How Nimbus Boats Sweden AB is preparing for the data protection regulations
Nimbus Boats Sweden AB is well under way with adapting the business to the Data Protection Regulation GDPR, which comes into force in May 2018.
The General Data Protection Regulation replaces the Swedish Personal Data Act, PUL, in our country and will also be complemented with national regulations.
The new regulations, adopted by the EU in April 2016, focus strongly on increased protection of privacy. It must be stated clearly as to the purpose of the use of the personal data.
For you as an individual, the stricter regulation means that you have better control over your personal information. The change feels positive even for us as a company. We want news and other relevant information concerning Nimbus, to reach you.
This information security policy applies to Nimbus Boats Sweden AB (Nimbus). The aim of the policy is to protect our customers, the business and our employees’ information.
The policy shall be available to all employees. The CEO/manager responsible shall ensure that all employees and students have read and understood the significance of this policy. Employees must comply with this policy.
How we process your personal data
Nimbus processes your personal data in order to be able to handle our customer supplier relationship. We therefore record customer information, purchases, service etc. for the products and services you order, buy, sell. On our website we have cookies to customise page views on our websites in order to increase relevance to you. The personal data is also used to contact you and to communicate information and offers.
Nimbus does not share your personal data with anyone other than the suppliers you purchased products from as well as suppliers of our IT systems.
We secure your personal data and rights through assistance agreements with these suppliers.
Nimbus is located within the EU / EEA and is therefore covered by European regulations and directives on data protection and privacy. Our privacy policies and guidelines respect and comply with the GDPR.
How we work with your personal data
To handle our customer relationships in general and to fulfil our customers’ commitments, Nimbus requires some information about you in your role as a customer contact or a service user. Our objectives with this are:
a) Provide offers on goods and services that customers or potential customers have requested.
c) Carry out deliveries in accordance with a customer agreement.
e) Improve the quality of our goods and services.
f) Discover and prevent security threats and undertake maintenance and troubleshooting.
h) Communicate information relevant to our deliveries in particular and our customer relationships in general
i) Order placement, invoicing, payments and other financial follow up of Customers and suppliers.
Processing according to the above stated objectives is necessary in order to be able to handle our customer relationships. Nimbus therefore does not need to ask for your consent to process your personal data.
customer register or third party’s social network.
How we process your data
The type of data that Nimbus processes about you may be:
– Your own and the customer’s contact details, e.g. name, address, telephone number and e-mail address.
– Feedback, comments or questions about Nimbus as a supplier, or about our goods and services
– Other personal data in your profile on third party social networks (Facebook etc.)
– If you post, comment or similar on any public forum or Nimbus site, such information can be read and used by anyone who has access to the website and for purposes that neither Nimbus nor you have control over. Nimbus is not responsible for information you submit to such forums or Nimbus websites. Nimbus will not use any comment or similar made by you without your prior consent.
– As a data controller, Nimbus does not handle sensitive personal data about you.
How we share your personal data
Nimbus will not share your personal information with third parties who intend to use the data for marketing purposes unless you have given your consent to this.
Nimbus may share your personal data with third parties for other purposes but only in the following context may share your personal information with our partners if legitimate from a business perspective. For example, if you make a purchase, where this includes another product covered by Warranty.
The police and other authorities may require the surrender of personal data from Nimbus. In these cases, Nimbus will only submit data if there is a court order to do so.
You are entitled to opt out of marketing communications from Nimbus and can do so by:
(a) following the instructions for removal in marketing communication,
(b) Contacting us by e-mail
Note that even if you do not choose to receive marketing communications, you can still receive administrative communications from Nimbus, such as order confirmations and messages.
Access and change of information.
You are entitled to request a copy of your personal information. You can send us a request for this. You also have the right to request Nimbus to correct any errors in your personal information.
How long do we store your personal data?
Nimbus only retains your personal information as long as necessary for the stated purpose, while considering our need to answer questions or resolve issues and to comply with legal requirements under applicable laws.
This means that we can keep your personal information for a reasonable time after your last interaction with us. When the personal data we collect is no longer required, we will destroy or delete this safely. We may process data for statistical purposes, but in such cases, data will be anonymised.
You can find the dates on the latest revision of the policy below.
• May 2018
How to contact us