Comex - GDPR
Privacy and marketing policy
Last update: 2021-10-07
We at Comex want you to feel safe when you provide us with your personal data. In this policy, we explain how we collect, use, disclose and store your personal data and how we otherwise ensure that your personal data is processed in accordance with current legislation.
2. Contact details for the person in charge of personal data
The personal data controller for the processing of your personal data with us is:
Comex Electronics AB (referred to as Comex in this policy)
Tumstocksvägen 11B, 187 66 Täby
Org. No: 556314-8153
3. From which sources do we collect information about you as a customer?
In order to conduct our vigilance, we need to collect personal data about you in various contexts.
Comex collects your personal data directly from you when you complete an order, contact us via the website, participate in our events, are in contact with our staff and when you otherwise have contact with Comex and provide information about yourself. Information about you is collected on these occasions so that you can enter into contracts with Comex and so that we can provide our products and services to you.
In addition to the data that Comex collects from you, we may also collect personal data from someone else, i.e. from third parties. We pull information from public records through third-party address update services to verify that we have the correct contact information for you. We collect information about creditworthiness from credit rating agencies, information companies or banks. We also collect information for marketing purposes from social media.
4. What personal data do we process about you?
The personal data that Comex collects and processes about you as a customer who makes purchases and uses our services are:
Contact information such as name and identification number (social security number, national ID or organization number)
Delivery address, billing address, phone number and email
Order information such as order number, ordered products or services, order date, price and purchase history
Payment information such as payment method, card number, cardholder, transaction time, amount, IP address and payment history
Financial information such as credit reports
Correspondence and other information such as audio recordings of calls, notes and e-mails when contacting our staff
IP address and information about your use of the Comex website
5. Why do we process data about you?
Comex processes your personal data for various purposes. Mainly, Comex processes your personal data for the purpose of:
Fulfill our obligations to you as a customer, such as fulfilling purchases, invoicing and providing support and service
Provide general customer care and customer service, such as answering questions and correcting incorrect information
Manage the customer relationship and provide our services
Provide you with relevant information and customized offers in newsletters
Improve our customer offering, for example development of services, products and functions
Prevent fraud and perform risk management
Comply with applicable legislation, such as accounting laws
The above data can also form the basis for market and customer analyses, market research, statistics, business follow-up and business and method development related to the purchase of goods and services.
6. What are the legal grounds for our processing of your personal data?
Comex bases the processing of your personal data on a number of legal grounds.
a) Contractual obligations
Among other things, we process your personal data to be able to fulfill the agreement with you as a customer, such as to carry out purchases and to be able to fulfill our commitments to you as a customer, such as simplified administration and order history. With the support of this legal basis, we also process data about you such as your purchases, your behavior on our website, your interaction with Comex and your interest in our offers and products in order to fulfill our commitment to provide you with personalized offers.
b) Balancing of interests
Part of the processing of personal data that we carry out is based on a so-called balancing of interests. This applies, for example, to the processing we carry out in order to be able to send you offers about our goods and services. Comex does not process sensitive personal data based on a balancing of interests and does not carry out any processing that constitutes profiling based on a balancing of interests.
c) Legal obligation
In some cases, Comex may have a legal obligation to process your personal data. This applies, for example, to the processing of personal data that we carry out in order to fulfill the requirements of the Accounting Act.
7. Compilation of our personal data processing
Categories of personal data
To administer, develop and deliver our goods and services and provide support
NAME, ADDRESS, TELEPHONE NUMBER AND EMAIL GEOGRAPHIC INFORMATION
To ensure that legal requirements are complied with, such as the Accounting Act
NAME, ADDRESS, TELEPHONE NUMBER AND EMAIL GEOGRAPHIC INFORMATION
To market Comex goods and services by mail, e-mail, telephone
Balance of interests
NAME, ADDRESS, PHONE NUMBER AND EMAIL GEOGRAPHIC INFORMATION IP ADDRESS, DEVICE INFORMATION, LOG INFORMATION
8. How long do we store data about you?
9. To whom do we disclose personal data?
Comex may disclose your data to third parties, such as Comex subcontractors or distributors of products.
Third parties that Comex discloses information to or otherwise provides information about a customer may only use the information for the purpose of selling and marketing Comex's services and products or for the purpose of delivering services related to Comex's agreement with you as a customer. If you have chosen to take out insurance with us, personal data may also be disclosed to insurance companies. If you apply for a credit when purchasing a product or service, your data may be disclosed to credit reporting companies.
Personal data may also be disclosed by Comex if it is necessary to comply with applicable legal requirements or requirements from authorities, to safeguard Comex's legal interests or to detect, prevent or draw attention to fraud and other security or technical problems.
11. The protection of your personal data
You should always be able to feel safe when you provide us with your personal data. Comex has therefore taken the necessary security measures and routines to protect and manage your personal data. This is realized through several different security functions such as intrusion detection, encryption, intrusion protection, protection against malicious code and security logging, which give our IT systems that store personal data a security capability that meets the requirements of the General Data Protection Regulation (GDPR).
12. Your rights
Comex will, at your request or on its own initiative, correct, de-identify, delete or supplement information that is found to be incorrect, incomplete or misleading.
You have the right to request:
a) Access to your personal data. This means that you have the right to request a register extract of the processing we carry out regarding your personal data. You also have the right to receive a copy of the personal data being processed. You have the right once per calendar year, through a written and signed application, to receive a register extract free of charge of what personal data is registered about you, the purposes of the processing and to which recipients the data has been or is to be disclosed. Please note that when requesting access, we may ask for additional information about you to ensure that we provide the information to the right person and which information you want to access.
b) Correction of your personal data. At your request, we will correct the incorrect or incomplete data we process about you as quickly as possible.
c) Deletion of your personal data. This means that you have the right to request that your personal data be deleted if it is no longer necessary for the purpose for which it was collected. However, there may be legal requirements that we may not immediately delete your personal data in, for example, accounting and tax legislation. We will then end the processing that is done for purposes other than complying with the legislation.
d) Limitation of processing. This means that your personal data is marked so that it may only be processed for certain limited purposes. You can, among other things, request a restriction when you believe that your data is incorrect and you have requested correction according to clause 12 c). While the correctness of the data is being investigated, their processing will be limited.
You have the right to data portability. This means a right to, under certain conditions, obtain and transfer your personal data in a structured, generally used and machine-readable format to another personal data controller.
You have the right to object to personal data processing that is carried out on the basis of a balancing of interests. If you object to such processing, we will only continue the processing if there are legitimate reasons for the processing that outweigh your interests.
If you do not want to process your personal data for direct marketing, you always have the right to object to such processing by sending an email to firstname.lastname@example.org . Once we have received your objection, we will stop processing the personal data for such marketing purposes.