Peace of mind
Data Protection Statement
Protection of your personal data and compliance with the relevant statutory obligations, including those of the General Data Protection Regulation of the European Union (GDPR) is very important to Skanditrä AB (hereafter Skanditrä) as member of the JAF Group (www.jaf-group.com/gesellschaften). In the following we will inform you about how your personal data will be handled. Personal data means information to verify your identity, e.g. your name, address and phone number.
Skanditrä is the controller as defined in Art. 4 No. 7 GDPR of the website:
The website does not collect any personal data.
Skanidträ is the controller in the case of receiving of the personal data via phone or email indicated on the website.
You may contact Skanditrä via the following communication channels:
Södra Vallgatan 19B
392 31 Kalmar
Tel: +46 480 49 69 90
Fax: +46 480 49 69 99
Per Weijersgatan 2
211 34 Malmö
Tel: +46 40 17 49 00
Fax: +46 40 12 03 82
2. Processing purposes and legal bases
a. Processing of the contract
For the purpose of registration as a customer or supplier by Skanditrä for processing of orders and the related purchase claims and claims under contracts for work (delivery, invoicing, warranty, etc.) collects and processes:
– the name of the company and the first name and surname of a contact person (as well as the names of managing directors and owners, if applicable)
– VAT ID number and trade licence
– address (street, postcode, town or city)
– email address
– phone and fax number
The legal basis for processing such data is the contract you have concluded with Skanditrä. If you do not provide the required data, processing of your purchase and/or the contract for work or services and opening of the customer account will not be possible.
For processing sales and purchase contracts personal data may be transferred to the administrative unit of the JAF Group namely JAF International Services GmbH. To ensure compliance with this policy and your rights (Point 8) Skanditrä has concluded a data processing agreement with JAF International Services GmbH (Art 26 GDPR).
On the basis of their respective directories of data processing activities, both companies hereinafter jointly define the purposes and means relating to the processing of personal data:
1. Communication / Exchange with subsidiaries in countries
2. Provision of data in a central Data Warehouse (WinClient)
3. Data on network drives
4. Central data storage AS400
5. Backup process
6. Correspondence to solve legal cases
7. Supplier Listing
8. Customer Listing
9. Credit check of Customers
The security measures implemented by the JAF include area access and admission controls, data access controls, including user permission concepts relating to the input and transmission of personal data, controls relating to the availability of technical systems, including storage and back-up systems, as well as virus protection software and the logic-based separation of databases.
JAF is responsible for fulfilling the rights of data subjects to information, rectification and erasure, restriction of processing, data portability and objection in accordance with the processing agreement pursuant to Art. 26 DSGVO. The contact point for all data protection issues is the JAF Legal & Compliance Department.
You can contact JAF via the following communication channels:
By letter to: JAF International Services GmbH – Compliance Department, Gerbergasse 2, A-2000 Stockerau.
by telephone at: +43 (0) 2266 605 – 0
by e-mail to: firstname.lastname@example.org
b. Invoicing, credit checks & collection of payment
In addition, the data you provide to be registered as a customer may be aligned with data of the credit reporting agency Coface for credit checks and in connection with data processing agreements and, if necessary, forwarded to lawyers for collection of payment, from time to time.
The legal basis therefor is the legitimate business interest of Skanditrä to check the financial position of any potential business partner before making a binding offer. In the case of collection of payment Skanditrä will pursue the enforcement of its contractual rights.
3. Data security
We protect our websites and other systems by technical and organisational measures against loss, destruction, access, alteration and dissemination of your data by unauthorised persons. Our data centres are operated in accordance with state-of-the-art security standards, including firewall and intrusion detection technologies as well as comprehensive physical controls and access restrictions. At application level modern authentication methods are used for user and administrator access rights and daily backups of all data are made and archived on a decentralised basis. During the order process your payment details will be encrypted for transmission via the internet.
4. Storage period
Your personal data will be stored for the entire duration of the contractual relationship and beyond in accordance with the retention duties under tax law and business law of Sweden.
5. Your rights
As a data subject of processing of personal data by Skanditrä you have the following rights:
c. Right of access (Art. 15 GDPR)
You may obtain confirmation from Skanditrä as to whether relevant personal data is being processed. If this is the case, we will inform you about the processing purposes, categories and recipients of such data, the storage period and/or the criteria used to determine that period as well as the existence of the rights stated in paragraph 8 b. to g.
d. Right to rectification (Art. 16 GDPR)
You may obtain from Skanditrä without undue delay the rectification or completion of your personal data which is processed by us.
e. Right to erasure (Art. 17 GDPR)
You may obtain from Skanditrä the erasure of your personal data without undue delay unless there are overriding legitimate interests for the processing, such as compliance with legal obligations.
f. Right to restriction of processing (Art. 18 GDPR)
On the grounds stated in the GDPR (e.g. verification of the accuracy of your personal data, unlawful processing, objection) you may obtain from Skanditrä restriction of processing of your personal data.
g. Right to data portability (Art. 19 GDPR)
You may ask Skanditrä to provide you with the personal data concerning you, which you have provided, in a structured, commonly used and machine-readable format and may request that the data be transmitted to another controller, where technically feasible.
h. Right to object (Art. 21 GDPR) & right to withdraw your consent (Art. 7 GDPR)
You have the right to object to processing of your personal data. Unless Skanditrä is able to demonstrate compelling legitimate grounds for the processing, your data will then be erased. All of your personal data stored in the past will be erased as well with retroactive effect. Irrespective thereof you may at any time withdraw your consent given previously, e.g. in connection with subscribing to the newsletter or enquiries.
i. Right to lodge a complaint
Finally, you have the right to lodge a complaint with the Swedish Data Protection Authority, Drottninggatan 29, floor 5, Stockholm, telephone: +46 (0)8 657 61 00 or email: email@example.com.
If you have any questions about the collection, processing or use of your personal data by Skanidträ and JAF Group, please contact us via email at:
+46 480 49 69 90
Södra Vallgatan 19B
392 31 Kalmar Sweden
Copyright © 2022 Skanditrä