PRIVACY POLICY

Legal basis, personal data

Our Privacy Policy explains how we collect, use, and protect your personal data. We also explain for what purposes we process your personal data, the categories of personal data that are processed, the legal basis upon which this processing is carried out, and how long we store your personal data. The policy also describes your rights regarding your personal data.

It is important that you read and understand the Privacy Policy.

Collection of personal data

What items of personal data do you process?

We only process personal data when we have a legal basis for doing so. We do not process personal data except when necessary in order to fulfil our obligations in accordance with law or other statutory requirements.

Here are a few examples of your personal data that we need to process:

In addition to the data that you provide to us or that we collect from you based on your purchasing behaviour and how you use our services, we may also collect personal data from a third party. This data may include address information from public records in order to ensure that we have your correct address details or, where invoicing is involved and VAT numbers checked, the correct company details.

Sharing and transfer of personal data

Personal data may be transferred for necessary processing to other companies that Kåbe-Mattan AB collaborates with, such as for marketing purposes (media agencies, etc.), payment solutions, and IT services, as well as for handling claims with manufacturers and direct deliveries from suppliers.  In addition, Kåbe-Mattan AB may be legally required to disclose information to government authorities, such as the police and the Swedish Tax Agency. We may also disclose personal data to companies that handle general merchandise transport (e.g. logistics companies). In these cases, the partners process the data as independent data controllers in accordance with their own policies.

Kåbe-Mattan AB strives to process personal data within the EU/EEA, and to collaborate with partners and suppliers who process personal data within the EU/EEA. Where this is not possible, processing of personal data may take place outside the EU/EEA in countries considered to have an adequate level of protection as determined by the EU Commission or through the use of appropriate protection measures, e.g. standard agreement clauses, binding internal company rules, or US Privacy Shield. Regardless of the country in which personal data is processed, we implement all reasonable technical, legal, and organisational measures in order to ensure that the level of protection is the same as within the EU/EEA.

Storage of personal data

We never keep your personal data for longer than is necessary for the relevant purpose.

Right of Access

We are open and transparent about how we process your personal data. If you would like to know specific details about which items of your personal data that we process, you may request access to your file. You will receive a record extract showing the purpose, category of personal data, categories of personal data recipient, storage period, and information on the sources from which the data in question were collected. Upon receipt of such a request, we will request additional information in order to verify the specific data you wish to access and that we release the data to the correct person.

Right to Rectification and Erasure

In instances where the data is found to be inaccurate, you may request that your personal data is corrected. Within the framework of the specified purpose, you are also entitled to supplement any incomplete personal data.

Right to Erasure

You may request that your personal data we process is erased if:

There may be reason for us to reject your request for erasure in instances where there are legal obligations that prevent us from doing so. This may be due to the fact that processing of the data in question is required in order to exercise our right to free speech and for freedom of information purposes, to satisfy a legal obligation to which we are subject, or to be able to establish, enforce, or defend legal claims.

Right to Restriction of Processing

You are entitled to request that our processing of your personal data is restricted. This involves us flagging the data in question so that we only process it for certain specified purposes in the future.

Legitimate Interest and Right to object

You are entitled to object to processing that is based on a legitimate interest that we have if you have personal reasons for doing so. However, we may continue to process your personal data despite you having raised objections in instances where we have pressing legitimate reasons for processing that outweigh your privacy concerns.

Direct Marketing

You have the right to object to the processing of your personal data for direct marketing purposes. Your objection may also cover the analysis of personal data (‘profiling’) conducted for direct marketing purposes. If you object to direct marketing, we will desist from processing your personal data for that purpose and stop all types of associated direct marketing efforts.

Right to Data Portability

Where our right to process your personal data is contingent on you giving consent or the satisfaction of undertakings in an agreement with you, you are entitled to request to have the information you have provided us with to be transferred to another personal data manager (‘data porting’).

About cookies

A cookie is a small text file that the website you visit saves on your computer. Cookies are used on many websites in order to give a visitor access to various functions. The information contained in a cookie may be used to track a user’s browsing habits.

In accordance with the Swedish Electronic Communications Act, which came into force on 25 July 2003, all visitors to a website that uses cookies shall be notified that:

Kåbe-Mattan AB uses cookies. Technically, cookies are used to identify user activity on a page – logs in, places something in their cart, etc. We also use cookies to measure traffic, to assess the effectiveness of marketing initiatives, and to further develop Kåbe-Mattan AB. Rejecting cookies in your web browser will result in a lot of website functionality being lost.

Our website uses a third-party system, CookieBot, to manage cookies. You can find information about cookies, your current consent (accept/reject), and change your consent by clicking the chain link icon shown in the bottom left-hand corner of the website.

If you do not want to accept cookies, your web browser can be set so that you automatically reject the storage of cookies or be informed every time a website asks to store a cookie. You can also delete previously stored cookies via your web browser. See your browser’s help pages for more information. You can read more about cookies on the PTS website (in Swedish).

