Privacy statement

Respecting your privacy and personal details are important for us whitin our interactions. Below you will find our privacy statement on how we process personal details

Updated: 2018-05-25

1. ABOUT THE PRIVACY STATEMENT

Privacy is important here at Nanor AB (also referred to as “Nanor”, “we”, “us” & “our”). This Privacy Statement (also referred to as “Statement”) is compiled to inform you about the personal information we gather, why we gather it, how we gather it, where we store it and lastly how we use it.

This Statement covers the privacy data information related to the aspects of visiting our website (referred to as “website” and accessed via nanor.wpengine.com) and information gathered during the process of conducting business with us.

Our policy may be changed and/or updated, and the information stated here is what is valid.

2. THE PERSONAL DATA WE COLLECT & ITS USE

There are several different ways in which we collect and receive your personal data. From your perspective, we distinguish your personal data as if you have provided us it direct and indirect.

  • Direct personal data – The direct data we collect, and process, is information you provided us when:
    • Conducting Business – Communicate with us for business purposes and information provided relating to customer relationship (for example but not limited to email correspondence, submission of documents (e.g quote requests via our website our supplier’s submission forms, details from service and purchase orders as well as payment and billing information) or via other channels in which we might communicate.
    • General interactions – General customer interactions and requests with us (for example but not limited to e.g. general email correspondence, submission through our webpage form or even via telephone as well as signing up for our newsletter, requesting software, product catalogs and brochures and interacting with us via live chat on our website).

We aim to keep our direct data collection to a minimum, but still enough to be able to conduct business in the best possible way. Within our direct communication methods we gather different amount of your direct identifiable data which could include at the most:

DATA COLLECTEDTHE USE OF DATA COLLECTED
Full nameWe need to know whom we are talking with
Business titleWe might need to if you have the authority to purchase
The organization you work for/representWe need to know the legal entity of whom you represent and which we are conducting business with
Telephone numbersWe need to be able to contact you to conduct business, follow up and manage our business relations
E-mail addressWe need to be able to contact you to conduct business, follow up and manage our business relations
The country where you workWe might need to know the country for legal aspects of where the company you work for is based, as well as from time to time to filter our unrelevant country specific news (i.e if we are visiting a tradeshow that is not in your country)
Personal numberWe only collect this sensitive data in the case this is your business registration number and we have to use this for our conducting business
  • Indirect personal data – The indirect personal data we collect, and process, is information about you, used or needed for our business purposes (as explained in section 3) gathered from external sources (i.e. you did not directly provide us this data).
    • Analytical data – We have personal data about you to get statistics and information about user behavior to improve our website, newsletters and user experience.
The personal data used for analytical purposes is collected via the following platforms

SOURCEPLATFORMDATA COLLECTEDTHE USE OF DATA COLLECTED
Newsletterwww.apsis.seThe time that you opened, which client (web, mobile or both) used to read, which links you’ve clicked & the registered geographic locationWe use this personal data to improve our communication with you so we understand what we send is perceived as interesting. We also use this to select out email addresses which are to be removed from our lists according to section 7 of this statement
Google Analyticshttp://analytics.google.comThe URL through which you access our websites, your IP address and user behavior, browser type, language and information about identification and operating systems.We use this personal data to understand how you as a user visit and interact with our website. This is so we can improve our content and provide you with the most relevant information. The personal data is stored according to section 7 of this statement
  • External sources – When permitted and applicable by law we might have collected and therefore possess personal data about you which could have been gathered through different external partners (for example but not limited to information received from our suppliers about potential leads, available open sources and purchased credit check when applicable).In general, we do not have any requirements for you to provide us with personal data, but if you don’t there is no guarantee, will be able to provide you with products and/or services.

3. OUR PURPOSE FOR COLLECTING DATA

The most elementary reason we collect, store and use data is, so we successfully can conduct business and provide you and your company with customer care and relevant commercial activities.

To achieve this, it also becomes important for us to understand our customers’ needs and habits as well as expand and improve our business offerings. Therefore, we will only use the information for our own business purposes, which will include, but not only limited to, sending you promotional materials and following up on inquiries further in the future. Furthermore, we will also use personal data in combination with analytical tools, to better understand how you as a customer interact with us.

4. THE LEGAL BASIS FOR COLLECTING DATA

Since our purpose for collecting your personal data and the usage of it, is to “…conduct business and provide you and your company with customer care and relevant commercial activities…“ we do this based on a few different legal grounds:

TYPEREASON>LEGAL BASIS
Conducting businessOur main purpose for collecting personal data is to conduct business with you and the company you represent when purchasing products or services from us.There is a contractual agreement between our two entities that enables us to process your personal data.
Managing customer relationshipWhen conducting business, we need to manage our customer relationship for future business opportunities. We manage customer relationship with you as you work for/represent or have a key role within a company that previously has been in contact with us or purchased products.There is a legitimate interest for us to manage customer relationship
Complying with governing lawWe abide by the governing laws e.g. corporate and tax law and therefore we might collect and process personal data to comply with these regulations.We are bound by a legal obligation to fulfill
Marketing

When we communicate with you with regards to “relevant commercial activities” we send newsletters, email or even occasionally call to inform, promote and sell our business offerings. We might also use personal data for customer surveys or market research.

You can always object to receiving direct marketing from us at any time as per section X of this statement.

