Public & Science Sweden values the protection of personal data, and wants to protect your privacy. As personal data controllers, we explain below how we treat our visitors’ personal data according to (EU) 2016/679, the general data protection regulation (GDPR).
By using our site, you agree that your personal data will be processed in accordance with this Privacy Policy.
Processing of personal data
- What is personal data and what is personal data processing?
- Who is responsible for the processing of personal data?
- Personal data that we handle
- From which sources do we retrieve personal data?
- With whom can we share your personal data?
- Where is the personal data processed?
- How long do we save your personal data?’
- What are your rights when your data is registered?
- How do we handle social security numbers?
- How is your personal data protected?
- Supervisory authority
Cookies
What is personal data and what is personal data processing?
All information that can be directly or indirectly derived from a living person is covered by the term personal data. It’s not just about names and social security numbers, but also about things like pictures, IP addresses, and e-mail addresses.
Processing of personal data is everything that happens to the personal data, especially with the help of IT. This involves, for example, collection, registration, structuring, storage, processing and transfer.
Who is responsible for the processing of personal data?
For processes that take place within VA (Public & Science), the association is responsible for personal data. For some processes, e.g. accounting, we use systems that are handled by external consultants. The responsibility between VA and external consultants is regulated in a contract.
Personal data that we handle
We mainly deal with names, e-mail addresses, telephone numbers, titles and organisation affiliations. Sometimes additional information can be processed, for example social media accounts, but only if the person in question can be considered to have published the information.
We process personal data in order to manage our database of members, administer events, take minutes, write news articles, send out invitations and newsletters, fulfil agreements and to manage and report financial transactions.
We process personal data in accordance with applicable legislation and obtain prior consent when needed.
Collection of personal data takes place in connection with subscription to newsletters, registration for seminars and events, photography or filming of events, ordering of services or when contacting VA. Personal data can also be obtained from public information, such as web pages, directories etc.
With whom can we share your personal data?
Personal Data Partners
Sometimes we hire third parties to be able to carry out our work, e.g. IT suppliers, accountants, and communication consultants. They are personal data assistants to VA.
VA writes an agreement with the personal data partners stipulating how they may process the personal data, which is only in exact accordance with VA’s own data handling policy.
Agencies that are independently responsible for personal data
We share personal information with certain agencies that have their own personal data responsibility, such as the Swedish Tax Agency and the Swedish Social Insurance Agency. These organisations’ own privacy and personal data management policies apply in such cases.
Where is the personal data processed?
Primarily, administrative work is carried out at VA’s offices. In some cases, data may be processed by external parties, e.g. suppliers of software. For certain IT support, the data may be transferred to a country outside the EU / EEA. Our data protection responsibilities mean that we are responsible for taking all reasonable legal, technical, and organisational measures to ensure that data is processed in accordance with GDPR regulations
within the EU / EEA.
When personal data is processed outside if the EU / EEA, the level of protection is guaranteed either by a decision of the EU Commission that the country in question ensures an adequate level of protection or through the use of appropriate protection measures.
How long do we save your personal data?
We never save your personal information beyond what is necessary for each purpose. We have prepared cleaning procedures to ensure that personal data are not stored longer than is needed for the specific purpose. The length of time varies depending on the purpose of the data processing. For example, some information for accounting is legally required to be saved for at least seven years, while information about a person’s dietary requirements are deleted within a month of an event taking place.
What are your rights when your data is
registered?
As a person with registered personal data, you have a number of legal rights.
To find out how to manage your rights, see the section ”Managing your rights” further down. Below we list the rights of the data subject.