Starting 25 May 2018, the General Data Protection Regulation (GDPR) applies as law to all EU and EES member states. It is the largest law reform concerning personal privacy of the last 20 year and brings with it many changes. These include a strengthening of personal privacy for individuals and increased responsibility for those entrusted with personal information.
We began early on to work within our organisation to guarantee that we fulfil the obligations of GDPR. We take our customers’ good faith very seriously and it is a given that when we are entrusted with your personal information that we do not handle more information than is necessary and also that it is handled in a safe and secure manner.
We have always placed great importance on personal privacy and protecting our customers. We know that many who are in the later stages of life sometimes need extra help. We have appointed a Data Protection Officer whose task is to review how we work with questions concerning GDPR, who will continue our work even after the law has come into force.
During our preparations we have reviewed our organisation and mapped out all the personal information we handle. We have also worked on actively developing our routines, continued to review our business and our contracts, educate our employees and scrutinise our security system. The operations conducted under us is certified for ISO 27001, which has provided a good foundation for our work. Our ambition is that your information shall never be exposed to risks and that the people who work with your information are aware and work according to our safety and secrecy requirements.
Processing of personal information
The data entered in our system by our customers, and in some cases their users, is processed only according the customer’s instructions and conditions in our current and updated contract or general conditions. We will not share your information with recipients in a third country recipients without your knowledge and consent.
Use of subcontractors
We generally handle all tasks concerning personal information in-house, but we also can entrust certain third-party contractors who support us in our work. We are very meticulous in our selection process and make sure that our contractors have good competence and can maintain the proper secrecy and security level. We will ensure that you are provided with information about our contractors who receive your personal information before you begin to use a service we offer.
Security and safety
According to GDPR we shall work according to suitable technical and organisational actions necessary to ensure a suitable security level for your personal information. We strive to always provide the latest security and build a secure infrastructure that guarantees the safe deployment of our services, safe data storage, secure communication and a secure and private communication with our customers through our information channels such as internet, telephone and e-mail.
Security in our infrastructure has been constructed in levels that build upon one another. We use, for instance, encryption, verification, security keys and anonymisation in order to protect your information. Through our service and in our alarm centres, we handle certain personal information, which receives additional, stronger protection.
How does this affect you as a customer?
In relation to the municipalities that use our products and services, we are first and foremost personal information assistants. This entails that personal information belonging to an individual is managed and stored in our systems on behalf of the municipality. It is the municipality that is principally responsible for the information, but we fulfil what is required of us. These requirements have increased with GDPR. We have therefore limited and updated our personal information assistant agreements, supplier agreements and storage times.
We have gone through our customer records, reviewed and ensured that all information we store about you is necessary for us. We have developed our routines and have created a new system for you to easily get in touch with us and exercise your rights under GDPR. This will give you stronger protection and make it easier for you to stay informed.
Do not forget to regularly keep up to date regarding other companies’ work with GDPR, such as Google or Facebook. We cooperate with these companies, but we are not responsible for that personal information you supply them with because we cannot manage or decide how that information is managed.
We will also continually work with our management of personal information and GDPR and will, as a necessity, update our homepage and provide more information about our continued work. Please return to our homepage regularly to keep yourself updated.
As ours customer, you can easily request and be provided with material that informs about all management we conduct regarding your personal information, including who we share the information with. You can also request that we correct your information, complete it or erase it, or even provide it to someone else (data portability). If you wish to request any of the above, please use this form to request information and this form to request transfer, deletion, correction or restriction.
We may deny a repetitive request, one that compromises another’s personal privacy or that violates any laws.