INTEGRITY POLICY WITHIN THE DISTIT GROUP
This policy applies to DistIT AB and all wholly owned / partially owned companies by DistIT AB. In the following, the companies are collectively referred to as the “DistIT Group”.
The protection of natural persons in connection with the processing of personal data is a fundamental right. Everyone has the right to the protection of personal data relating to themselves. We recognize and respect that right in the DistIT Group. The General Data Protection Regulation (GDPR) establishes the framework for the legal processing of personal data.
PROCESSING OF PERSONAL DATA What is personal data? Personal data is information in whatever form it may be about an identified or identifiable natural person, e.g. names and contact details, your order details or your product details. General principles for the processing of personal data within the DistIT Group When we process your personal data, we must respect some general principles of good practice in data processing. This means, among other things, the following:
• we only collect personal data for specifically stated, concrete and legitimate purposes,
• we only collect personal data necessary to fulfill such purposes,
• we will do our best to ensure that the data is accurate and up-to-date,
• we will take technical and organizational measures to protect your personal data from accidental or unauthorized destruction or accidental loss, alteration, unauthorized disclosure or access, and against any other form of unauthorized processing, and
• we do not store personal data any longer than we are required to do or are required to achieve the purpose for which they have been collected or further processed or required by law.
We collect and process personal data We collect and process your personal data through various channels, including our websites, resellers, suppliers and customer support. We have chosen to categorize the personal data we collect and process as follows:
• your basic identification and contact information, such as name, email address, physical address (if applicable), telephone number (if applicable), IP address and in some cases geographical location and language,
• your purchasing information, e.g. your basic identification and contact details as above, company name (if applicable), delivery information as shipping address if different from physical address, order information such as name, quantity, product name, part number and product serial number, quantity, date of purchase and reseller details, credit card payment details and similar payment details as well as any referrals,
• customer service and technical support inquiries, including your basic identification and contact information as above, product serial number, product warranty information, point of purchase and other relevant information that the DistIT Group may request to handle your inquiry,
• information that you submit when you fill out surveys, questionnaires and evaluations, e. g. your basic identification and contact details as above, your product warranty ID, point of purchase, your feedback on your use of the product or products, and their assessment and location information,
We use your personal data We only collect and process personal data if we have a legitimate purpose. We have decided that it should always be one of the following purposes:
• We provide you with customized information about news, events, competitions and similar marketing content relating to the DistIT Group, our brands, products and products manufactured by or in collaboration with third parties. Our processing in this regard will be based on your consent to this.
• We process your purchase order, carry out card transactions, ensure delivery of purchased goods and process any returned goods. This processing is required to fulfill an agreement to which you are a party.
• We provide you with relevant software updates (where applicable) and we will save your delivery information to use for future purchases. Our processing is in both cases necessary for legitimate interests and we do not consider such processing incompatible with or contrary to your interests.
• We provide you with customer service, handle your inquiries or complaints and provide a product warranty. This processing is required to execute an agreement to which you are a party.
• We provide you with a better customer experience by providing you with personal benefits such as discounts or personalized offers based on past purchases and any other referrals. Our processing in this regard will be based on your consent to this.
• We collect your feedback on your use of products and services by inviting you to fill out surveys, questionnaires and evaluations. Our processing in this regard will be based on your consent to this.
• Some of your personal information is collected and processed in order to fulfill our contractual obligations to you, such as when you purchase our products, contact our customer support or claim the warranty. If you choose not to submit the information we ask for and which we consider to be the necessary personal data in connection with this, we may not be able to accommodate your request.
Storing and processing your personal data We store and process your personal data in the European Economic Area (EEA). However, for the purposes for which your personal data is collected, your personal data may be transferred to countries outside the EEA, within and between the DistIT Group, resellers and certain types of third parties as shown below. If your personal data is transferred to a third country as defined in the General Data Protection Regulation (GDPR), the applicable laws and regulations relating to such transmission are respected and relevant legal and security related measures are ensured prior to such transmission.
We may disclose your personal data to third parties to the extent required by law, court order or a decision of the competent public authority and with the intention of combating crime. In addition, we may share your personal data with the following third parties:
• Companies within the DistIT Group and retailers, with the intention of delivering products and services to you, ensure a uniform level of service for our products and services throughout the law and to improve our products, services and customer experience.
• Third-party vendors that perform services on our behalf, including invoicing, sales, marketing, IT support, advertising, analysis, market research, customer service, product service, handling and fulfillment of orders, data storage, validation, security, fraud prevention, payment processing and legal services. Such third-party providers have access to perform such services, but may not use your personal data for any other purpose.
• Third parties intend to establish, exercise or defend the DistIT Group’s rights or requirements under law.
• Third parties intend to merge, sell, form joint ventures, transfer or otherwise dispose of all or part of the DistIT Group’s assets or shares.
• Other third parties listed above only after obtaining your consent.
When we pass on your personal data to a third party, we take every reasonable precaution to ensure that such third party is bound by confidentiality and data protection obligations relating to the protection of your personal data. The transfer is made in accordance with the data protection rules, including the conclusion of data processing agreements with relevant parties to ensure that personal data is processed exclusively in accordance with our instructions, applicable law and regulations and for the purposes prescribed by us and to ensure appropriate security measures.
Storage of your personal data We do not store your data for longer than is necessary taking into account the purposes for which it was collected. How long we store the data depends on the purposes for which we collect and use it.
• Personal data relating to your purchase and product warranty information is stored and processed for a period of five years from the date of purchase, unless granted an extended warranty period. Such information may be legally processed for other purposes, including to provide you with personal benefits or personal direct marketing with your consent or to follow up on our legal requirements, for which storage of such data is necessary.
