Beerbliotek AB and its subsidiaries (“ Beerbliotek”, “we”, “us”) understand how important privacy is for our customers, consumers, suppliers, employees, job seekers and website visitors, and our goal with this policy is, in a clear and transparent manner, to describe how we gather, use, display, transfer and store data so that our stakeholders can feel assured that their personal data is kept safe. Beerbliotek carries out all handling of personal data in accordance with the EU General Data Protection Regulation, GDPR.
Beerbliotek AB is the party responsible for the handling of personal data within the business operation, as well as on this and other websites operated by Beerbliotek.
The easiest way to contact us is by sending an e-mail to email@example.com.
Collection of Personal Data
What is personal data
Personal data refers to all kinds of data that may directly or indirectly be attributed to a physical living person. This includes such things as names, personal ID numbers, addresses, e-mail addresses and telephone numbers. This also refers to for example, IP numbers, if such can be connected to physical persons.
The data we collect and how we do it
Beerbliotek collects personal data in many ways; however, it mainly comes directly from a party in some way linked to a contract.
Data we collect in connection with sales
When we contact existing or new customers in the sales process, we gather personal data in order to offer a supply contract. The data we save in our customer database consists of the names of companies and contacts, delivery addresses, invoicing addresses, telephone numbers and e-mail addresses.
Data we collect in connection with orders
When a customer contacts our Customer Service or a salesman in order to order products, we collect personal data in order to be able to fulfil a supply contract. The data we save in our ERP system consists of the names of companies and contacts, delivery addresses, invoicing addresses, telephone numbers and e-mail addresses.
Data we collect in contact via websites
We invite the public to contact us via our company and product websites. Mainly, we collect data needed to be able to answer any question sent to us. This consists of data such as names, e-mail addresses and/or telephone numbers. Otherwise, we only note the number of visitors to the homepage.
Data we collect upon subscription to the newsletter
Based on information in our customer database, we may from time to time send newsletters to our customers. Relevant details are names and e-mail addresses. Recipients are always able to unsubscribe from the newsletter.
Data we collect upon purchasing from suppliers
Upon the purchase of goods and services, personal data is registered in connection with the writing of contracts or placing orders. The data we save in our ERP system consists of the names of companies and contacts, telephone numbers and e-mail addresses.
Data we collect when receiving spontaneous applications
Beerbliotek receives spontaneous applications from candidates via e-mail to our info@addresses or by conventional postal mail. The data received may contain names, addresses, e-mail addresses, telephone numbers, CVs and/or images.
Data we collect when received applications for an advertised position
When advertising open positions, Beerbliotek receives applications from candidates via e-mail to our info@ addresses or by conventional postal mail. The data received may contain names, addresses, e-mail addresses, telephone numbers, CVs and/or images.
Handling and Storing of Personal Data
Beerbliotek’s legal ground for handling your personal data
Beerbliotek handles personal data in accordance with the law. It may occur that the same personal data is handled pursuant to the fulfilment of contracts, specifically with consent or pursuant to the data being necessary to satisfy other legal obligations. This means that even if consent is withdrawn, personal data may remain for other purposes. Principally, we handle data in order to fulfil a contract.
Administration of orders
In order to be able to deliver the goods that have been ordered, personal data is used in various manners. The data is used to generate orders and to book transportation. The data is also used for bookkeeping, settlements and audits, as well as for credit handling and other verifications.
We use personal data in order to be able to offer our customers service when they contact us with any questions, viewpoints or e.g., claims and complaints. That is when we use names, order numbers, e-mail addresses and telephone numbers in order to be able to contact the customer in connection with questions and other matters.
We use personal data to send important information about the business operation. The information can be sent to e-mail addresses or mailing addresses found listed in our customer database.
Beerbliotek may use customer data for marketing purposes in connection with specific events, trade fairs or similar contexts.
The handling of personal data may also occur in order for us to comply to obligations set out by law and statutory regulations, e.g., with regard to security and accounting.
We save personal data as long as is necessary to serve the purpose of the processing. Personal data in connection with contract/delivery is saved in our ERP system for seven (7) years in accordance with Chapter 7 of the Swedish Accounting Act. Personal data saved for the mailing of newsletters is saved as long as the recipient chooses to continue to receive the newsletter. Personal data in connection with recruitment or spontaneous applications is saved for six (6) months. The same personal data can be saved at several different locations for different purposes. This can mean that a data that has been deleted from one system because it is no longer necessary may remain in another system where it is stored pursuant to consent or for some other purpose where the personal data still needed.
Beerbliotek’s technical and organisational measures for the safe handling of your personal data
We continually take measures to live up to the principles of having a “built-in data protection and data protection as a standard”. We continually evaluate the risks that occur with the handling of personal data and we take the necessary security measures in order to reduce those risks.
We continually train our staff in computer security issues.
Divulging of Personal Data
Contract partners and IT providers
We make use of a number of different IT services and IT systems in our business operation. Some of these involve storing and handling of personal data. We are attentive in protecting the privacy and security of the data during all such handling. Certain systems are installed locally with us, and then only our staff has access to the data. In these cases, there is no transfer to third parties. However, some solutions are cloud solutions or are installed at the supplier’s location and this means that we transfer personal data to the supplier. In these cases, the supplier is our data processor and handles the data on our behalf and according to our instructions.
Internal IT systems
We handle personal data internally in our ERP system and in our sales support system. The systems are in place in order to be able to supply the goods that have been ordered from us and in order to be able to address questions and provide customer care in connection with carrying out these deliveries. In these systems, all the personal data we collect will be processed.
We use Microsoft Office products and systems services for our internal work. This means that your personal data will be handled by Microsoft. Personal data is saved by Microsoft in a cloud service within the EU. In the event of an extensive IT incident, Microsoft may transfer personal data to a third country (i.e., a country outside of the EU/EEA). Such a transfer will only be done in order to protect the data.
Divulging to a third country
Personal data may be transferred to a third country during the use of cloud services for the same purpose as described above. Regardless of the country to which Beerbliotek transfers your personal data, Beerbliotek has an obligation to ensure a satisfactory level protection in order to protect your personal data.
Necessary handling of personal data
Personal data required for us to be able to fulfil contracts or in order for us to be able to fulfil a legal obligation is allowed without prior consent.
Right to control over personal data
Everyone is entitled to request to have his/her data deleted, supplemented or corrected. Everyone is also entitled to request that the handling of personal data is limited to certain purposes and, for example, not be used for marketing purposes.
Information regarding what personal data we have registered is available by submitting a written request to: firstname.lastname@example.org.