Skip to main content

Privacy policy for Lindholmen Science Park AB

Lastly updated 2021-09-23

Lindholmen Science Park AB, company organization number 556568-6366, (“Lindholmen Science Park”, “we”, “our”, “us”) is the host of ten different programs and projects (the “Programs”). The respective Programs have their own websites and newsletter etc., but they are not legal entities as such. Lindholmen Science Park is the controller for all processing of your personal data conducted by the respective Programs. Hence, this Privacy Policy is applicable for all the respective Programs within the organization. Please read more about our different Programs here.

Your privacy and the protection of your personal data are important to us and for transparency we have created this Privacy Policy to provide you with the information of how we process your personal data. To provide you with clear and concise information in an easy and accessible format we have separated our Privacy Policy into specific Policies depending on the type of processing and you can access information about how we process your personal data by clicking on the different situations below.

Personal data pertains to all sorts of information that in one way or another can be connected to you as an individual. This could be information such as your name or personal identity number, but also other details such as your phone number and email address as well as images in which you are depicted.


This Privacy Policy includes information about:

We may update this Privacy Policy and the respective sections listed above from time to time. If you have any questions or concerns about our processing of your personal data, do not hesitate to contact us. Please see our contact details below on this main page.


Your rights

Below you can read about the rights you have in relation to our processing of your personal data. To exercise your rights, you are welcome to contact us in accordance with our contact information below.

Right to withdraw your consent and object to our processing
For processing activities that we base on the legal basis consent, you have the right to, at any time, withdraw your consent. It is important to note that, if you withdraw your consent, it only applies to processing that has already taken place.

You have the right to object to our processing of your personal data for marketing purposes. You also have the right to object to the processing of your personal data that is based on the legal basis that the processing is necessary for the purposes of a legitimate interest.

Right to access
You have the right to obtain a confirmation from us as to whether or not we process your personal data. If we process your personal data, you have the right to receive information about our processing of your personal data. You also have the right to request a copy of the personal data we process about you.

Right to rectification
You have the right to have incorrect personal data corrected and to have incomplete information completed by providing us with the correct information.

Right to erasure (right to be forgotten) and limitation of our processing
You have the right to request that we erase your personal data (for example, if the personal data is no longer necessary for the purpose of the processing). You may also request that we restrict certain processing of your personal data (for example if you object to the accuracy of the data).

Right to data portability
If you have given your consent to our processing of your personal data or if the legal basis for our processing is to fulfil an agreement with you, then you have the right to obtain the personal data that you have provided to us in a structured, commonly used and machine-readable format. You also have the right to request that we transmit such personal data to another controller or that we assist you in transmitting the data to another controller when this is technically feasible.

Right to complain
You have the right to lodge a complaint with a supervisory authority concerning our processing of your personal data. The supervisory authority in Sweden is (Integritetsskyddsmyndigheten - IMY). See contact information to IMY below.


Our contact information

If you want to contact us with regards to our processing of your personal data, or if you want to exercise your rights in relation to our processing of your personal data, you are welcome to contact us through the contact details below.


CONTROLLER

Name: Lindholmen Science Park AB

Company organization number: 556568-6366

Postal address: Lindholmspiren 3-5, Box 8077, SE-402 78 Gothenburg

E-mail address: privacy@lindholmen.se

Telephone number: +46 (0)70-820 29 69


Note

This Privacy Policy is only applicable to Lindholmen Science Park's and its subdomains’ processing of your personal data. Lindholmen Science Park assumes no responsibility for the processing of your personal data by other businesses or websites. When you are linked to a third party’s website, we recommend that you read the Privacy Policy in effect for that website.

 

SUPERVISORY AUTHORITY

Name: Integritetsskyddsmyndigheten, IMY

Postal address: Box 8114, 104 20 Stockholm, Sweden

E-mail address: imy@imy.se

Telephone number: +46 (0)08-657 61 00

..........


