C-RAD PRIVACY POLICY AND COOKIE INFORMATION
Updated 22 November 2022
1. Introduction and contact details
In this integrity notice, C-RAD explains how your personal data is processed when you (i) visit our website, (ii) subscribe to our newsletters and information, and/or (iii) are a representative of one of our customer and/or supplier companies. Your integrity is important to us, we, therefore, encourage you to take the time to read this privacy notice carefully.
C-RAD Positioning AB is the data controller and thereby responsible for the processing of your personal data carried out by us or on our behalf. If you have any questions regarding the processing, you are welcome to contact us via the contact details provided on the website.
2. What personal data do we process about you?
Personal data is all information that may be associated to you as an individual. C-RAD processes different data about you depending on the relationship we have with you, as explained below. If you are a website visitor, we process the following data about you:
- Information collected via cookies such as IP address, device type and website interaction (pages viewed, content consumed, etc.) – for more information, please refer to our Cookie Information
- Information submitted by you in a survey or competition we have on our website or in one of our other communication channels (such as contact details or competition entry)
- Contact details in case you have completed a contact form, e.g. for the purpose of downloading material such as a handbook, a brochure, a webinar, an article, a case study etc
If you are a subscriber, we process the following data about you:
Email address you’ve entered in order to receive our newsletters and information
If you are a representative of one of our customers and/or supplier companies or a distributor we process the following data about you:
- Name and contact details
- Information relating to the company (company name, contact details, your role at the company, billing information, etc.)
- Information and communication relating to the company relationship (e.g. ordered products and services)
- Social security number (in case the company is a sole trader)
In addition, we will, regardless of which category above you belong to, process data that you send to or receive from us via customer service or otherwise contact C-RAD or one of our employees.
C-RAD may also, from time to time, collect information from publicly available sources and third parties, such as social networks and marketing companies. For example, C-RAD may receive basic information about your social network profile if you have logged in to C-RAD’s website or services using your social network account.
3. For what purposes do we process your personal data?
We use the personal data listed above for the purpose of:
- Providing and improving our website; we continually strive to improve our website content and we therefore use cookies and other similar techniques for statistical purposes, to compile anonymous, aggregated statistics that allows us to understand how visitors use the website and increase user-friendliness.
- Improving and adjusting the user experience; we may create group profiles or segment for the purpose of creating anonymous, aggregated statistics about the use of our websites, products and services in order to identify features that could be improved and to provide context based advertising to certain groups (data collected for these purposes is not used to identify a particular individual but to analyse how individuals in general or how certain groups use the website or services).
- Sending marketing material; we are sending newsletters and other information that you’ve signed up for as well as marketing material (note that you can always opt out from marketing via an unsubscribe link that is included in each message).
- Communicating with you; we are sending updates and information about C-RAD, event invitations and exhibitions, industry thought pieces etc.
- Asking for feedback; we may ask for feedback through surveys with the intention to improve C-RAD and our offering to our customers.
- Administering the relationship; the relationship we have with the customer and/or supplier company you are representing is important to us and we need to communicate with you, for example regarding orders, products or services.
- Communicating with you; if you have any complaint or questions about our offering, products or services we will process your request (note that if your request or inquiry calls for it, we may ask our sales representatives to contact you and such sales representatives are usually independent companies).
- Customer service; we continually strive to improve our customer service and your information/feedback helps us to respond to your customer service requests and support needs in a more efficient/effective way.
- Sales; we may use your data in order to follow up on sales leads and interest in our products and solutions (usually done via contact forms).
- Targeted advertising; we or our advertising partners may display content or advertisements to a website visitor. For example, a visitor may see a C-RAD advertisement (a recently viewed product on our website) on an advertising partner’s website. We use cookies and other similar technologies to display such personalised adverts based on, for example, your browsing, purchase history or log-in information.
4. When is your personal data erased?
We are retaining your data for as long as it is necessary to fulfil the purposes above, thereafter it is erased. If you are a representative, we keep your data for as long as you are the designated representative of the company you are representing, thereafter your contact details are replaced with the new representative’s contact details.
If you subscribe to our newsletters and information, we keep your data in order to provide you with such information as long as you have not opted out from the newsletters (you may always opt out using the link included in all emails).
For information about how long we store information collected via cookies we refer you to our Cookie Information.
5. With what legal basis do we process your personal data?
A majority of our processing is carried out based on a balancing of interest. This means that we have a legitimate interest of processing your data and we do it in a way that doesn’t interfere with your privacy. For example, our legitimate interest consist of the following:
- Fulfilling the agreement we have with the company you are representing as well as administrating and maintaining a good relationship with such company. For that purpose, we have a legitimate interest in communicating with you and providing you with relevant information.
