We safeguard your personal integrity. It is therefore important for us to protect your personal data and ensure that our processing of your personal data is correct and lawful.
This Policy describes what information we collect, what we do with it, who we share it with, how long we store it and what rights and obligations you have. It will help you to understand what kind of personal data we collect and how it is used when you are using our website and services, as well as your rights as a data subject.
We ask that you read this Policy carefully and familiarize yourself with its content, since it applies to all use of our website and services.
Our information and contact details
IAR Systems AB
Reg. no 556230-7107
SE-750 23 Uppsala
Phone: +46 (0)18 16 78 00
Contact for questions about this policy: firstname.lastname@example.org
How we collect personal data
We collect your personal data when you communicate with us, when you download software, when you send a request for quotation, when you register for user accounts, when you register licenses, when you sign up for newsletters and other marketing communications and when the company that you represent enters into a business relationship with us. We also collect your personal data based on your web activity, including how you use our website and services.
How we process personal data
Users of our website and services (referred to as “you” and “your”) can provide personal data to us when visiting our website and when using our services. You can do this in your capacity of a private individual or as representative of a company. We act as the data controller of personal data obtained and is therefore obligated to ensure that the processing is executed in accordance with this Policy and applicable data protection legislation.
The following applies, where applicable, to the processing of personal data for establishing business relationships:
Categories of personal data
– To make contact with you and to establish and maintain a business relationship.
– To process a purchase
– To communicate with you in your capacity as a company contact.
– To audit, evaluate the use of and improve our website and services.
– Storage of collected personal data in our business systems and back-up systems.
– Transfer of personal data to third parties for business administration and marketing communications.
– Sending of order confirmations and notices of delivery.
– Use for communication with you regarding, for instance, the management of your company’s account.
– Contact details (such as e-mail address, telephone number, location and business address).
– Information regarding the company you represent as well as any agreements you have entered into with us on your company’s behalf.
– Professional title.
– Product interest.
– Technical data related to your visit on our website (such as device, IP-address, frequency of visits, type and time of transactions, type of web browser and operating system, and website traffic volume).
Legitimate interest: Our processing is based on our legitimate interest of being able to establish, maintain and develop business relationships with you.
For technical data, our processing is also based on our legitimate interest of being able to audit, evaluate and improve our website.
Time for storage
We store your personal data as long as it is deemed necessary for us to maintain the business relationship with you and to provide our products and services to the company you represent.
The following applies to the processing of personal data of subscribers of our email marketing:
Categories of personal data
– To send you customized emails, newsletters and other marketing messages.
– To audit, evaluate the use of and improve our website and services.
– Storage of collected personal data i our business systems and back-up systems.
– Transfer of personal data to third-party service providers for marketing communications.
– Email address.
Consent: Our processing is based on the consent you give when you submit your email address to us.
Time for storage
We will store your personal data for marketing purposes until you request that the marketing ends.
If you have subscribed for our email newsletters and other marketing communications, created a user account or been in contact with us in your capacity as company contact, we will occasionally use your personal data for marketing communication with you. This processing is based on our legitimate interest of being able to market our products and services.
You are entitled to object to the processing of your personal data for marketing communication. You also have the right to object to the marketing communications measures in itself free of charge and you may opt-out from any marketing communication at any time by following the unsubscribe instructions included in our marketing communications. If you choose to opt-out from further communications, we will make a note of this in our business systems.
How we share personal data
The personal data that we collect will be shared with a few third parties in order for us to provide our services. These are the types of third parties with whom we may share your personal data:
- Service providers: You data may be shared with third-party service providers to manage our business operations. This includes third parties with regard to IT infrastructure, operating and hosting services, marketing and communications, financial and payment services, customer services and IT services such as IT support, maintenance and development.
- Our sales distributors: Your personal data may be shared with our distributors if you are situated in a country where we do not have an office. This is to establish and maintain a business relationship with you.
- For security reasons: Your personal data may be shared when this is required by law, to protect you or our customers or for the security of our services.