Privacy Policy for business partner contacts

We process personal data about you as a contact person to one of our business partners (“Contact Person”), due to the circumstance that you as a Contact Person has or has had a business relation with us, and/or has or has had discussions or negotiations regarding such business relations or that your employer or principal has listed you as a contact person for them.


What personal data do we process?

We process your first and last name, email address, telephone number, address, title/professional position, company affiliation and other personal data that is transferred to us (“Contact Details”).

When you as a Contact Person sign an agreement through our tool for digital signing with the use of Bank-id, we also process your personal identity number (Sw. personnummer).


What are the purposes of our processing of your personal data and what legal basis do we base such processing on?

We process your personal data for the purpose of maintaining a business relationship with you and/or your employer and your organization which is part of fulfilment of our aim to develop competence and collaboration networks to ensure the competitiveness and development in innovation of the Swedish business community on an international level and to contribute to a sustainable society. The processing operations include:

  • administration, management, implementation and follow-up, etc. of the current business relationship and its deliveries and associated communication by telephone, email, text message or other communication channels;
  • management, follow-up, evaluations and administration;
  • marketing of our business, projects and event;
  • planning, management, implementation and administration of focus groups and networks and associated communication by telephone, email, text message or other communication channels;
  • invoicing and payment procedure, if applicable;
  • to protect and exercise our legal rights;
  • fulfill legal requirements in relation to e.g. marketing legislation (keeping record of if you have unsubscribed to receiving our newsletters/marketing material).

The processing of your personal data for the above purpose is based upon the legal basis that the processing is necessary for the purpose of our legitimate interests to uphold a business relation with you and/or your employer or principal which is part of fulfilment of our aim to develop competence and collaboration networks to ensure the competitiveness and development in innovation of the Swedish business community on an international level and to contribute to a sustainable society. In addition, the legal basis for the processing related to keeping record of if you have unsubscribed to receiving our newsletters/marketing material, is that the processing is necessary for compliance with the Swedish Marketing Act.

We process your personal identity number for the purpose of securing your identity in connection with the entering into agreements with us and administration of digital signing of agreements through the use of Bank-id. The personal identity number is processed based on the legal basis that the processing is necessary for the purposes of our legitimate interest to be able to secure your identity in relation to agreements that are entered into with us and administering digital signing of agreements as well as the agreements as such.

We process your personal data found in verifications (in relation to invoices and payments) and the like for the purpose of fulfilling the requirements in the Swedish Accounting Act (1999:1078). The legal basis for this processing is that the processing is necessary for the compliance with a legal obligation which we are subject to.


From where do we collect your personal data?

We collect your personal data directly from you as a Contact Person or from your employer or principal. In certain instances, we will also collect personal data from public records or from third parties that we are cooperating with or from social media such as LinkedIn.


Who do we share your personal data with?

We share your personal data with third parties that process personal data on our behalf, so called processors. These processors are, e.g., supplier of the supply-, support and maintenance of IT- and cloud services, suppliers of market and customer satisfaction surveys.

We will also transfer personal data to third parties acting as independent controllers or joint controllers with us, e.g., (i) third parties that are acting as host organizations to one of our Programs, for example as with the program AI Sweden, and therefore need to access some personal data to be able to fulfill their contractual obligations and undertakings followed by the collaboration agreement between the respective host organization and us regulating their work within AI Sweden (we have provided specific information about how AI Sweden collaborates with such host-organizations and how this affects the processing of your personal data on AI Sweden’s website here), and (ii) our insurance companies in the event of insurance matters.


For how long period of time is your personal data stored?

When your personal data is processed for the purpose of maintaining a business relationship, we will process your personal data as long as we have a business relationship with you or as long as your organization and/or your employer or principal have listed you as a Contact Person.

Personal data processed for marketing purposes will be processed for 12 months from when the last time you read our newsletter or other marketing material. If you unsubscribe from receiving our newsletters or other marketing material we will store your personal data for a period of ten (10) years after our receipt of such request in order to make sure that no marketing material is sent to you.

