Within the ROL group we endeavor to protect your privacy. It is important for us to ensure that your personal data is being processed in a secure and lawful manner. In order to inform you about our processing of personal data we have adopted this Privacy Policy. Since ROL group is not a legal entity, any reference to the group shall within this policy be a reference to the companies within the group.
If you have contact with any of the companies within the ROL group or any of its employees your personal data might be processed in different ways. The processing depends on if you act as representative for customer or supplier to ROL group or if a contact is established for any other reason. Here below follows information about the processing and your rights as data subject.
Responsibility for processing of personal data
Controller
Companies within the ROL group might be controller for the processing of personal data presented below. The controller for each processing is one of the following companies within the ROL group depending on the circumstances in each case, i.e. which company you have contact with and which company the information concerns:
ROL Ergo AB, org nr 556101-6402
ROL Retail Concepts AB org. nr 556048-1177
ROL Produktion Sweden AB org. nr 556550-7018
Flyplatsvägen 1, 555 93 Jönköping
For more information regarding the processing of personal data within the ROL group or if you want to use any of your rights as registered, please contact us at gdpr@rolgroup.com
Processor
Companies within the ROL group may also act as processor. This situation may occur when one company within the group process personal data on behalf of other companies within the group. The role as processor does also occur when providing customers with services included in the Intelligent Office products. That processing is subject to a specific Privacy Policy provided in connection with the products.
Purpose and legal ground
If you are an employee that represents any of the ROL group’s customers or suppliers your personal data are processed to the extent necessary to administrate the customer or supplier relationship. The processing is based on the legitimate interest of the companies within the ROL group in order to fulfill its commitments towards customers and suppliers (normally your employer).
If you are in contact with us for any other reason your personal data will only be processed to the extent necessary to administrate the current issue. If so, the personal data is processed pursuant to this privacy policy. The processing is based on the legitimate interest of the companies within the ROL group.
Transfer of personal data
Your personal data will only be transferred to companies within the ROL group and to cooperation partners that supply ROL group with IT -services or other support services, to the extent necessary in order for ROL group to fulfill its obligations towards your employer or to administrate the current issue depending on the circumstances.
Transfer to third countries
The ROL group endeavor to not transfer data to companies or countries outside EU/EEA. If such a transfer would be deemed necessary ROL group shall carry out the transfer in compliance with applicable data protection laws and take appropriate safeguards to protect your personal data.
Rentention and storage
Your personal data are stored as long as the customer/ supplier relationship remains or as long as it is necessary in order to administrate the issue that has given rise to the processing and thereafter as long as required or permitted according to applicable legislation or case law.
Your rights as registered
When the ROL group collect and process your personal data you may have certain rights. Depending on the circumstances in the specific case, you may have the right to:
- Obtain a copy of the personal data undergoing processing.
- Have inaccurate personal data rectified.
- Obtain the erasure of personal data. This right does only apply if ROL group does not have any other legal right to continue to process the personal data.
- Require that the controller restricts the processing of personal data concerning him or her.
- Receive its personal data structured in a commonly used and machine-readable format and transmit it to another controller.
You may at any time have the right to lodge a complaint with a supervisory authority (in Sweden it is Datainspektionen).
Security
The ROL group aims to take appropriate technical and organisational measures to prevent and limit risks associated with the disclosure of personal data such as unauthorized access, abuse, alteration and destruction. Only authorized personnel bound by secrecy has access to identifiable personal data.