FM Mattsson AB
Processing of your personal data
FM Mattsson AB, Corporate Registration Number 556051-0207, Östnorsvägen 95, SE-792 27 Mora, Sweden (“FM Mattsson Group”, the “Company”, or “we”) has a policy of taking every measure necessary to ensure that personal data concerning visitors to our website, as well as customers, suppliers and/or their contact persons, is processed in a legal, correct, and open manner.
We are particular about protecting your personal data, and keen on always processing your personal data securely. We comply with all applicable laws and regulations for protecting the privacy of private individuals, which includes legislation and regulations that either implement or supplement the EU’s Data Protection Directive (95/46/EC), the Privacy and Electronic Communications Directive (2002/58/EC) and the EU’s General Data Protection Regulation (or GDPR, 2016/679), any amendments to or additions to these regulations, or regulations that replace such laws, ordinances, instructions and regulations.
FM Mattsson Group wishes to assure you that we take suitable and reasonable physical, technical and organisational security measures in relation to the amount and type of personal data for the purpose of protecting your rights and freedoms regarding data protection. Only authorised personnel in FM Mattsson Group and authorised externally employed suppliers working on behalf of FM Mattsson Group have access to your personal data.
What personal data do we collect, and from where?
If you visit our website or purchase our products or services, you may submit information to us that is considered to constitute personal data under the applicable personal data legislation.
Depending on the context, the types of personal data we collect can include:
• Name and contact information including address, mobile number and e-mail address
• Personal identity number and payment information
• Title, job and/or other work-related information
• User-generated information that you actively choose to share via our websites
Your personal data can be collected from the following sources:
• Directly from you as a registered user, for example when you apply for a position in FM Mattsson Group, contact our customer service, or otherwise contact us through our website
• From the company you represent, for example when your company places orders for or purchases our products or services, and you are indicated as the company’s contact person
• From third parties in the form of government agencies, organisations or companies that conduct credit checks
Why do we process your personal data?
If you have ordered a good or service, you have entered into an agreement with FM Mattsson Group, and we then process your personal data for the purpose of administering your purchase or order and delivering the service or product you have ordered.
In addition to processing your personal data in order to complete the purchase of goods or services, we may use your personal data for other purposes by virtue of other legal grounds, as indicated below.
The legal grounds for our processing
Fulfilment of agreements
In the event you purchase a good or service from us, we save your data in order to fulfil our agreement with you. The same applies if you are indicated as a contact person for one of our suppliers or customers, where your data may be needed for fulfilling our agreement with the customer or supplier.
In the event you have contacted us in some context regarding our products or services without an agreement being entered into, or if you have registered as a member for our digital services, we save your data in order to pursue our legitimate interest of contacting you in the future with offers and information about our products or services, about updates, available training courses and more.
Performance of legal obligations
In addition to the grounds indicated above, your personal data may also be processed by us to perform our legal obligations, where necessary, for example regarding accounting or labour legislation.
Storage of personal data
The Company takes all reasonable measures to ensure that your personal data is securely processed and stored. We endeavour to minimise the amount of data we save, and your personal data is never saved for longer than permitted under applicable laws, and to achieve the purposes indicated above. Your personal data is processed by us over the following periods of time:
If you have registered for any of the Company’s digital services, your personal data is saved until you deregister.
Personal data submitted in connection with ordering goods and services (name, personal identity number, address, telephone number, e-mail, payment and delivery information) are saved as long as required for the Company to be able to fulfil its agreement with your (including fulfilling delivery or guarantee commitments) and for a period of 36 months thereafter. The equivalent applies if we save your data because you have been indicated as a contact person for any of our customers or suppliers.
Information saved so that we can fulfil a legal obligation is saved in accordance with what is prescribed by law.
Who processes — transfer of personal data
We use a number of different IT services and IT systems in our operations.
Internally, we process personal data in our business systems. Some of these systems store information in hardware installed locally on our premises, and then it is only our personnel who have access to the data. Some information is stored at our suppliers, or in cloud solutions, which means that we transfer personal data to the supplier; in this case, the supplier is our personal data processor who processes personal data on our behalf and exclusively according to our instructions.
Your personal data may also be submitted to government agencies concerned in order for the Company to fulfil its legal obligations.
Delivery of personal data to third-party countries
We always endeavour to process your personal data within the EU/EEA first. However, in certain cases — for example, when we share data with a personal data processor — the data may be stored in a country outside the EU/EEA. In these cases, the level of security is guaranteed either through a decision from the EU Commission that the country in question ensures an adequate level of security, or through the use of “suitable protective measures,” for example, an approved code of conduct in the recipient country, the EU’s model clauses, or a privacy shield.
You have the right to request information about what personal data we have registered concerning you and how it is used, after a written and signed application addressed to us using the contact information below. You also have the right to request that personal data concerning you be corrected if it should be incorrect, incomplete, or misleading by contacting the Company. To protect your privacy and your personal data, we may require that you identify yourself with reference to our assistance.
Under applicable personal data legislation, you also have the right to request that your personal data be deleted, or that processing of your personal data be restricted. You also have the right, in certain cases, to object to processing of your personal data, and to request to have your personal data transferred in electronic format.
You can submit a complaint to the Swedish Data Protection Authority, if you believe that FM Mattsson Group is not processing your personal data in accordance with applicable laws.
FM Mattsson AB
SE-792 27 Mora
Tel: +46 250 59 60 00