Our processing of your personal identity number for the purpose of providing and administering digital signing of agreements through the use of Bank-id, will be processed as long as the agreement is effective and as long as it is possible to put forward claims as a result of the agreement.

When it comes to processing of your personal data related to invoicing or payment, we will store the personal data necessary for the fulfilment of requirements under the Swedish Accounting Act (1999:1078) for a period of seven (7) years.


Transfer of personal data to countries outside the EU/EEA

We strive to only process personal data within the EU/EEA. When we transfer your personal data to third parties acting as our processors, e.g., supplier of the supply-, support and maintenance of IT- and cloud services, these processors may transfer data outside the EU/EEA on our behalf. In cases where our processors are transferring or processing personal data outside the EU/EEA, such processing is based either on a decision from the European Commission establishing that the country in question ensures an adequate level of protection or appropriate safeguards that ensure that your rights are protected such as standard contractual clauses adopted by the European Commission and supplementary security measures to such standard contractual clauses when necessary.

..........


Privacy Policy for participants of our research projects

We process personal data about you, as a participant (“Participants”) in research projects, collaboration projects or similar (“Research Projects”), due to the circumstance that you as a Participant or your employer or principal participates or has participated in a Research Project (or in an application for a Research Project).


What personal data do we process?

The personal data that we process about you is your first and last name, email address, telephone number, address, title/professional position and company affiliation, picture, financial information (e.g., salary and bank account number), level of education and other information that you enter into your application, cv or other documents connected to the application in relation to a Research Project.

When you as a Participant in a Research Project sign a project agreement through our tool for digital signing with the use of Bank-id, we process your personal identity number (Sw. personnummer).

We also process information on your gender to ensure equality in the project consortium and in the project results.


What are the purposes of our processing of your personal data and what legal basis do we base such processing on?

We process your personal data for the purpose of applying for, planning, administering and marketing Research Projects and associated obligations and communications. This includes:

  • fulfilling obligations towards the funding organization (e.g., reporting and presentation) of the Research Project and other parties participating in the Research Project (e.g., distribute funding);
  • internal and external communication of the Research Project, e.g., at our internal network, website or any of the different websites of our Programs, social media channels and other communication channels;
  • evaluate and assess candidates and applications;
  • marketing of our business, projects and various events;
  • management, follow-up, evaluations (e.g., conducting a survey or similar) and administration;
  • fulfill legal requirements in relation to e.g. marketing legislation (keeping record of if you have unsubscribed to receiving our newsletters/marketing material).
  • protect and exercise our legal rights.

This processing of your personal data is based upon the legal basis that the processing is necessary for purposes of our legitimate interest to develop competence and collaboration networks to ensure the competitiveness and development in innovation of the Swedish public and private sector on an international level and contribute to a sustainable society. In addition, the legal basis for the processing related to keeping record of if you have unsubscribed to receiving our newsletters/marketing material, is that the processing is necessary for compliance with the Swedish Marketing Act.

We process your personal identity number for the purpose of securing your identity in connection with the entering into agreements with us and administration of digital signing of agreements through the use of Bank-id. The personal identity number is processed based on the legal basis that the processing is necessary for the purposes of our legitimate interest to be able to secure your identity in relation to agreements that are entered into with us and administering digital signing of agreements as well as the agreements as such.

We process information on your gender for the purpose of ensuring equality in the project consortium and in the project results in accordance with required indications from our financiers. The legal basis for this processing is that the processing is necessary for the purposes of our legitimate interest to ensure equality.  


From where do we collect your personal data?

We collect your personal data directly from you or from your employer or principal. We also collect personal data from public records, from other Participants, or from other third parties cooperating with us.


Who do we share your personal data with?

We share your personal data with third parties that process personal data on our behalf, so called processors. These processors are, e.g., supplier of the supply-, support and maintenance of IT- and cloud services, suppliers of market and customer satisfaction surveys.

