IGF’s Privacy Policy
Why and for whom?
At IGF Biogas AB, registration number 556451-6317, (“IGF”, “we”, “us”, “our”) we care about personal privacy. That means we respect and value your privacy and your right to control and transparency when processing your Personal Data. This Privacy Policy (“Policy”) applies to the processing for which IGF is the Data Controller. The Policy outlines the purposes for which we need your Personal Data, the legal basis we rely on, and the measures we take to protect personal data. We also inform you about how to exercise the rights you have related to our processing of your Personal Data. The Policy informs about our handling of Personal Data in cases where you communicate with us, purchase our products, or visit our website https://igfgas.se/ (together, the “Features”).
Definitions
“Treatment” of Personal Data refers to any action that can be taken with Personal Data, such as storage, modification, reading, transfer, etc.
“Applicable law” is the legislation that applies to the processing of Personal Data, including the General Data Protection Regulation (GDPR), supplementary national legislation, as well as practices, guidelines, and recommendations issued by a national or European supervisory authority.
“Personal Data” refers to any kind of information that can be linked to an identifiable, living person.
“Data Controller” is the company/organization that determines the purposes and means of processing Personal Data and is therefore responsible for ensuring that Personal Data is processed in accordance with Applicable law.
“Data Processor” is the company/organization that processes Personal Data on behalf of the Data Controller and is therefore only allowed to process Personal Data according to the Data Controller’s instructions and Applicable law.
“Data Subject” refers to the living, physical person whose Personal Data is being processed.
“The Product” includes gas holders, gas flares, level sensors.
IGF’s Data Controller Responsibility
The information in this Policy covers the Processing of Personal Data for which IGF is the Data Controller, i.e., the Processing for which we determine the purpose (why Processing is done) and the means (how, what Personal Data, for how long, etc.). The Policy does not describe how we process personal data in the role of Data Processor – that is, when we process personal data on behalf of our customers. Customized biogas plants. We customize all our plants based on the customer’s specific needs and conditions. The choice of the right technical solution is based on more than 15 years of operational experience in biogas production.
IGF’s Processing of Personal Data
We have a responsibility to describe and demonstrate how we meet the requirements when processing your Personal Data. This section aims to provide you with an understanding of the types of Personal Data we process about you and for what purposes.
Data Subjects and Retention Period
The intended recipients of this Policy are the following groups, whose personal data we store in accordance with the criteria below. Employees of potential customers Personal data of employees of potential customers will be stored for the time necessary to determine if the potential customer wishes to enter into an agreement. Employees of existing customers Personal data of employees will be stored for the time necessary to provide the service and to fulfill legal obligations such as managing alleged service faults.
Cookies
Personal data belonging to visitors to our website will be processed in accordance with our cookie policy.
IGF uses cookies and similar tracking technologies to, among other things, analyze how the Features are used so that we can provide you with the best possible user experience. More information about how we use cookies can be found in our Cookie Policy (/cookies/)
Treatments and Purposes
The main purpose of the personal data processing we carry out is to provide, perform, and improve our services to you. There are several reasons why we may need to collect, manage, and store your information. We mainly process personal data for the following purposes: Contact and identification information to confirm your identity, verify your details, and communicate with you Information about your use of the service or product to improve your customer experience IP address to perform customer analysis and to present content on our site effectively for you and the device you are using.
How do we access your personal data?
We obtain your personal data in a number of different ways. We primarily access your personal data:
Legal Grounds
In order for us to process your personal data, we need to have a legal basis for each processing activity. In our business, we primarily process your personal data on the following grounds: Consent – IGF processes your Personal Data after we have obtained your consent to the Processing. Information about the Processing is always provided when we ask for consent. Contract – Processing is necessary for us to fulfill obligations under a contract between us or to prepare to enter into a contract with the Data Subject. Legitimate Interest – IGF may process personal data if we have assessed that there is a legitimate interest that outweighs the Data Subject’s protection of personal privacy, and if the Processing is necessary for the specific purpose, e.g., in direct marketing. Legal Obligation – We are required by applicable laws and regulations to process personal data as a result of our business operations. If you would like further information about which legal basis(es) we are processing your personal data for, you always have the right to request a so-called register extract. Read more under “How to use your rights” below.
