Privacy guideline

What is GDPR?
The GDPR (General Data Protection Regulation) is a regulation from the EU that came into effect on May 25, 2018. The GDPR provides you as an individual with strong protection and numerous rights concerning a company's handling of your personal data.

What is personal data, and what does the processing of personal data entail?

Personal data is any type of information that directly or indirectly can be linked to a living individual. For instance, images and sound recordings can be personal data, even if no names are mentioned. Encrypted data and various electronic identities, such as IP addresses, are also personal data if they can be linked to physical individuals.

By processing, we mean all actions and handling involving personal data. This can include collection, reading, registration, storage, processing, and distribution.

Where do we collect personal data?
We collect your personal data directly from you when you contact us, apply for jobs with us, and other activities. Personal data is also collected from you when you establish or wish to establish a contract with Tyréns.

We may also receive your personal data from others, such as your employer, Tyréns contract partners, or other companies within the Tyréns Group. We may also collect personal data from publicly accessible private and public registers.

What personal data do we collect?
The personal data we collect usually depends on why you contact us at Tyréns. Tyréns processes personal data about you if you are an individual, a current or potential customer, subcontractor, or supplier to Tyréns.

The personal data that we process includes basic information such as name, title or position, CV, personal identification number; contact details such as email address, postal address, and telephone number. We also process financial information such as billing details, personal data in connection with events, and online identifiers such as IP.

You can read about Tyréns' processing of personal data in camera surveillance of Tyréns premises here. (Länka till Svenska sidan.)
Why, and on what legal grounds does Tyréns collect your personal data?
Tyréns keeps a record of the personal data processing activities carried out within the company (a so-called record of processing activities). At Tyréns, we handle your personal data based on the purposes and legal grounds described in the examples below.

The purpose of collecting your personal data includes, but is not limited to:

• Executing, managing and providing our consulting services as per contract,
• Fulfilling our obligations as per applicable laws and regulations,
• Ordering and managing services and goods from our subcontractors or suppliers,
• Recruiting you as an employee, or
• Executing marketing and event activities.

Tyréns processes your personal data based on the following legal grounds:

• The processing is necessary for the conclusion and/or performance of a contract with Tyréns, either as a customer, subcontractor or supplier,
• The processing is necessary to meet our legal obligations and comply with applicable laws and regulations (for example, accounting laws),
• The processing is necessary for purposes based on our legitimate interest (for example, business development, recruitment, marketing or running our business - provided that Tyréns' interest outweighs your interest in protection of personal privacy),
• The processing is necessary for us to establish, assert or defend legal claims in connection with disputes, or
• Consent (for example, at events and subscription of newsletters or other information from Tyréns).

Who might we share the information with?
To fulfill our obligations, your personal data may be shared with and transferred to other companies within the Tyréns Group. We may also share and transfer your personal data to Tyréns' contractual or cooperation partners. We will ensure that your personal data is protected when transferred to a legal entity. By setting up a data processing agreement, we ensure that your information is safe and that the processing of your personal data is carried out in accordance with applicable data protection legislation.

Your personal data may also be disclosed if it is necessary to comply with applicable laws or government requirements, to safeguard Tyréns' legal interests, or to detect, prevent, or draw attention to fraud, technical or security issues.

Where do we process your personal data?
As your security is crucial to us, Tyréns always strives to process personal data within the EU/EEA. Tyréns' own IT systems are within this area, and we aim to ensure that any information that may be sent to other systems is transferred and processed solely within the EU/EEA.

If personal data is transferred outside the EU/EEA, Tyréns will take appropriate and necessary protective measures to ensure the protection of your personal data and the preservation of your rights and freedoms.

How long will we keep your data?
Your personal data will be stored for as long as it is necessary to fulfill the purposes for which the personal data was collected in accordance with this Privacy guideline. The length of time for which Tyréns retains personal data depends on the purposes for which we collect and use it and/or as required to comply with applicable laws.

What are your rights?
As a data subject, you have a number of rights including:

• The right to be informed about our processing of your personal data.
• The right to have your personal data corrected if it's inaccurate and to have incomplete personal data completed.
• The right to object to processing of your personal data.
• The right to have your personal data erased, also known as "the right to be forgotten".
• The right to request access to your personal data and to obtain information about how we process it.
• The right to move, copy or transfer your personal data ("data portability").
• Rights in relation to automated decision making including profiling.

If you wish to exercise any of these rights, you are welcome to contact us.

Right to Withdraw Consent
If we have obtained your consent during the processing of your personal data, it means that we have obtained your approval to handle the personal data. We store personal data as long as you consent to us contacting you, such as for marketing purposes, during recruitment, events, or other information from Tyréns.
You have the right to withdraw your consent at any time by contacting us.

How is your personal data protected?
Tyréns takes the protection of personal data seriously. We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, altered, disclosed, or accessed without authorization. In addition, we limit access to your personal data to those employees, agents, contractors, and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

How does Tyréns use cookies? 
We use only necessary cookies to improve your user experience with us. 

Contact us
If you have any questions about our processing of your personal data, or if you want to exercise your rights, you are welcome to contact Olof Dedering (CIO), f you are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority.

Tyréns Group Privacy guideline in Swedish (pdf)