Skip to content

Privacy Policy for Spennare

1. Introduction

KG Spennare AB (hereinafter referred to as “the company,” “we,” or “us”) recognizes the importance of protecting personal data and complying with all applicable data protection laws, including the EU General Data Protection Regulation (GDPR). This policy describes how we collect, use, store, and protect personal data.

2. Scope

This policy applies to all processing of personal data carried out by KG Spennare AB in connection with our operations, whether it concerns employees, customers, suppliers, or other third parties.

3. Responsibility

KG Spennare AB’s Data Protection Officer is responsible for ensuring compliance with the GDPR and other applicable data protection laws. All employees and other individuals acting on behalf of the company are expected to follow this policy and take appropriate measures to protect personal data.

4. Collection of Personal Data

We only collect personal data that is relevant and necessary to carry out our legitimate business purposes. When collecting personal data, we will inform the individuals concerned about the purpose of the collection, how the data will be used, and any third parties that may have access to the data.

5. Use of Personal Data

We use personal data only for legitimate business purposes, including but not limited to:

  • Managing employment relationships
  • Delivering products and services to our customers
  • Communicating with customers, suppliers, and other business partners
  • Invoicing and payments
  • Fulfilling our legal and regulatory obligations

6. Sharing of Personal Data

We only share personal data with third parties in accordance with applicable data protection laws and when necessary to carry out our business purposes. We ensure that adequate measures are taken to protect personal data when sharing and that we only share necessary data.

7. Storage of Personal Data

We store personal data only as long as necessary to fulfill the purposes for which it was collected, and in accordance with applicable laws and regulations. We take appropriate technical and organizational measures to ensure the security of personal data during storage and transmission.

8. Rights of Data Subjects

Data subjects have the right to request access to, correction, deletion, and restriction of the processing of their personal data in accordance with the GDPR. If a request to exercise rights is received, we will take steps to ensure that the request is processed within a reasonable timeframe and in accordance with applicable laws and regulations.

9. Data Protection and Security

We take appropriate technical and organizational measures to protect personal data from accidental or unlawful destruction, loss, alteration, unauthorized access, and unauthorized disclosure. We regularly evaluate our security measures and take necessary actions to ensure that personal data is processed securely.

10. Updating Personal Data

We will ensure that personal data collected and processed is accurate, complete, and up-to-date. If a data subject informs us that their personal data needs to be updated or corrected, we will take appropriate steps to update the information within a reasonable timeframe.

11. Data Protection Breaches

In the event of a data protection breach, we will take immediate action to limit and manage the breach. We will also report the breach to the relevant supervisory authorities and affected data subjects as required by the GDPR.

12. Training and Awareness

We will provide regular training and awareness-raising to our employees to ensure that they are aware of their obligations and responsibilities under the GDPR and this policy. This will help create a culture of data protection and privacy within the company.

13. Transfer of Personal Data

If personal data is transferred to countries outside the European Economic Area (EEA), we will take appropriate measures to ensure that the transfer is carried out in accordance with applicable data protection laws and that personal data is adequately protected.

14. Policy Review

This policy will be reviewed regularly and updated as necessary to ensure that it aligns with current data protection laws and the company’s operations.

By adopting this GDPR policy, KG Spennare AB commits to protecting personal data and processing it in accordance with applicable data protection laws and the principles of privacy and data security.