We will also transfer personal data to third parties acting as independent controllers or joint controllers with us, e.g., (i) third parties that are acting as host organizations to one of our Programs, for example as with the program AI Sweden, and therefore need to access some personal data to be able to fulfill their contractual obligations and undertakings followed by the collaboration agreement between the respective host organization and us regulating their work within AI Sweden (we have provided specific information about how AI Sweden collaborates with such host-organizations and how this affects the processing of your personal data on AI Sweden’s website here), and (ii) our insurance companies in the event of insurance matters and governmental authorities when required by applicable law, etc.


For how long period of time is your personal data stored?

Your personal data that is processed for the purpose of applying for, planning, administering and marketing Research Projects and associated obligations and communication will be processed as long as we have any contractual rights and obligations connected to the agreements regarding the Research Project, as long as the funding organization requires and as long as there are any legal obligations to which we are subject.

Personal data processed for marketing purposes will be processed for 12 months from when the last time you read our newsletter or other marketing material. If you unsubscribe from receiving our newsletters or other marketing material we will store your personal data for a period of ten (10) yearss after our receipt of such request in order to make sure that no marketing material is sent to you.

Our processing of your personal identity number will be processed as long as the agreement is effective and as long as claims can be put forward as a result of the agreement.

Our processing of your personal data in relation to your gender is processed until the Research Project is finalized. After this the personal data will be deleted, and only information about the percentage of equality will be saved as part of the project documentation.


Transfer of personal data to countries outside the EU/EEA

We strive to only process personal data within the EU/EEA. When we transfer your personal data to third parties acting as our processors, e.g., supplier of the supply-, support and maintenance of IT- and cloud services, these processors may transfer data outside the EU/EEA on our behalf. In cases where our processors are transferring or processing personal data outside the EU/EEA, such processing is based either on a decision from the European Commission establishing that the country in question ensures an adequate level of protection or appropriate safeguards that ensure that your rights are protected such as standard contractual clauses adopted by the European Commission and supplementary security measures to such standard contractual clauses when necessary.

..........


Privacy Policy for AI Sweden’s Data Factory

INTRODUCTION
AI Sweden is one of Lindholmen Science Park’s Programs. AI Sweden is a national and neutral initiative working together with other host organizations in Sweden, but the initiative is hosted by us. You can read more about the organizational structure of the program AI Sweden here.

In order to provide you with a better understanding of our processing of your personal data in relation to AI Sweden’s Data Factory (the “Data Factory”) this subsection will specifically cover the processing of such personal data. If you have questions, please don’t hesitate to contact us through the contact information found on the main page.

The Data Factory has been established as a resource for AI Sweden’s partners and project parties for the purpose of conducting research and testing.

This part of the Privacy Policy includes the following information:

  1. How we process personal data in a dataset.
  2. How we process personal data when you, as a user, access the DataFactory.


1. Processing of personal data in a dataset

We process your personal data about you when your personal data is included in a dataset that has been donated or licensed to the Data Factory.

Specific information about our processing of each dataset will be provided on AI Sweden’s website where the datasets are also described in more detail.


What personal data may be processed in a dataset in the Data Factory?

The personal data processed may be in the form of images, names, email addresses, physical locations, license plates, telephone numbers and other information attributable to individuals. These datasets are always donated or licensed to Lindholmen Science Park under agreements that also regulate data protection. All our datasets are listed on our website. If a dataset contains personal data, you can find specific information on how we process personal data included in such a dataset on AI Sweden’s website, in connection to the respective dataset.


What are the purposes of our processing of your personal data and what legal basis do we base such processing on?

With the Data Factory services we intend to enable partners and project parties of AI Sweden to test and train algorithms in order to increase the use of applied AI in Sweden for the benefit of the Swedish society, Sweden’s competitiveness in the field of AI and for everyone living in Sweden. A major part of the Data Factory is to enable partners and project parties to access datasets for scientific research, development and testing purposes related to AI. Such research, development and testing will be performed by us, by partners and/or project parties to AI Sweden or by us in collaboration with partners and/or project parties to AI Sweden.

