byBrick Management Privacy Policy

1. We protect personal integrity in the processing of personal data
Any person who entrusts byBrick Management (byBrick) with their personal information is entitled to feel safe and secure that byBrick complies with applicable laws and regulations to protect personal privacy. ByBrick handles personal data for specific and explicit purposes only (see Chapter 5). Information on these purposes is described in this policy and is provided to individuals, customers, candidates and other stakeholders, etc., upon handing over their personal information to byBrick.
Personal information such as name, address, organisation, email address and phone number must sometimes be provided, for example, when you ask a question or download material from our website. Our right to collect, manage and save your personal data is based on the right to interest weighing, which is linked to your relationship with us, for example through your professional role, and governed by EU Regulation 2016/679 of April 27, 2016. For more information about this team, refer to www.datainspektionen.se. All forms of personal data management in byBrick are covered by this policy and are mentioned here. The policy does not describe in detail what routines, programs and systems are used, this is done in our information registry.
We are responsible for the safe processing of your personal information solely for the purposes that you have given your approval to or for us to fulfil our legal obligations.

2. The validity of the policy
This privacy policy covers and our handling of personal data within byBrick Management AB, corporate identity number 556844-3534 (also called byBrick). This policy applies until further notice. And it is reviewed at least once a year, after which individuals whose personal information we handle will be informed of possible changes appropriately (eg through information via the website). In case of legislative changes, the consequences for the policy must be estimated, which may lead to changes in the policy
You as an individual do not need to approve the policy, but you may cancel your approval of our personal data management when this policy changes.
Updating this policy
This policy is updated at least once a year. For each update, the following information should be made clear to those who share this policy, and must approve it:
- Update version, which is linked to date when it starts to apply
- A summary of changes to the previous version, as well as a reference to chapter or section
- A clarification as to why and why a new consent may be necessary from the individual

3. Rights for you who provide your personal information
Your personal information belongs to you. We are careful not to make any assumptions about your privacy preferences and try to design our services so that you can choose if you want to share your personal information with us.
Consent, change and screening
You who provide personal information have the right to disclose your consent to our handling of your personal information and at any time to suspend this or request disclosure. Your consent should be personal and, if possible, written or automated. Your right of withdrawal shall be cancelled in writing to our data protection officer. See chapter 9 for contact details.
Once a year, you can, in writing, request a personal signature, get information about what personal data we treat about you, where your personal data are collected, the purpose of the treatment, and the recipients or categories of recipients who receive your personal information.
If your personal information is incorrect, you may want to have them corrected. We can not change or erase your data as general documents or when there are statutory storage requirements, such as accounting rules, or there are other legitimate reasons why the data must be saved.

4. byBricks rights and obligations
byBrick has the following responsibilities regarding the processing of your personal data.
Privacy and access to personal data
byBrick is responsible for ensuring that only authorised personnel, or contracted personal data counters with contracted privileges, have access to your personal information.
Who is responsible for your personal information?
byBrick will request the approval of individuals for processing their personal data in accordance with EU Regulation (EU) 2016/679. byBrick Management AB, org.nr. 556844-3534 is personally responsible for the processing of your personal information in a legal manner.
byBrick Management is responsible for managing your personal data in accordance with EU Regulation 2016/679. Request for registry extracts, information, correction of incorrect data or data deletion must be sent to us, see address below.

5. What personal data is managed within byBrick and why?
We use personal data for various reasons. These reasons are based on our business concept, in legislation and for specific purposes that we inform you about.
- We process your personal information to deliver our services to you, as you have cancelled them. These data are stored according to statutory requirements, or no longer than five years after our business relationship has expired.
- Personal information provided on our web pages is used to keep you informed, by email, about new information posted on our pages, and to inform you about news in our events, our services and general information about byBrick and our offers. These data are no longer stored to keep you updated and informed.
- Personal data is also treated to follow visitors' behaviour on our websites. This is handled according to our Cookie Policy (see Chapter 7)
- Personal information provided on our download pages is used to send the information you request, as well as for marketing. These data are stored as long as needed to keep you updated and informed.
- Personal information provided for contact is used to contact you and provide the assistance or information you request. These data will not be saved for more than five years after our business relationship has expired.
- Personal data provided for recruitment purposes are used for recruitment. These data are stored according to legal requirements for filing or for a suitable period, but no longer than two years.
- Personal data submitted for the purpose of professional cooperation are used for this purpose, to inform clients and clients, and to deal with the legal obligations of employment, supplier agreements and payment of salaries, fees, remuneration, pensions, etc.
- Personal data may be transferred to other companies within the byBrick group. For all these companies, the same privacy policy applies. Each company within the byBrick Group has its own personal responsibility and manages this responsibility under the terms and conditions of its services and national law, including EU Regulation (EU) 2016/679.

6. Third party and transfer to other stakeholders
byBrick can hire subcontractors to process your personal information. These suppliers are bound by contract to byBrick's commitment and responsibility for processing personal data and thus act as data controller assistants for byBrick. Purpose of handing over your personal information may be to perform various services such as e-mailing, accounting and finance, recruitment, consultation, etc. The personal information bids for byBrick may not use the personal data you have submitted to byBrick for any other purposes that you have consented to by approving this policy.
byBrick may disclose your personal information to third parties to improve their services to you. byBrick will never sell your personal information to third parties.
In all situations where personal data assistants are included in the processing of personal data, all rules and responsibilities regarding privacy, access, transparency and the right to change and delete personal data and filing requirements for personal data are also applicable to byBrick.
You are entitled to request written transparency in the third party companies that we hire for handling your personal information.

7. Our presence on the Internet, social media, etc.
byBrick is present on a variety of communication platforms, such as websites on the Internet and social media. The visitor's activity in these locations can be considered personal data when they can identify a natural person.
Cookies - Visitor Identification
On our websites bybrick.se and transforming.business.se cookies are used, i.e. small text files stored on the visitor's computer and which, among other things, can save personal settings and allow you to follow what the visitor does on the site. There are two different types of cookies;
- "session cookies" used during the time the visitor is active on the site. These are deleted from your computer when you leave the site
- "lasting cookies" used to tell the visitor what happened to the site since visiting the site last and to recognize recurring users and to remember what information was previously provided. These remain on your computer until deleted by the user.
Most browsers are preset to accept cookies, but you can set up your browser to notify you when it receives a cookie. Then you can decide whether to receive it or not
External links
On the byBrick website, there may be links to external websites. This privacy policy does not apply to these websites. You should review the respective privacy policies of these websites before you visit these websites and provide your personal information.

8. Handling of personal data incidents
byBrick has procedures in place to handle personal information incidents according to the law's requirements.
In a personal data incident, the person responsible within 72 hours after being aware of it shall report the personal data incident to the supervisory authority (data inspection) unless it is unlikely that the personal data incident will endanger the rights and freedoms of natural persons.
byBrick has also agreed with its Personal Data Advisers to notify the Personal Data Administrator without unnecessary delay after being aware of a personal data incident.
The individual concerned by a personal data incident shall be informed immediately of the incident and appropriate technical and organisational protection measures to be taken.

9. Contact details
For questions about how we handle personal information contact us by letter to:
byBrick Management AB
Data Protection Officer
Kungsgatan 7A
41119 Gothenburg
or by email to gdpr@bybrick.se

10. Definitions
Terms and concepts used in this policy are defined in EU Regulation (EU) 2016/679 on the protection of individuals about the processing of personal data (see also www.datainspektionen.se).