Skip to main content
conference lunch move company map contacts lindholmen lindholmen 2 travel info

How we are processing personal data of our supplier contacts

Privacy Policy for Supplier Contacts

We process personal data about you as a contact person of one of our tenderers and/or suppliers (“Supplier Contacts”), due to the circumstance that you or your employer or principal has or has had discussions or negotiations regarding such business relations.

What personal data do we process?

We process your first and last name, email address, telephone number, address, CV, title/professional position and company affiliation and other personal data that is relevant for tenders that is transferred to us from you or your employer or principal (“Contact Details”).

When you as a Supplier Contact sign an agreement through our service for digital signing with the use of Bank-id, we process your personal identity number (Sw. personnummer). When we enter into an agreement directly with you as a private person, we process your personal identity number.

What are the purposes of our processing of your personal data and what legal basis do we base such processing on?

We process your personal data as a Supplier Contact for the following purposes:

  • to analyze and manage tenders that we receive and to communicate with such tenders as well as to award contract to the winning tenderer;
  • to manage, administer and fulfil orders;
  • to communicate in relation to past, current and upcoming orders and other necessary communication in relation to the tender or the awarded contract;
  • administration, management, implementation and follow-up etc. of the current business relationship and its deliveries as well as associated communication by telephone, email address or other communication channels;
  • invoicing and payment procedure, if applicable.

This processing is based upon that the processing is necessary for purposes of our legitimate interest to analyze and manage received tenders as well as to fulfill our contractual rights and obligations towards the contracting employer or principal.

We process your name, email address, title/professional position and company affiliation for the following purposes:

  • marketing of our business, projects and events;
  • management, follow-up, evaluations and administration of supplier surveys;
  • fulfill legal requirements in relation to e.g. marketing legislation (keeping record of if you have unsubscribed to receiving our newsletters/marketing material);
  • to safeguard and exercise our legal rights.

The processing is based upon that the processing is necessary for purposes of our legitimate interest to send marketing materials and information that we believe is in the interest of you as a Supplier Contact or your employer or principal and our legitimate interest to be able to follow-up and evaluate the business relationship and its deliveries and protecting our legal rights. In addition, the legal basis for the processing related to keeping record of if you have unsubscribed to receiving our newsletters/marketing material, is that the processing is necessary for compliance with the Swedish Marketing Act.

We process your personal identity number for the purpose of providing and administering digital signing of contracts with the use of Bank-id for a secure identification. The personal identity number is processed based upon that the processing is necessary for the purpose of our legitimate interest to be able to provide digital signing of agreements, keeping the signed contract for the time during which we need to be able to prove the contract and its content as well as protecting and exercising our legal and contractual rights.

When we enter into a contract directly with you as a Supplier Contact, we also process your personal identity number as a part of the agreement for the purpose of ensuring your identity so that we know and can document who we enter into an agreement with. This processing is based upon that the processing is necessary for the purposes of our legitimate interest to ensure your identity as being a contracting party to us.

We process your personal data found in verifications (in relation to invoices and payments) and the like for the purpose of fulfilling the requirements in the Swedish Accounting Act (1999:1078). The legal basis for this processing is that the processing is necessary for the compliance with a legal obligation which we are subject to.

From where do we collect your personal data?

The personal data is collected directly from you or your employer or principal. We may also collect personal data from third parties acting as references to your organization as a tenderer or supplier

Who do we share your personal data with?

We share your personal data with third parties that process personal data on our behalf, so called processors, e.g., supplier of the supply-, support and maintenance of IT- and cloud services, etc.

We will also transfer personal data to third parties acting as independent controllers or joint controllers with Lindholmen Science Park, if such transfer is required by applicable law, or if we have another legal ground for such transfers, e.g., third parties that are acting as host organizations to one of our programs, for example as with the program AI Sweden, and therefore need to access some personal data to be able to fulfill their contractual obligations and undertakings followed by the collaboration agreement between the respective host organization and Lindholmen Science Park AB regulating their work within AI Sweden. We have provided specific information about how AI Sweden collaborates with such host-organizations and how this affects the processing of your personal data on AI Sweden’s website, here.

For how long period of time is your personal data stored?

Personal data processed for contractual and business relationship purposes will be processed as long as we may have any contractual rights and obligations towards you as Supplier Contact or your employer or principal. If the employment or contract with you is terminated with the supplier or in relation to us, we will cease to process your personal data as soon as we have received information of such termination from the supplier.

Personal data processed for marketing purposes will be processed for 12 months from when the last time you read our newsletter or other marketing material. If you unsubscribe from receiving our newsletters or other marketing material we will store your personal data for a period of ten (10) years after our receipt of such request in order to make sure that no marketing material is sent to you. 

Our processing of your personal identity number for the purpose of providing and administering digital signing of agreements through the use of Bank-id, will be processed as long as the agreement is effective and as long as it is possible to put forward claims as a result of the agreement.

Our processing of your personal identity number for the purpose of entering into a contract directly with you as private person will be processed as long as the agreement is effective and as long as it is possible to put forward claims as a result of the agreement.

When it comes to processing of your personal data related to invoicing or payment we will store the personal data necessary for the fulfilment of requirements under the Swedish Accounting Act (1999:1078) for a period of seven (7) years.

Transfer of personal data to countries outside the EU/EEA

We strive to only process personal data within the EU/EEA. When we transfer your personal data to third parties acting as our processors, e.g., supplier of the supply-, support and maintenance of IT- and cloud services, these processors may transfer data outside the EU/EEA on our behalf. In cases where our processors are transferring or processing personal data outside the EU/EEA, such processing is based either on a decision from the European Commission establishing that the country in question ensures an adequate level of protection or appropriate safeguards that ensure that your rights are protected such as standard contractual clauses adopted by the European Commission and supplementary security measures to such standard contractual clauses when necessary.

..........