Your Rights
You are the one who controls your Personal Data. We always strive to ensure that you can exercise your rights as effectively and smoothly as possible.
Access – You always have the right to receive information about the Personal Data processing concerning you in a so-called register extract. The register extract shows, among other things, which of your personal data we have stored and for what purposes and on what legal basis. We only provide information if we have been able to verify that it is actually you requesting the information.
Correction – If you discover that the Personal Data we process about you is incorrect, please contact us and we will fix it!
Deletion – Do you want us to completely forget you? You have the right to request the deletion of your Personal Data when they are no longer necessary for the purpose for which they were collected. If we are required to retain your information by law or an agreement we have entered into with you, we will ensure that they are only processed for the specific purpose outlined by the law or agreement. After that, we will ensure that the data is deleted as soon as possible.
“Objection – Do you disagree with us that our interest in processing your Personal Data outweighs your interest in protecting your personal privacy? No problem – in that case, we review our interest balance and ensure that it still holds. We will, of course, take your objection into account when making a new assessment to evaluate if we can still justify our processing of your Personal Data. If you object to direct marketing, we will remove your Personal Data immediately without reviewing our assessment.
Restriction – You can also ask us to limit our processing of your data:
While we handle a request from you for any of your other rights.
If, instead of requesting deletion, you want us to indicate that the data should not be processed for a specific purpose. For example, if you do not want us to send you advertising in the future, we still need to keep your name to know not to contact you.
In cases where we no longer need the data for the purpose for which it was collected, provided you have no interest in us retaining the data to assert a legal claim.
Data Portability – We can provide you with the data you have provided to us or that we have received from you in connection with an agreement we have entered into with you. You will receive your data in a commonly used and machine-readable format that you can then take to another Data Controller.
Withdraw Consent – If you have consented to one or more specific processing(s) of your Personal Data, you have the right to withdraw your consent at any time and request us to cease the Processing immediately. Please note that you can only withdraw your consent for future Processing(s) of Personal Data and not for any Processing that has already occurred.
How to Use Your Rights
Contact us by email and we will assist you!
Transfer of Personal Data
To operate our business, we rely on others who process Personal Data on our behalf, so-called Data Processors.
We process all personal data within the EU/EEA.
We have entered into data processing agreements (DPA agreements) with all our Data Processors. The DPA agreement regulates how the Data Processor may process the Personal Data and what security measures are required for the processing of personal data.
We may also need to disclose your Personal Data to certain designated authorities to fulfill obligations under law or regulatory decisions.
Our Categories of Data Processors
Below are categories of recipients with whom we may share your data:
– Marketing service providers, such as advertising agencies for campaign development or suppliers for assistance with mail or email dispatch.
– IT providers, for example, for business systems and case management. To carry out our assignments and services, we store your data in our business systems (a system that manages our customers and contacts).
– Systems for conducting customer analysis and generating statistics to contribute to industry statistics and to improve the customer experience.
Security
IGF has implemented technical and organizational measures to ensure that your personal data is processed securely and protected from loss, misuse, and unauthorized or unlawful access.
Our Security Measures
Organizational security measures are measures implemented in work methods and procedures within the organization. Our organizational security measures include:
– Internal governance documents (policies/instructions)
– Login and password management
Technical security measures are measures implemented through technical solutions. Our technical security measures include:
Encryption
Pseudonymization
Backup
If We Fail to Fulfill Our Promise
If you believe that we are processing your Personal Data incorrectly, even after you have notified us, you always have the right to submit your complaint to the Swedish Data Protection Authority (Integritetsskyddsmyndigheten).
More information about our obligations and your rights can be found on the Swedish Data Protection Authority’s website (https://www.imy.se/). You can also contact the authority at imy@imy.se.
Changes to This Policy
We reserve the right to make changes to this Policy. In cases where the change affects our obligations or your rights, we will inform you of the changes in advance so that you have the opportunity to consider the updated policy.
Contact
Please feel free to contact us if you have any questions about your rights or any other questions about how we process your personal data:
info@igfgas.se