GDPR (General Data Protection Regulation) Personal Data Inquiries
Under the European Union’s (EU) General Data Protection Regulation (GDPR) you as the data subject have certain rights with regard to the processing of your personal data, including the right to request that organizations who process your personal data provide you with information regarding that processing.
Under GDPR, there are two types of organizations that process personal data. Organizations that determine the purpose and means of the processing of your personal data are called ‘data controllers’. Organizations who carry out processing on behalf of a data controller are called ‘data processors’. Only data controllers are obliged to comply with a personal data access request from a data subject. It is important to note that swedencornet (“Core Net AB”) could be either a data controller or data processor with respect to the processing of your personal data.
Examples of swedencornet as the data controller:
- You are a current or former employee of swedencornet or one of its affiliates
- You are a business contact at one of swedencornet’s partners or customers
- You are a visitor to one of swedencornet’s websites
Examples of swedencornet as the data processor:
- You are an employee of a customer using swedencornet’s services or products.
- You are an user of a swedencornet provided service or product purchased through one of our authorized distributors
Where swedencornet is the data processor, personal data inquiries should be submitted to the data controller.
Where swedencornet is the data controller of your personal information, you can request swedencornet to obtain:
- confirmation that your data is being processed;
- access to your personal data;
- purpose of the processing;
- categories of personal data concerned;
- the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations;
- where possible, the period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
- the existence of the right to request from swedencornet rectification or erasure of personal data or restriction of processing of personal data concerning you or to object to such processing;
- where the personal data are not collected from you, any available information as to their source;
- the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) of the GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the possible consequences of such processing for the data subject.
How do I make a request?
If you believe swedencornet is the data controller of your personal data and you would like more information, please send an email to DPO (Data Privacy Office), including the following information:
- SAR or Personal Data Inquiry in the subject line
- Your full name, address and contact telephone number;
- Any information used by swedencornet to identify or distinguish you from others of the same name (account numbers, unique ID’s etc.);
- Details of the specific information you require, any relevant dates, and the action you wish swedencornet to perform with respect to your data.
The above personal data you provide is necessary in order to fulfill your request and for swedencornet to verify your identity and personal data we have about you.