Privacy Policy

This privacy policy applies to the processing of all personal data by Trepak International AB, hereinafter referred to as the Company, collected both on the website and in connection with the procurement and delivery of products and services.

The Company applies the General Data Protection Regulation (GDPR) with supplementary legislation.

 

Personal data processed by the Company

Suppliers

Personal data processed by the Company regarding its Contact persons include name, address, telephone number, email address, CV, and in some cases personal identity number.

 

Customers

Personal data processed by the Company regarding its Contact persons include name, address, telephone number, email address, and in some cases personal identity number.

 

Purpose and legal basis for processing personal data

Suppliers

Based on contract, the Company processes contact persons’ personal data for the following purposes:

  • Managing, administering, and fulfilling orders and communication that may arise in connection with tenders or contracts.
  • Execution, management, administration, follow-up, etc., of the current business relationship and its deliveries, including communication via telephone, email, SMS, or other communication channels, as well as invoicing and payment purposes.

Based on legitimate interest, the Company processes personal data for the following purposes:

  • Execution, management, administration, follow-up, and evaluation of supplier surveys.
  • Marketing of business activities, projects, and events.

 

Customers

Based on contract, the Company processes contact persons’ personal data for the following purposes:

  • Execution, management, administration, follow-up, etc., of the current business relationship and its deliveries, including communication via telephone, email, SMS, or other communication channels, as well as invoicing and payment purposes.

Based on legitimate interest, the Company processes personal data for the following purposes:

  • Execution, management, administration, follow-up, and evaluation of customer surveys.
  • Marketing of business activities, projects, and events.

 

Protection of Personal Data and Access

The Company implements appropriate technical and organizational security measures to protect personal data from, among other things, loss, misuse, and unauthorized access.

Only persons within the Company who, within their employment, need to process the personal data for the purposes stated above will have access to them.

The Company may disclose personal data to data processors, other companies within the group, or third parties as described below, in accordance with applicable data protection laws.

  • To recipients within the group to enable global management of personal data for the purposes mentioned above.
  • To data processors. The Company may engage data processors for business purposes as part of its normal operations. In such cases, the Company will require that the processor uses appropriate technical and organizational security measures to protect personal data and ensures that processing only takes place in accordance with the Company’s instructions.
  • To authorities if the Company is obliged to do so or if the Company needs to protect its own or third-party rights.
  • To third parties in connection with the sale or other transfer of part of the Company’s business.
  • To third parties in emergencies where the health and safety of an employee or another person is at risk.
  • To third parties to safeguard the Company’s rights.

Some recipients of personal data may be located or operate in a country where data protection legislation differs. The Company will ensure that an adequate level of protection is maintained for all transfers of personal data.

 

Retention and Deletion of Personal Data

The Company will process and store personal data for as long as necessary in relation to the purposes for which the data was collected.

Certain personal data will be deleted when the cooperation ends. Other personal data will be stored for a longer period due to legal obligations requiring the Company to retain the data, for example when needed to protect the Company’s rights. As the statute of limitations for potential claims against the Company expires, the data will be deleted. The Company may also need to retain personal data related to specific projects for the duration of such projects.

 

Rights

A contact person has the right to access their personal data, request correction of personal data, object to the processing of personal data, request restriction of processing, or request deletion of their personal data processed by the Company, in accordance with rights set out in data protection legislation. These rights may be limited by other provisions of data protection law or if such a request would be inappropriate in an individual case.

A contact person has the right to withdraw consent previously given for specific processing.

If a contact person has questions about or wishes to exercise any of these rights, the Company should be contacted as stated below.

A contact person has the right to submit complaints regarding the processing of their personal data to the Swedish Authority for Privacy Protection (IMY). Contact details can be found at http://www.imy.se.

 

Contact Information

Trepak International AB, corporate ID number 556439-1612, with the address Kantyxegatan 9, 213 76 Malmö, or email info@trepak.se, is the data controller for the processing of your personal data. This means that Trepak is responsible for ensuring that your personal data is processed correctly and in accordance with applicable data protection legislation.