Management of National Identity Number

We only process your national identity number in instances where doing so is clearly justifiable, is necessary to ensure secure identification, or for any other noteworthy purpose. In instances where this is not necessary, we use your customer number instead in order to minimise the use of your national identity number.

Personal Data Protection

Only those individuals who actually need to process your personal data to achieve our stated purposes have access to it.

Complaints

The Swedish Authority for Privacy Protection, which is the official supervisory authority for Sweden, monitors the application of data protection legislation. You have the right to submit a complaint to the Authority if you believe that we are processing your personal data in contradiction to this legislation.

Amendments to the Policy

This Personal Data Policy may be updated from time to time. The most recent version of the policy is always available on this page. Date last amended: 24-06-12.

In order to be able to market our products and services

Personal data is processed for the following purposes:

The categories of personal data processed are:

In order to be able to understand which type of marketing or direct marketing is to be used, analyses are carried out on the following items of information:

Legal basis: Recipients of newsletters and website visitors – legitimate interest.
Processing is necessary in order to satisfy your and our interest of being able to market our products and services.

Storage time: Data is stored for 12 months from the date of collection, and 12 months from the date of interaction via digital media (e.g. clicks in newsletters).

Unsubscribing: You can unsubscribe from receiving newsletters by clicking the link provided in the newsletter. In order to prevent statistics being collected via social media, you need to change your settings and preferences in your social media accounts. If you do not want your browsing statistics collected, block cookies in your web browser and refrain from participating in surveys on our website.
If you have any questions, please get in touch with us using the contact details shown on this page.

In order to stage and manage participation in competitions and events

Personal data is processed for the following purposes:

The categories of personal data processed are:

Legal basis: Legitimate interest. Communication and processing is necessary in order to satisfy your and our interest in conducting and managing competitions and events, as well as to ensure compliance with any legal requirements.

Storage time: During the period in which the competition/event runs, including any evaluation. Maximum of 12 months.

Unsubscribing: Contact us if you do not want your details included in our registers linked to an event or competition. Specify which particular competition/event your request relates to.

In order to be able to manage customer service cases and sales enquiries

Personal data is processed for the following purposes:

The categories of personal data processed are:

Legal basis: Legitimate interest. Processing is necessary in order to satisfy your and our interest of being able to manage customer service cases.

Storage time: Until the customer service case has been closed. Maximum of 12 months.

Unsubscribing: Contact us if you do not want your details included in our registers linked to a case. Please note, pursuant to the provisions of the Swedish Accounting Act and the Swedish Consumer Sales Act, certain documentation may need to be stored – also see paragraph pertaining to Legal Obligations below. Get in touch and we will help you with your query about what data we have saved about you. 

In order to be able to comply with legal obligations

Personal data is processed for the following purposes:

The categories of personal data that may be processed are:

Legal basis: Legal obligation. This collection of personal data is required by law.

Storage time: Until the purchase has been completed (including delivery and payment) and for a period of 84 months.

In order to be able to evaluate, develop, and improve our services, products, and systems

Personal data is processed for the following purposes:

The categories of personal data processed are:

Legal basis: Legitimate interest. Processing is necessary in order to satisfy our and your legitimate interest in evaluating, developing, and improving our products, services, and systems.

Storage time: 12 months from the date of collection.

To Prevent Misuse of a Service or to Hinder, Prevent, and Investigate Crimes Against the Company

Personal data is processed for the following purposes:

The categories of personal data processed are:

Legal basis: Legal obligation if such exists. Alternatively, legitimate interest (if there is no legal obligation) if processing is necessary in order to satisfy our legitimate interest in preventing misuse of a service, or to hinder, investigate, and prevent crime against the company.

Storage time: 12 months from the date of collection.

Contact details

Weland AB, reg. no. 556069-3987, is the personal data manager for the processing of personal data on www.kabe-mattan.se/de

Data protection contact

If you have any questions, enquiries, or concerns relating to the processing of your personal data and our privacy policy, please contact our Data Protection Officer:

Björn Henriksson

E-mail: bjorn.henriksson@weland.se

Phone number: +46 (0)371 344 00

Postal address: Weland AB, Malmgatan 34, SE-333 30 Smålandsstenar, Sweden.

Our Data Protection Officer is on hand to help you with all queries or problems you may have concerning your personal data. This includes:

We endeavour to answer all queries within a reasonable time frame and in accordance with applicable data protection laws.

Responsibility for data protection

The Chief Executive Officer of the company (CEO) is the person who bears ultimate responsibility for ensuring that the company operates in compliance with laws and regulations pertaining to data protection. The CEO has overall responsibility for creating and maintaining a culture of privacy and data protection within the company. This means that the CEO is obliged to understand and communicate the company’s privacy policy to all employees and to ensure that the necessary resources and training are available to support compliance with the policy.

Furthermore, the CEO shall work together with the company’s Data Protection Officer or equivalent function in order to ensure that the company keeps itself informed about changes to privacy legislation and implements the necessary measures to maintain compliance with said laws and protect t