- Providing relevant information, newsletters and marketing.
- Providing our website and perform statistical analysis of website usage in order to develop new and relevant functions.
6. To whom do we disclose your personal data?
Your personal data may be shared within C-RAD and disclosed to other C-RAD group companies for the purpose of leading, planning and organising the work and to external parties outside of C-RAD (e.g. parties providing services to C-RAD, such as distributors, agents or suppliers). The companies that we disclose data to are only allowed to process your data in accordance with our instructions and by way of agreements, we ensure a high level of security for your personal data.
We will also disclose your data to authorities if it follows from a legal requirement or administrative decisions or if C-RAD is involved in a merger, acquisition, or sale of all or a portion of its assets.
Should we transfer your data to external companies outside the EU/EEA, we ensure that appropriate security measures have been taken, such as including the EU Commission’s standard contractual clauses for data transfers (which are available on the EU Commission’s website) in our agreements with the parties accessing personal data.
7. Your rights in connection with our processing
7.1 Pursuant to applicable data protection legislation, you have the following rights in connection with our processing of your personal data:
- Right of access
- Right to rectification
- Right to erasure
- Right to restriction of processing
- Right to data portability
- Right to object to our processing of your personal data
- Right to withdraw your consent, a withdrawal will however not affect the lawfulness of processing based on your consent before its withdrawal
- Right to lodge a complaint with a supervisory authority if you consider that our processing does not comply with the applicable data protection legislation
7.2 Some of the rights above are only applicable in certain situations. In case you would like to exercise any of your rights, please contact us via the contact details provided on the website. This should be a link to contact form
7.3 If we make any changes to this policy, we will publish the new version on our website. The most recent version is always accessible on the website and we therefore encourage you to have a look every now and then to ensure that you are aware of our processing of your personal data.
8. What happens in a case of a personal data breach?
8.1 In the case of a personal data breach, we will without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the personal data breach to the supervisory authority competent, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons. Where the notification to the supervisory authority is not made within 72 hours, it shall be accompanied by reasons for the delay.
8.2 The notification shall at least:
- describe the nature of the personal data breach including where possible, the categories and approximate number of data subjects concerned and the categories and approximate number of personal data records concerned;
- communicate the name and contact details of the data protection officer or other contact point where more information can be obtained;
- describe the likely consequences of the personal data breach;
- describe the measures taken or proposed to be taken by C-RAD to address the personal data breach, including, where appropriate, measures to mitigate its possible adverse effects.
8.4 Where, and in so far as, it is not possible to provide the information at the same time, the information may be provided in phases without undue further delay.
8.5 We will document any personal data breaches, comprising the facts relating to the personal data breach, its effects and the remedial action taken. That documentation shall enable the supervisory authority to verify compliance with GDPR.
- Cookies
Like many other websites, we use cookies to obtain certain types of information when your web browser accesses some of our web pages. Cookies in themselves do not identify the individual user, just the computer used.
Our website requires the use of cookies to work properly. A cookie is a small file that a website transfers to your computer’s hard disk, allowing our server to remember specific information about your session.
No personally identifiable data is stored in cookies, only an anonymous ID number. Cookies are used to enable us to keep statistics about our visitors and to improve the experience for you as a user. If you do not accept the use of cookies, you can configure your browser to not accept cookies. For information on how to do this, see the user manual of your browser. If you choose to set your browser to not accept cookies, we cannot guarantee that our website is functioning properly.
We use both session cookies (which expire when you close your browser) and persistent cookies (which remain on the device for a certain amount of time or until you delete them). We use the following types of cookies for the purposes described in this table:
Type of cookie |
Purpose |
Necessary for the website to function |
These cookies are necessary for us to provide the website to you. For example, these cookies allow us to recognize who you are and then provide accurate information to you. |
Performance and analysis |
We use these cookies to analyze how the website is accessed, used, or functioning. We use the information to maintain and improve the website. |
Third parties |
We may allow our partners to use cookies for the same purposes as stated above. We may also hire service providers for the purpose of using cookies for the purposes stated above. |
- How to contact us
Do not hesitate to contact us if you have any questions about this Privacy Policy or the processing of your Personal Data or if you would like to obtain information about any stored Personal Data about you.
You can contact us at: C-Rad AB, Sjukhusvägen 12K, SE-753 09 Uppsala, Sweden, or at our email: info@c-rad.com