When we share data with third parties, we will ensure that your personal data is only processed in accordance with our instructions and this Policy. The processing and sharing of your personal data in accordance with above is necessary for our legitimate interest of providing our services or to fulfil any contract we have entered into with your company or to comply with mandatory law.
Where we process personal data
We process your personal data inside and outside the EU/EEA where our IT-systems are located. Your personal data may be also shared with data processors who, either themselves or through hired sub-contractors, are established in or stores the data in a country outside of the EU/EEA. In the event we process your personal data outside the EU/EEA, we will take all reasonable legal, organizational and technical measures needed to ensure that the level of protection is the same as in the EU/EEA, for example by ensuring that the country in which the recipient is located ensures an adequate level of data protection according to the European Commission or by use of standard contractual clauses in the agreements with the data processors.
How we protect personal data
We have taken a number of security measures to ensure that the personal data is kept secure. For example, access to areas where personal data is stored is limited to our employees and service providers who require it in the course of their duties and who are informed of the importance of maintaining the security and confidentiality of the personal data we keep. We maintain appropriate safeguards and security standards to protect your personal data against unauthorized access, disclosure or misuse, through the use of firewalls and passwords that only authorized members of our staff possess. We also monitor our systems to discover vulnerabilities in order to protect your personal data.
As part of applicate data protection legislations, you may exercise your rights by contacting us on the address or email listed in the beginning of this policy.
Right of access
You have the right to request access what personal data we process about you. The information will then be provided in the form of a register extract which specifies the personal data processed by us. If you make your request electronically, the information will be provided in a commonly used electronic format, unless you have requested otherwise.
Right of rectification
You have the right to have incorrect information about you rectified without undue delay. You also have the right to amend incomplete information.
Right to erasure
You may request that we erase your personal data without undue delay in the following circumstances:
- The personal data is no longer necessary in relation to the purposes for which they were collected or otherwise processed.
- You withdraw your consent on which the processing is based (if applicable) and there is no other legal ground for the processing.
- You object to the subsidiary’s processing of personal data and the subsidiary do not have any overriding legitimate grounds for the processing.
- The processed personal data is unlawfully processed.
- The processed personal data has to be erased for compliance with legal obligations.
We may deny your request if we are prevented from erasing your personal data by requirements set out in applicable laws and regulations (e.g. in relation to accounting and tax legislation) or if they are needed for the establishment, exercise or defense of legal claims. If we cannot meet your request, we will instead restrict the personal data so they cannot be used for another purpose than the purpose preventing the erasure.
Right to restriction
You have the right to restrict the processing of your personal data in the following circumstances:
- You contest the accuracy of the personal data during a period enabling the subsidiary to verify the accuracy of such data
- The processing is unlawful and you oppose erasure of the personal data and request restriction instead.
- The personal data is no longer needed for the purposes of the processing, but are necessary for you for the establishment, exercise or defense of legal claims.
- You have objected to the processing of the personal data based on the subsidiary’s legitimate interest, pending the verification whether the subsidiary’s legitimate grounds for its processing override your interests, rights and freedoms.
Right to object
You have the general right to object to our processing of your personal data when it is based on our legitimate interest. If you object and we believe that we may still process your personal data, we must demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or for the establishment, exercise or defense of legal claims.
Right to data portability
If your personal data has been provided by you electronically in a structured format and our processing of your personal data is based on your consent or on the performance of a contract with you, you have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format in order to transmit these to another service provider where it would be technically feasible and can be carried out by automated means.
Right to file a complaint
You may at any time file a complaint at the competent supervisory authority in your country if you believe that our processing is performed in breach of applicable data protection legislation. Please note that you are also always welcome to contact us in such event.
Linked web sites
This website may be linked to other websites, which are not under our control. These websites should have their own privacy policies. Visitors should ensure that they read and understand how their personal information may be collected, used and disclosed by the linked web sites as we are not responsible for and should not be held liable for any procedures, policies or activities of any websites linked to iar.com.
Changes to this policy
This policy was last updated January 2020.