To provide the services of the Data Factory we might therefore need to process (e.g., receive, use, store and/or share) personal data for specific purposes. Lindholmen Science Park may also process personal data to enable anonymization.
The legal basis for the processing concerning datasets will in most cases be that the processing is necessary for purposes of our legitimate interest to offer the Data Factory services and to facilitate for AI testing and research purposes as described above and specifically described for each dataset.

To clarify, we will not collect nor receive datasets for the specific purpose of collecting personal data and do not in any way attempt to identify the individuals that may be identifiable in a dataset.


From where do we collect your personal data?

The datasets will be collected from partners of AI Sweden, project parties and other organizations that want to donate or license a dataset to Lindholmen Science Park. Information about each dataset will be provided on AI Sweden’s website. If a dataset contains personal data, you can find specific information on how we process personal data included in such a dataset.

Each donor or licensor is responsible for their own processing of personal data and that they have the right to donate or license the dataset to Lindholmen Science Park. The donor or licensor and Lindholmen Science Park will be independent controllers and hence responsible for their own processing of your personal data. This will be clearly regulated in agreements between Lindholmen Science Park and each dataset donor or licensor.


Who do we share your personal data with?

We will transfer personal data in a dataset to partners and/or project parties to AI Sweden that apply to use a specific dataset by giving them a sub-license in accordance with the terms stated in an agreement between us and the applying partner and/or project party. Access to and transfer of datasets, containing personal data, to a partner and/or a project party will only be made for purposes that are in line with our purposes for its processing of the personal data, as described above.

Third parties processing such datasets will process the personal data included therein as independent controllers or, if applicable, as joint controllers with us. Such controllers are requested to apply the same level of security for processing of personal data, as we do.

We will also transfer personal data to third parties acting as our processors, e.g., supplier of the supply-, support and maintenance of IT- and cloud services, etc.


For how long period of time is your personal data stored?

Information about how long a dataset is stored will be provided specifically for each dataset on AI Sweden’s website, where all datasets are listed.

Please be informed that we only store your personal data as long as it is needed for the purpose for which it was collected.

The period of time that a dataset will be stored in the Data Factory can also depend on (i) the period of time that the dataset has been licensed to the Data Factory and (ii) the period of time that the dataset is considered as useful for the purpose of storing it and keeping it available for Data Factory users.


Transfer of personal data to countries outside the EU/EEA

We strive to only process personal data within the EU/EEA. When we transfer your personal data to third parties acting as our processors, e.g., supplier of the supply-, support and maintenance of IT- and cloud services, these processors may transfer data outside the EU/EEA on our behalf. In cases where our processors are transferring or processing personal data outside the EU/EEA, such processing is based either on a decision from the European Commission establishing that the country in question ensures an adequate level of protection or appropriate safeguards that ensure that your rights are protected such as standard contractual clauses adopted by the European Commission and supplementary security measures to such standard contractual clauses when necessary.


2. Processing of personal data when you, as a user, access the Data Factory

As a result of that you request to be, and/or your employer or principal requests you to be, registered as a user (the “User”) of the Data Factory we will process your personal data to be able to complete your registration and to provide the services (the “Data Factory Services”) in accordance with our terms of use for the Data Factory.


What personal data do we process?

We process your first and last name, email address, telephone number, address, title/professional position and company affiliation if applicable, your sign-on credentials (email and password), username (user ID), any profile or biographical information you choose to provide and other required contact details (“Contact Details”).

When you as a User sign an agreement through our tool for digital signing with the use of Bank-id, we also process your personal identity number (Sw. personnummer). When we enter into an agreement directly with you as a User, we process your personal identity number in the agreement.

We process information about your nationality to comply with export control regulations to which we are subject.

We also process personal data about you in relation to your use of the Data Factory Services. This includes your activities in the Data Factory e.g., when you log in, how you access our services, device information, your IP-address, the content you upload to the environment and statistical information of your activities.


What are the purposes of our processing of your personal data and what legal basis do we base such processing on?

