Prodiem values your privacy and therefore strives to always protect your personal data in the best possible way and to comply with all data protection laws and regulations in force at any given time.
Prodiem AB, org.no. 556637-4186, and Prodiem Rekrytering AB, org.no. 559153-9464 (collectively “Prodiem”) are joint controllers of your personal data. To the extent that one of the Prodiem companies is required by law to process your personal data, that Prodiem company alone is the controller for that specific processing. You can read more about this below under the heading “When are Prodiem AB and Prodiem Rekrytering AB joint controllers, and what does this mean?”
If you wish to contact us, you can reach us at Saltmätargatan 7, 113 59 Stockholm, telephone number +46 8-534 801 30, and email address dataskydd@prodiem.se.
Through this privacy policy, we wish to inform you about how we process your personal data when you:
In summary, we process all your personal data for the following main purposes:
Note: if you are a candidate or consultant, this policy does not apply; separate policies apply for candidates and consultants.
We provide more detailed information below about how we process your personal data. By reading our privacy policy, you will, among other things, receive information about the personal data we process about you, the legal basis we rely on for processing, how long we handle your personal data, and the purpose of processing your data. We also describe the rights you have to influence our processing of your personal data.
The personal data we process about you is the data we have received from you or the organization you represent, such as your name, email address, phone number, organization affiliation, and/or title/role. If you represent a potential customer, we may have obtained or purchased your personal data from a third party.
Management of Customer Relationships When you are a contact person for a current customer, we process your personal data to the extent necessary to manage the customer relationship. The personal data we process is, as a rule, your name, email address, phone number, organization affiliation, and title/role. We may also process any personal data that emerges from communication with you. Processing of your personal data in managing customer relationships may occur, for example, when we negotiate and enter into agreements with the organization you represent or otherwise communicate with you in your capacity as the customer’s contact person. We may also process your name on invoices where you are specified as a reference.
If we receive an organizational chart from our customer that includes you, we process personal data about you, such as your name, job title, and any other personal data shown on the chart.
The legal basis for processing your personal data is Prodiem’s legitimate interest in managing the relationship and agreement with the customer and communicating with you as the customer’s contact person. We also process your personal data when necessary to fulfill legal obligations Prodiem has, e.g., to comply with the Accounting Act if you are named as a reference on an invoice.
Handling Complaints and/or Legal Claims To handle complaints and/or legal claims where the organization you represent is involved, Prodiem processes personal data relevant to the complaint and/or claim, such as your name, email address, phone number, organization affiliation, title/role, and any other information relevant to the complaint and/or claim.
The legal basis for processing your personal data is Prodiem’s legitimate interest in handling the complaint and/or claim.
Sending Newsletters and Relevant Offers When you are a contact person with our customer, we process your personal data to send newsletters and relevant offers via email. To do this, we process your name, email address, organization affiliation, and title/role.
The legal basis for processing your personal data is Prodiem’s legitimate interest in sending marketing to you as a representative of our customer.
Resuming a Previous Customer Relationship and Establishing a New Customer Relationship if You Change Jobs If you represent an organization that was previously a customer of Prodiem, we may process your name, email address, phone number, organization affiliation, and title/role to attempt to resume the customer relationship.
The legal basis for processing your personal data is Prodiem’s legitimate interest in working to resume a previous relationship.
If you change jobs and thus no longer represent the organization that is our customer, we may save your personal data to establish a customer relationship with the new organization you represent; see more information below in the section “If You Represent a Potential Customer.”
Establishing a New Customer Relationship If we have come into contact with you in connection with, for example, introductory meetings, business purposes, or similar situations (including contact with you at your previous employer), or if we have received or collected your personal data from a third party, Prodiem may process your personal data to establish a customer relationship with the organization you represent. To do this, we process your name, email address, and organization affiliation to send newsletters and relevant offers via email. We may also process your phone number to contact you. Outdated personal data is replaced (when possible) with current data, such as your new email address when you change employers.
The legal basis for processing is Prodiem’s legitimate interest in sending marketing and/or contacting you as a representative of an organization that has shown interest in Prodiem’s services or which we believe may be interested in them.
To Communicate with You and Respond to Your Message To communicate with you and respond to your message that you sent via our contact form or email, we process your name, email address, phone number, and any other information you provided in the contact form or email.
The legal basis for processing is Prodiem’s legitimate interest in responding to your message and contacting you as you chose to contact us.
Prodiem AB and Prodiem Rekrytering AB are joint controllers for all processing of your personal data described in this policy, except for such processing that each company is required by law to perform, e.g., to comply with the Accounting Act’s requirements when you are named as a reference on an invoice. For such processing, each Prodiem company is solely responsible.
