Regarding handling of personal data
IPQ IP Specialists AB (“IPQ” or “we/us/our”) is a data controller according to the European Parliament´s and Council of Europe´s ordinance, (EU) 2016/679 of the 27th of April 2016 on the protection of physical persons in regards to the handling and free flow of personal data (“GDPR”) and current national jurisdiction for all personal data we handle within the scope of our activities.
We use your personal data primarily to fulfil our obligations towards you. Our intent is to handle no more such data than is necessary to fulfil those obligations and we strive to use the least sensitive data sufficient to achieve this.
Providing you with good professional-, marketing-, follow-up- and informational services also requires us to use your data. We may also need personal data in order to be in compliance with certain laws and carry out customer- and market analyses.
We handle such data as we receive within the scope of providing our professional services or such data as is gathered in the preparation or administering processes of providing our services. You are not obligated to provide any personal data but we may need it in order to assess and accept a mission.
You have the right to object to our use of personal data for purposes of direct marketing. When we first gather your data you are informed about this and how to state your objections.
What personal data do we handle?
We handle your data only when the purpose provides us with a legal basis to do so. We do not handle data other than for the purposes of living up to our commitments and complying with the law. Here are examples of personal data which we handle:
- Phone number
- Electronic addresses
- Date of birth
- Data which you share with us of your own accord
- Content which you yourself publish, so called user generated content
- Factoring information
How do we gain access to your personal data?
We gather data which is given us in connection to a mission or which is otherwise handled during the preparation or administration of a mission. Primarily, we gather data directly from the person in question but in some cases the information does not come from them directly. We may also complement personal data we are provided with through the use of private or public sources and records. Normally you have no obligation to provide us with your personal data but without it we may be unable to accept a mission as we will be unable to live up to our obligations. The gathering and handling of personal data occasionally occurs through suppliers or other external parties.
We also access personal data in the following ways:
- Information available in public records
- Information provided when you register yourself to seminars or courses
- Information provided when you sign up for our newsletters and other communication
- Information we receive as you answer our surveys
- Information we are given when you take contact or seek employment with us
Why do we handle your personal data?
We handle data provided to us or gathered in connection to our missions in order to fulfil obligations as well as work in the interests of our customers, handle the administration around missions and comply with laws and SEPAF-rules.
Handling of personal data also occurs so that we can administer relations with suppliers and other external parties as well as when visits are made to our offices.
We may also handle personal data as basis for our market- and client analyses, business- and method development as well as risk management.
Is your personal data treated in a reassuring manner?
We develop routines and processes to make sure your data is handled safely. Only employees and others within the organisation who need the data in order to carry out their duties should have access to it.
When it comes to sensitive personal information we have implemented special systems for authorization validation to ensure greater protection of your information.
Our security systems are developed with a focus on your integrity and provide a high level of protection against breaches, destruction and other forms of alteration which could compromise your integrity.
We have several IT-security policies intended to ensure that your personal data is handled safely.
We do not tranfer personal data other than in cases stated within this policy.
Who has access to the data we handle?
To protect your data, IPQ has physical, technical and organisational measures in place to ensure the safe handling and transferring of personal data, including appropriate measures to secure such data from unintentional or illegal destruction, unintentional loss, wrongful use, alteration, non-allowed proliferation or access and all other illegal forms of treatment.
What is the legal basis for our handling of data?
The legal basis for handling of personal data is, in relation to information about contact persons at our customers, that we be able to deliver what we commit in an agreement with a customer. In relation to those with whom we cooperate and consult, our foreign agents, witnesses, opponents, opposing counsel, agents of opponents etc. our data handling is usually based on an assessment and consideration of interests. That means that we deem the handling of data to be necessary to achieve our clients´ or, as in the previous case, our legitimate ends and that this takes priority over any possible opposing ends or basic freedoms or rights.
The handling of personal data in connection to the archiving of acts after a completed mission is based on our obligation to comply with the laws regulating, among other things, accounting.
We may also have grounds for handling that arise from the various commitments we make.
Handling of personal data attributable to suppliers or their agents and other external parties this is grounded on our legitimate interest to administer the relation and fulfil contractual obligations.
When we handle data for the purposes of analysing and improving our business, the handling is based on our legitimate interest in improving our business and for purposes of communication.
How long do we store personal data?
We do not store data longer than necessary with respect to the purpose of the handling if not legally allowed or required.
If you unregister from newsletters or similar, data stored for those purposes of administering such will be immediately deleted.
Transfer of your personal data
Your personal data is shared with parties outside IPQ only for the purposes of handling on our account, for example, sending intermediaries. Every such instance is in accordance with a legally binding non-disclosure agreement.
When your personal data is shared with data processors, companies that handle information on our account and in accordance with our instructions, this happens only for purposes aligned with our intentions for gathering the data in the first place. We ensure that all data processors that handle your data live up to our standards pertaining to security and secrecy regarding personal data.
What information do we give you?
When we gather your data for the first time we will inform you about how we get access to your personal data, what we will use it for, what rights you have under GDPR and how you can utilize those rights. You will be informed about who is responsible for the handling of your personal data and how you can get in contact with us, should you have questions or submit a request regarding your personal data and/or your rights.
What rights do you have as registered?
If you want insight into the handling of your personal data, you have the right to demand access to your data. You can request corrections or restrictions of any information that may be incorrect as well as deletion of any information which is no longer needed for the purposes it was gathered for.
The written application should be directed to either of the addresses below. We will respond to your requests without undue delay.
With questions or comments on how we treat personal data or a request to exercise your rights as described above, please contact us via email at email@example.com or by mail at the address below.
IPQ IP Specialists AB