KMCT Group AB is referred to below as: The Company
The information refers to is referred to below: The Customer or You
2. Basic information
2.1 The company handles the security of the Customer’s personal data with the utmost respect and consideration. The company undertakes to handle personal data in accordance with the Data Protection Ordinance (2016/679) and other relevant legislation.
3. What personal information is collected?
3.1 The company may collect and process personal data such as; name, social security number, telephone number, e-mail address, address information, payment information, purchase history, IP address and information about the Customer’s use of the website (so-called cookies) which are necessary, essential and compatible with the purpose of the services.
3.2 The Company may also process other personal data that the Customer provides to the Company.
4. Purpose and legal basis for the treatment
4.1 To fulfill the agreement
The company processes the Customer’s personal data in order to fulfill agreements with you who are the Customer or account holder. For you as a Customer, the processing is necessary for us to be able to carry out and deliver your orders, invoice and assess which payment methods we can offer you, administer your cases and provide support and good customer service.
4.2 After a balance of interests
The company processes data on the basis of a business balance of interests. If the Customer makes a purchase, we may use the information for direct marketing aimed at you as a Customer. Customers who oppose treatment for this purpose have the right to object to the treatment. The company never processes sensitive personal data on the basis of a balance of interests.
4.3 With the support of your consent
The company processes personal data with the support of the Customer’s consent. This is the case if the Customer wants to register an account holding or handle matters and complaints. We can also, with the support of the Customer’s consent, market and adapt offers to you as a Customer or inform about our services via newsletters by post and e-mail, SMS / MMS and on the web. By approving the policy upon registration, the Customer thus agrees to such processing of his personal data.
4.3.1 In order to be valid, consent must be expressed in an unambiguous, specific, voluntary and informed expression of will. The company must provide the necessary information about the treatment to the Customer before consent is given. The consent must be an active document, for example by the Customer upon registration ”ticking” that he agrees to the processing referred to in the individual case.
4.3.2 The company documents and must, if necessary, be able to demonstrate that valid consent has been given.
4.4 Fulfill legal obligations
The company also processes personal data in order to fulfill its legal obligations under law, for example the Accounting Act.
4.5 Automated decision making
In some cases, the company may use automated decision-making for direct marketing if it is permitted by law or other statute or if the Customer has given his express consent to such processing.
5. How long is personal data stored?
5.1 The Company stores the Customer’s information for as long as you are a Customer with us or as long as they are necessary for the purposes for which they were collected and processed. The company also saves the data for as long as applicable law and other regulations require.
5.2 Personal data is anonymised or deleted when it is no longer relevant for the purpose for which it was collected. Information is stored for a maximum of 12 months after the Customer has most recently completed a purchase or otherwise interacted with the Company.
6. Who takes part of the personal data?
6.1 Only those persons at the Company who need to process personal data for the above-mentioned purposes have access to your personal data.
6.2 The company reserves the right to disclose personal data to third parties in order to fulfill agreements, fulfill legal obligations or when consent has been given.
6.3 The company always strives to process personal data within the EU / EEA area. Personal data may be disclosed to third countries when using services with providers outside the EU. This is provided that the recipient meets the level of security required by the Regulation. The company always ensures that there are appropriate protection measures in place, e.g. data transfer agreements.
7. Customer rights
7.1 The company is responsible for safeguarding the Customer’s rights in accordance with the Data Protection Ordinance and other relevant legislation.
This means that the Customer has the right to:
- Get access to their processed personal data. It also means that the Customer has the right to request a register extract in digital format of your personal data free of charge.
- Request that the Company correct incorrect, incomplete or misleading information.
- Have their information permanently deleted if it is no longer necessary for the purpose for which it was collected or when the Customer no longer agrees to the processing. The right does not apply if there is another legal basis for the processing or if there is otherwise a legal obligation for the Company to process the personal data.
- Have the processing of their personal data restricted. This means that the personal data is marked so that it may only be processed for the stated purpose.
- Request to obtain their personal data in a structured, commonly used and digital format and have the data transferred from the Company to another personal data controller (so-called data portability).
- Objection to treatment carried out on the basis of a balance of interests. If the Customer objects to such processing, the Company will only continue the processing if there is another legal basis for it.
- Oppose the processing of their personal data for direct marketing. Objections to such processing are made by notification to the person responsible for personal data or personal data representative. Once the Company has received the objection, we will cease processing for such marketing purposes.
- Any complaints regarding the processing of your personal data are submitted to the relevant supervisory authority; Datainspektionen.
7.2 The Company will notify any third party who has access to the Customer’s personal information if any changes are requested to ensure that your rights are protected in the manner described above.
8. Security measures
8.1 The company takes appropriate and organizational measures to minimize risks of unauthorized access and inappropriate uses, which is done in order to ensure the Customer’s personal integrity.
9. Changes to the personal data policy
9.1 The company reserves the right to change the personal data policy at any time. Before a change takes place, the Customer will be notified of this. Customers who do not accept the changes have the right to object to the processing by contacting the personal data controller or personal data representative.
10. Contact information for personal data representative & personal data manager
personal data representative
Name: Ali Koca
Phone: 031-388 79 00
Personal data manager
Company name: KMCT Group AB
Organization number: 556795–6486
Adress: Marieholmsgatan 46, 415 02 Gothenburg
Phone: 031-388 79 00