1. Introduction and purpose
All physical and legal persons who use the Platform.
Any information relating to an identified or identifiable natural person. It is crucial that the information, individually or in combination with other information, can be linked to a living natural person. Typical Personal Data are social security numbers, names, and addresses. Images and sound recordings of individuals processed in computers may be Personal Data even if no names are mentioned.
Processing of personal data
An action or combination of actions concerning Personal Data. For example, collection, registration, storage, organization, structuring, etc.
The website https://crownwood.club
The natural person who, directly or indirectly, can be identified through the Personal Data.
3. Person responsible for personal data
The Company’s contact person for personal data matters:
Name: Christian Lundin
4. Processing of personal data
Which Personal Data does the Company process
The Company tries to work primarily through the principle of data minimization regarding storage of Personal Data by only processing Personal Data that is necessary, adequate, and relevant for each individual purpose (according to the principle of purpose limitation and data minimization).
The most common Personal Data processed are as follows: name, social security number, telephone number, address details, email address, payment and account details as well as Personal Data that other Personal Data Controllers provide to the Company.
Legal basis for processing personal data
To process Personal Data requires a so-called legal basis (according to the principle of legality, correctness and openness). The legal basis that the Company primarily bases its processing of personal data on is Agreement. This legal basis gives the Company the right to process Personal Data in order to fulfill its obligations under the Agreement with the Registered.
Legal obligation is another legal basis for processing Personal Data that the Company can base its processing on. For example, for the Company to fulfill its legal obligations under the Accounting Act (1999:1078). In such cases, only necessary Personal Data is processed and stored (according to the principle of storage minimization). Personal data that is part of necessary accounting documents is stored as long as required by law.
Legal basis for processing personal data may also be based on balancing interests in certain cases. For example, the Company may process Personal Data that appears in order confirmations in order to market its services. However, sensitive information is never processed based on balancing interests.
The Company always has the right to process necessary Personal Data in order to comply with applicable law, demand payment for an overdue claim, report a debt or protect its rights and property as well as prevent fraud (through balancing interests based on legitimate interest).
Legal basis for processing personal data exists even if the Registered consents to such processing through voluntary active approval. Such consent can be obtained among other things by allowing Registered persons to actively approve such processing of Personal Data. Registered persons have the right at any time to revoke any consent given and in such cases processing of their Personal Data shall cease. This applies provided that such Personal Data is no longer necessary for the Company to fulfill its obligations under an agreement or other legal obligation arising from applicable legislation.
Why does the company process personal data
According to GDPR, personal data controllers may only collect personal data for specific purposes that are explicitly stated and justified (according to the principle of purpose limitation).
Personal data is mainly processed for the Company to fulfill obligations under agreements and to enable contact with Users, suppliers, partners and other stakeholders. Personal data is also processed in order to be able to deliver ordered services and to operate, provide and maintain the Platform (Legal basis: Agreement).
The Company also needs to process Personal Data in order to offer a good service, for example regarding marketing, follow-up and information. The Company may also process Personal Data for internal customer and market analysis. The Registered always has the right to object in writing to the Company using Personal Data for direct marketing (Legal basis: Interest balancing with support in legitimate interest).
The Company also processes Personal Data in order to be able to handle necessary administrative matters and fulfill legal obligations under law, such as legal obligations under the Accounting Act (Legal basis: Legal obligations).
How the Company collects Personal Data
The receipt of Personal Data usually takes place through the Company entering into agreements, Users registering Personal Data when creating a user account in the Platform, as well as through the Company being contacted via e-mail, telephone or via contact form on the website www.oresundsgk.se.
The Company may also gain access to Personal Data through information such as:
- Users as data controllers provide the Company,
- The company can retrieve from public records,
- The company receives in connection with registration for the company’s newsletter, network meetings, seminars, activities and similar,
- The company receives in connection with the purchase of the company’s events, services and / or products.
Where personal data is stored
The company stores personal data within the EU (according to the principle of integrity and confidentiality). In cases where personal data is stored in a country outside the EU, the storage location must comply with the provisions of applicable data protection legislation. Any physical documents, such as contracts or receipts, are stored out of reach of unauthorized persons.
The company’s starting point is not to disclose personal data to third parties without consent from the Registered or if it is not necessary for the Company to fulfill its legal or contractual obligations.