• Personal data relating to the provision of direct marketing to you is stored and processed for a period of three years from the date on which you were most active in the creation of our marketing communications or otherwise shown interest in such communications.
• Personal data relating to your use of the DistIT Group’s products is stored and processed for a period of five years from the date of first use of a particular product, but less such data is legally processed for other purposes, including for your personal benefits or for personal direct marketing with your consent or to follow up on our legal requirements for which storage of such data is necessary.
• Personal data relating to the provision of personal benefits is stored and processed for a period of five years from the last day you purchased our products.
• Personal data relating to your feedback on our products or services is stored and processed for a period of two years from the date you completed the relevant survey, questionnaire or evaluations.
• Personal data is deleted after the expiry of the aforementioned deadlines, but less such data under law must or can be stored for other purposes for which we have a legal basis.
A cookie is a small text file that is placed on your computer or mobile device when you visit a website and that allows us to recognize your computer, save your settings, understand which websites of the DistIT Group you have visited, improve the user experience by providing and measure the impact of content and ads targeting your interests, conduct searches and analysis, and assist with security-related and administrative functions. Some cookies are placed in the browser’s cache, while cookies associated with Flash technology are stored with your Adobe Flash Player files. Pixels are small electronic labels with a unique identifier that integrates into websites, online ads and / or emails, and are designed to collect usage information, exposure to ads or clicks and openings of emails, measure the popularity of ads and access user cookies. If we introduce other technology later, we can also collect data using other methods. Note that you can change your settings so that you are notified when a cookie is registered or updated or to completely block cookies. For more information, see your browser’s “help” feature. Using the Flash management tools available on the Adobe website, you can also set up the use of Flash technology, including flash cookies and locally saved items. Please note that you may not be able to access certain features or offers on our websites if you block, turn off or manage some or all cookies.
Data controller The DistIT Group is the data controller and is responsible for the processing of your personal data.
YOUR RIGHTS Access your personal data and data portability You have the right, in a structured, commonly used, machine-readable and compatible format, to access and obtain the personal data about you that you have provided to the DistIT Group, and to transmit these to one of your personal data controller.
Updating and / or deleting your personal data We would like to encourage you to notify us when the personal data you have provided to the DistIT Group changes. You can do this by contacting us by e-mail firstname.lastname@example.org. Your personal data may be deleted from the DistIT Group’s servers unless the DistIT Group is legally justified or obliged to store and process your information regardless of withdrawal of your consent. After deletion, your personal data will be deleted from the DistIT Group’s servers without undue delay, but it may take some time to ensure complete deletion of data stored in our backup.
You can also contact the DistIT Group to review, update or delete your personal data. Contact us by sending an e-mail to email@example.com. Please note that we need to verify your identity before making any changes.
Right to revoke your consent
Part of the DistIT Group’s processing operations may be based on your consent. In that case, you have the right to withdraw your consent at any time. Withdrawal of consent does not affect the legality of the processing done prior to such withdrawal. If you withdraw your consent, the DistIT Group and third parties involved in the processing of personal data will cease to process your personal data, unless continued processing or storage is permitted or required by the general data protection regulation or other applicable law or regulations. Please note that as a result of your withdrawal of consent, the DistIT Group may not be able to meet your wishes or provide any services.
Right to restrict processing and right to object You are entitled in the following cases to limit our processing of your personal data:
• if the personal data is not correct,
• if processing is not allowed, but you oppose deletion of your personal data, • if the DistIT Group no longer has any use for your personal data for processing, but they are necessary to be able to establish, enforce or defend legal claims, or
• if you have objected to processing and a check is in progress as to whether the DistIT Group still has legitimate interest in the personal data provided.
You have the right at any time to object to the processing of the personal data collected and processed with reference to the legitimate interests of the DistIT Group, e. g. when we provide you with relevant software updates, facilitate your upcoming purchases by remembering your forwarding information or when we do analysis and compile statistics on the dates and how often you use the DistIT Group’s services and products.
Furthermore, you have the right to object to the processing of your personal data for direct marketing. You can do this by unsubscribing from our marketing information, by clicking on the unsubscribe link, at the bottom of the marketing communication from the DistIT Group.
Possibility to submit complaints If you would like to lodge a complaint about infringement of privacy, please contact the DistIT Group by sending an e-mail to firstname.lastname@example.org. We will confirm receipt of your complaint as soon as possible – if possible within five working days. We will do our best to deal with complaints as soon as possible and no later than one month after the date of the same. If a response requires longer than a month, we will inform you about it and what it depends on.
If you are not satisfied with the outcome or handling of your complaint with the DistIT Group, you can submit the complaint to Datainspektionen, Box 8114, SE-10420 Stockholm or send an e-mail to email@example.com.
Data Security The DistIT Group is obliged to maintain relevant security when processing your personal data. We use the required organizational, technical and administrative measures to protect your personal data processed by the DistIT Group including access, transfer, entry, accessibility management and data separation. Access to a variety of online services at the DistIT Group is protected by access restrictions based on usernames and passwords. It is important that you always choose a password that is difficult for others to guess and that you protect your password from being cleared. Your personal data and credit card details will remain – if you have provided them to the DistIT Group – encrypted on the DistIT Group’s secure web servers. Credit card information is sent to one or more approved and certified service providers and is stored no longer than is required to process such information. Any external transfer of personal data in the DistIT Group should be protected by encryption.
All storage and processing of data on a computer unit of the DistIT Group or unit of a business partner is subject to written agreement. If you have reason to believe that your personal data is no longer processed securely, we would like to ask you to inform us as soon as possible.