Joint controllership means that Prodiem AB and Prodiem Rekrytering AB are jointly responsible for ensuring that your rights under current data protection legislation are met. You can always contact either Prodiem AB or Prodiem Rekrytering AB to exercise the rights described below under “Your Rights” when the companies are joint controllers.
Prodiem AB and Prodiem Rekrytering AB have agreed on their respective roles and relationships with you as a data subject. The agreement essentially means that Prodiem AB is primarily responsible for ensuring that your rights under the GDPR are met. If you want to know more about joint controllership and how Prodiem companies have allocated GDPR obligations, feel free to contact us at the contact details provided on the first page of this privacy policy.
When we process your personal data based on a legitimate interest as the legal basis, we have assessed that our legitimate interest in carrying out the processing outweighs your interest and fundamental rights not to have your personal data processed. If you would like to know more about how we have made this assessment, feel free to contact us. Our contact details are at the beginning of this privacy policy.
As a rule, your data is only processed by Prodiem. However, we may also share your information with our data processors as outlined below.
If you are included in an organizational chart provided to us by our customer and your employer, we retain your personal data as long as the organization is a customer or until we receive information that you no longer work for the customer, or we receive an updated organizational chart where you are not included.
If you represent a customer, we retain your personal data while the organization is a customer and for a certain period after the customer relationship has ended, provided we have not been informed that you no longer represent the customer, in which case we will stop processing your personal data. Regarding retention after the end of the customer relationship, this time varies depending on what is relevant to enable contact for resuming the customer relationship. We review and delete personal data we deem no longer relevant every two years. This means that we retain your personal data at least until the review closest to the end of the customer relationship, which may occur up to two years thereafter. However, we may retain your data longer. You also have the right to object at any time to our processing of your personal data, which may affect our retention period (read more under the heading “Your Rights”).
In some cases, we may process your personal data for a different period than stated above. This applies in the following cases:
We retain your personal data until we can determine whether the organization you represent is interested in our services. The length of this period varies from case to case. To keep our records up-to-date, we conduct an annual review and delete any personal data we no longer consider relevant. This means that we retain your personal data at least until we complete our annual review. However, we may retain your data longer. You have the right to object at any time to our processing of your personal data, which may affect our retention period (read more under the heading “Your Rights”).
Regarding newsletters and relevant offers via email communications, we will send these during the same period described above or until you object to the processing or unsubscribe from the email communications.
To respond to your message and assist you with your matter when you use the contact form on our website, we process your personal data from when you send us your message until your matter is resolved.
If you contact us as a representative of an organization that is a potential customer, we will also process your personal data in the manner described in this policy regarding individuals representing a potential customer.
As a rule, Prodiem processes your personal data within the EU/EEA. However, we may transfer your information as described below.
When we transfer personal data outside the EU/EEA, we do so only if we have implemented appropriate safeguards for the transfer in accordance with applicable data protection laws and regulations. Transfers to the USA are only made to Privacy Shield-certified organizations, which Prodiem has ensured our provider is. Privacy Shield is an agreement between the EU and the USA aimed at protecting the fundamental rights of Europeans and ensuring legal certainty for organizations transferring personal data to the USA. If you have any questions about how we share your personal data or if you would like a copy of the appropriate safeguards we have implemented, please feel free to contact us.
You have certain rights regarding the processing of your personal data, which are described in more detail below. To exercise your rights, feel free to contact us using the contact details provided at the beginning of this policy.
You have the right to obtain confirmation as to whether personal data concerning you is being processed and access information about how the personal data is processed, e.g., the purposes of the processing and the categories of personal data involved. You also have the right to receive a copy of the personal data being processed.
You also have the right to have incorrect personal data corrected without undue delay, and to supplement incomplete personal data by providing information.
You have the right to request the erasure of your personal data under certain conditions. These conditions exist if:
Prodiem will erase your personal data upon your request, provided that Prodiem does not have an obligation to retain the personal data in accordance with applicable data protection laws and regulations.
You have the right to request the restriction of processing of your personal data under certain conditions. These conditions exist if:
You have the right to object at any time to the processing of your personal data based on Prodiem’s legitimate interest, e.g., customer relationship management. If you object to your personal data being processed for marketing purposes, your personal data will no longer be processed for such purposes. For other purposes, however, Prodiem may continue to process your personal data, provided that Prodiem can demonstrate compelling legitimate grounds for the processing that outweigh the data subject’s interests or if it is for the establishment, exercise, or defense of legal claims.
You have the right to file a complaint with a competent supervisory authority (without prejudice to any other administrative or judicial remedy). Such a complaint should preferably be submitted to the authority in the EU/EEA Member State where you reside, work, or where an alleged breach of applicable data protection laws and regulations has occurred. The competent supervisory authority in Sweden is the Swedish Data Protection Authority (Datainspektionen).
______________________This privacy policy was established by Prodiem AB and Prodiem Rekrytering AB in 2018