How long personal data is saved
Personal data may not be stored for longer than necessary to fulfill the purposes for which they were collected. Personal data that may no longer be stored is deleted at regular intervals (according to the principle of storage minimization).
The company saves personal data as long as they are needed and necessary to fulfill the purposes for which the information was collected. The personal data may be saved for a longer period if it is necessary for the company to comply with applicable legislation.
5. Security measures
The company has developed various security measures focusing on the integrity of the Registered and the systems protect against intrusion, destruction and other changes that may pose a risk to integrity (according to the principle of integrity and confidentiality). The company has established internal procedures to ensure secure personal data processing. The company works according to data protection principles and ensures that all personnel are aware of the principles by documenting them in internal procedures.
The company implements appropriate technical and organizational measures to protect Personal Data and to ensure that processing is carried out in accordance with applicable data protection legislation. The company has taken security measures to protect against misuse, loss and changes to processed Personal Data (according to the principle of integrity and confidentiality). Among other things, internal records and systems are password-protected, which also undergo password changes at least annually and when needed. In addition, there are procedures for personnel with access to the Company's databases and systems containing Personal Data, to protect the data.
6. Rights of the Registered
The Registered have the right to access their Personal Data free of charge, have incorrect Personal Data corrected, moved (data portability), deleted (according to the principle of accuracy) as well as the right to object to Personal Data being used for direct marketing and profiling. The Registered also have the right to information about data breaches.
The Registered should contact the Company's contact person for personal data matters if they wish for any of the above.
7. Complaints and personal data incidents
If a Registered has any complaints about the Company's processing of Personal Data, a report can be made to the Company's contact person for personal data matters or to the Data Inspectorate which is a supervisory authority.
A data breach or other event that results in loss of control over processed Personal Data constitutes a personal data incident. Any personal data incidents should be reported without delay to the Company's contact person for personal data matters. All such events should be documented internally and reported to the Data Inspectorate within 72 hours.
The company hires subcontractors as part of its service/product delivery. These subcontractors act as sub-processors and through these some Personal Data may be processed on behalf of the Company. This means that the Company may disclose Personal Data to such sub-processor in order to fulfill its obligations under contract, applicable legislation, requirements from authorities, in order to safeguard Company's legal interests or in order to detect and prevent technical or security problems.
The Registered has the right at any time to request a complete overview and more detailed information about which sub-processors are involved in processing Registered Personal Data in order to enable delivery of Company's services.
9.1 What are cookies?
9.3 Disabling Cookies
You can prevent the setting of cookies by adjusting the settings on your browser (see your browser Help for how to do this). Be aware that disabling cookies will affect the functionality of this and many other websites that you visit. Disabling cookies will usually result in also disabling certain functionality and features of this site. Therefore it is recommended that you do not disable cookies.
9.4 The Cookies We Set
Account related cookies
Login related cookies
Newsletter related cookies
This site offers newsletter or email subscription services and cookies may be used to remember if you are already registered and whether to show certain notifications which might only be valid to subscribed/unsubscribed users.
Order processing related cookies
This site offers e-commerce or payment facilities and some cookies are essential to ensure that your order is remembered between pages so that we can process it properly.
Survey related cookies
Forms related cookies
When you submit data via a form such as those found on contact pages or comment forms cookies may be set to remember your user details for future correspondence.
Site preferences cookies
In order to provide you with a great experience on this site we provide the functionality to set your preferences for how this site runs when you use it. In order to remember your preferences we need to set cookies so that this information can be called whenever you interact with a page is affected by your preferences.
9.5 Third Party Cookies
This site uses Google Analytics which is one of the most widespread and trusted analytics solution on the web for helping us to understand how you use the site and ways that we can improve your experience. These cookies may track things such as how long you spend on the site and the pages that you visit so we can continue to produce engaging content.
For more information on Google Analytics cookies, see the official Google Analytics page.
Third party analytics are used to track and measure usage of this site so that we can continue to produce engaging content. These analytics may track things such as how long you spend on the site or pages you visit which helps us to understand how we can improve the site for you.
From time to time we test new features and make subtle changes to the way that the site is delivered. When we are still testing new features these cookies may be used to ensure that you receive a consistent experience whilst on the site whilst ensuring we understand which optimisations our users appreciate the most.
The Google AdSense service we use to serve advertising uses a DoubleClick cookie to serve more relevant ads across the web and limit the number of times that a given ad is shown to you.
We also use social media buttons and/or plugins on this site
- Last updated on .