party or for reasons of important public interest according to EU or EU member state legislation.
8.5 Right to object
You have the general right to object to our processing of your personal data when it is based on our legitimate interest. If you object and we believe that we may still process your personal data, we must demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or for the establishment, exercise or defense of legal claims.
8.6 Right to data portability
If your personal data has been provided by you and our processing of your personal data is based on your consent or on the performance of a contract with you, you have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format in order to transmit these to another service provider where it would be technically feasible and can be carried out by automated means.
8.7 Right to withdraw consent
When our processing of your personal data is based on your consent, you have the right to withdraw your consent at any time. Please note that the lawfulness of any processing based on your consent before its withdrawal is not affected by the withdrawal.
8.8 Right to file a complaint
You may at any time file a complaint at the supervisory authority (the Swedish Data Protection Authority) if you believe that our processing is performed in breach of applicable data protection legislation. Please note that you are also always welcome to contact us in such event.