In this aspect, the personal data used is based on the legitimate interest that we want to provide and information to you about our products.
Business development & internal reportingPersonal data might be processed for improving and developing our business offerings as well as our website e.g we might process personal data to analyze visitor behavior to improve customer experiences and further develop our website or generate internal reports containing personal data presented do the Board of Directors and/or Management to make appropriate operational decisions.The processing of personal data is in our legitimate interest to ensure that we have relevant information to develop and manage our business.
Other reasons where you consentThere might be other reasons, then stated above, where you have given your consent for us to process your personal informationIn these cases where you have provided your consent, we are entitled to process the data accordingly.

5. PERSONAL DATA SECURITY

We have a variety of security measures in place to protect your personal data from loss, destruction, misuse, and unauthorized access or disclosure.

Note that even though we have the security measures in place to safeguard your personal data, we can not to 100% guarantee prevention towards all ser breaches. In the unlikely event of a security breach, you will be informed in accordance with applicable laws.

6. PERSONAL DATA TOWARDS 3RD PARTIES

We work closely with our suppliers and several companies we have outsourced parts of our operations to, as well as other 3rd party software providers. Your personal data we have we might have to share with 3rd parties, in these cases this is so we can service you with business related matters.

These are data processors who, on our behalf and only according to our instructions, might process your personal data. We are the data controller responsible for the use of your personal data at all times.

It is important that you know that your data might also be disclosed if:

  • We were to be involved in any form of sales of the whole or part of the company or our assets.
  • It is needed and/or necessary to protect our rights or the safety of you or others, investigate fraud, or comply with government requests
  • You have given consent to a third party which the consent relates to

To make it utterly clear, we will never ever, sell any of your personal information we have.

7. HOW LONG & WHERE WE STORE PERSONAL DATA

We store personal data for as long as needed to fulfill the purposes defined in this statement. Depending if it is personal data you provided direct or indirect the personal data is stored accordingly:

DATA PROVIDEDTIME STOREDWHERE IT IS STORED
Direct personal data

For as long as you work or represent your organization we will store your personal data. If you terminate your employment at the company, you are responsible for notifying us via the specified contact details, so we can remove your personal data.

Newsletter – We process your personal data as long as you are subscribed. If you have not opened three (3) of our last sent newsletters you will be unsubscribed. If you have opted-out from all marketing communications we might need to store personal data to ensure that you are not added back to any lists.

We have your direct personal data stored in the following places:

  • ERP System Server
  • Microsoft Office 365 Server
  • Apsis Newsletter Server
Indirect personal dataNewsletter – We process your personal data for analytical purposes and delete data that is older than 24 months.

Google Analytics – We process your personal data for analytical purposes and data that is older than 26 months will be deleted automatically.

External sources – We process data from external sources only for as long as needed. Once its need is fulfilled the personal data will be deleted

We have your indirect personal data stored in the following places:

    • ERP System Server
    • Microsoft Office 365 Server
    • Apsis Newsletter Server
    • Google Analytics Server
Complying with governing lawWe abide by the governing laws e.g. corporate and tax law and therefore we might collect and process personal data to comply with these regulations.We are bound by a legal obligation to fulfill
Marketing

When we communicate with you with regards to “relevant commercial activities” we send newsletters, email or even occasionally call to inform, promote and sell our business offerings. We might also use personal data for customer surveys or market research.

You can always object to receiving direct marketing from us at any time as per section X of this statement.

In this aspect, the personal data used is based on the legitimate interest that we want to provide and information to you about our products.
Business development & internal reportingPersonal data might be processed for improving and developing our business offerings as well as our website e.g we might process personal data to analyze visitor behavior to improve customer experiences and further develop our website or generate internal reports containing personal data presented do the Board of Directors and/or Management to make appropriate operational decisions.The processing of personal data is in our legitimate interest to ensure that we have relevant information to develop and manage our business.
Other reasons where you consentThere might be other reasons, then stated above, where you have given your consent for us to process your personal informationIn these cases where you have provided your consent, we are entitled to process the data accordingly.

We follow applicable laws and based on this, there might be personal data that cannot be removed.

8. YOUR RIGHTS AS A DATA SUBJECT

You have the right to access the personal data we have about you. At any time, you can receive information about your data, update, change, correct or ask for the removal of your personal data.

There is certain information which is strictly necessary in order to fulfill the purposes defined in this Statement and may also be required by law. therefore, such personal data cannot be removed.

You have a right to object for certain processing. To the extent required by applicable data protection law, you have a right to restrict data processing.

You have a right to data portability, this means that we need to be able to provide you with your personal data in a structured, commonly used machine-readable format which also should be transmittable to another data controller, to the extent required by applicable law.

If our processing of your personal data is based on a consent, you have a right to withdraw the consent at any time. We will no longer process your personal data for the purposes consented, unless there is another legal ground available for the processing.

Please send above-mentioned requests to us at information@nanor.se

If you think there is a problem with the way handle your personal data, you have a right to file a complaint to your national data protection authority in the EU/EEA.

9. CHANGES TO THIS STATEMENT

We might from time to time revise, change or update our Statement. You will always find the most current statement on our website, nanor.wpengine.com/legal/privacy-statement, noted with the latest updated date.

10. DATA CONTROLLER

Nanor is the responsible data controller, and therefore also responsible that the personal data we collect and possess is ensured to be in compliance with this Statement and applicable data protection laws.

Data Controller Contact Information:

Nanor AB
Box 27061
102 51 Stockholm

Business no.: 556952-0041
Phone: +46840912800

Email: information@nanor.se

11. CONTACT US

Any questions you have regarding this statement or your personal data we process is to be directed to information@nanor.se