Gson's processing of personal data complies with the Data Protection Ordinance (GDPR) and other applicable legislation. We safeguard each individual's personal integrity and always strive for a high level of data protection. We therefore want in this policy to inform you about what personal data we collect, how and for what purposes we process the data and how you can act if you have questions or are not satisfied with our processing of your personal data.
Personal data manager
Gson Europe AB, corporate identity number 556830-9727, with address Nastagatan 9, 207 27 Örebro, is responsible for personal data for the company's processing of personal data.
Processing of personal data
A personal data is any kind of information that can be directly or indirectly attributed to a physically identifiable person. In order for you to be able to buy our goods, contact us for service or information or visit our website, we must collect and process certain personal information about you. Also when it comes to suppliers, we process certain personal information to be able to contact the right person when purchasing, etc.
Type of personal data
We only handle the personal data needed for us to be able to fulfill our obligations to you as a customer or supplier. We would never sell your personal information to another company. The personal data we collect and process are, for example: name, social security number (in the case of, for example, a sole proprietorship), contact information (eg address, e-mail and telephone number), electronic identification data.
The legal basis for our processing of personal data is: Fulfill our obligations to you as a customer. I.e. implementation of purchases (being able to deliver goods and invoices to the right place and the right person), simplified administration, order history and support. Enable general customer care and customer service. Comply with legal obligations, eg applicable accounting laws. Other legally legitimate interest in treatment, for example when marketing our products or when contacting suppliers.
When required by law, we will obtain consent before processing your personal data. You can revoke your consent at any time by notifying us.
By taking appropriate technical and organizational measures, we are responsible for ensuring that your personal data is handled in a secure manner and protected from intrusion, access, dissemination, loss or other unauthorized handling.
In cases where we use suppliers (third parties) to be able to fulfill our obligations to you as a customer, such as shipping companies, external server services, etc., we sign personal data assistant agreements with these to be able to ensure that the data is handled securely.
We will only retain your personal information for as long as necessary to fulfill the purposes specified in this policy. Information saved to fulfill accounting requirements is saved for as long as required by law. We regularly perform thinning and delete personal data that is no longer needed.
Where the data is stored
We will for the most part handle your personal data within the EU / ESS. If personal data is transferred to or processed in a country outside the EU / EEA, we will take all reasonable legal, technical and organizational measures to ensure that your personal data is handled securely.
You can request a copy of the information we have about you. You have the right to have incorrect or incomplete information about you changed. You have the right to have your data deleted, provided that it is no longer necessary for the purpose for which it was collected. There may be legal obligations that prevent us from deleting parts of your data immediately.