We process your personal data for the following purposes:

  • Providing the Data Factory Services;
  • Maintenance and improving our services;
  • Associated communication by telephone, email, text message or other communication channels;
  • Providing support to the User;
  • Invoicing and payment procedure, if applicable;
  • Resolve disputes, collect fees and enforce our terms and policies.

When we enter into an agreement directly with you as a User for the Data Factory Services, we base our processing above on that the processing is necessary for the performance of the agreement. When we enter into a contract with your employer or principle that wants to use the Data Factory Services, we process your personal data based upon that the processing is necessary for the purposes of our legitimate interest to be able to provide the Data Factory Services and to fulfill our contractual rights and obligations towards the contracting employer or principal.

We process your personal identity number for the purpose of securing your identity in connection with the entering into agreements with us and administration of digital signing of agreements through the use of Bank-id. The personal identity number is processed based on the legal basis that the processing is necessary for the purposes of our legitimate interest to be able to secure your identity in relation to agreements that are entered into with us and administering digital signing of agreements as well as the agreements as such.

When we enter into a contract directly with you as a User, we also process your personal identity number as part of the agreement based on our legitimate interest for the purpose of entering into a contract with you as a private person, to be able to identify you as a contract party.

We process your nationality for the purpose of complying with export control regulations that our collaboration partners from the United States require us to do.

We process your personal data in the form of your activities when you use our services based on our legitimate interest for the following purposes:

  • Provide our services;
  • Evaluate and assess requests to use the Data Factory;
  • Maintain & improve our services;
  • Develop new services;
  • Measure performance;
  • Internal and external communication about the Data Factory, e.g., at our internal networks, website and the different websites of our Programs, social media channels and other communication channels;
  • Marketing of our business, projects and various events;
  • Fulfill legal requirements in relation to e.g. marketing legislation (keeping record of if you have unsubscribed to receiving our newsletters/marketing material);
  • Management, follow-up, evaluations and administration related to the Data Factory Services;
  • Protect us, our users and the public.

The personal data is processed based upon that the processing is necessary for the purposes of our legitimate interest to administer, manage and provide the Data Factory Services. In addition, the legal basis for the processing related to keeping record of if you have unsubscribed to receiving our newsletters/marketing material, is that the processing is necessary for compliance with the Swedish Marketing Act.

We process your personal data found in verifications (in relation to invoices and payments) and the like for the purpose of fulfilling the requirements in the Swedish Accounting Act (1999:1078). The legal basis for this processing is that the processing is necessary for the compliance with a legal obligation which we are subject to.


From where do we collect your personal data from?

We receive personal data directly from you in connection with your request to become a User of the Data Factory Services and when you use the services. We may also collect personal data from your employer or principal or from our processors for the Data Factory Services.


Who do we share your personal data with?

We share your personal data with third parties that process personal data on our behalf, so called processors. These processors are, e.g., supplier of the supply-, support and maintenance of IT- and cloud services, suppliers of market and customer satisfaction surveys.

We may also transfer personal data to third parties acting as independent controllers or joint controllers with Lindholmen Science Park, if such transfer is required by applicable law, or if we have another legal ground for such transfers, e.g., third parties that are acting as host organizations to one of our programs, for example as with the program AI Sweden, and therefore need to access some personal data to be able to fulfill their contractual obligations and undertakings followed by the collaboration agreement between the respective host organization and Lindholmen Science Park AB regulating their work within AI Sweden. We have provided specific information about how AI Sweden collaborates with such host-organizations and how this affects the processing of your personal data on AI Sweden’s website, here.

Other Data Factory Users may access your personal data in the form of you Contact Details when they use the Data Factory Service and hence, we may therefore transfer your personal data to the other Data Factory Users.


For how long period of time is your personal data stored?

Personal data processed for the purpose of providing the Data Factory Services will be processed as long as we have any contractual rights and obligations towards you or your employer or principal. When you are no longer a User of the Data Factory Services, we will save your information for six (6) months. After that we will delete your personal data.

Our processing of your personal identity number based on our legitimate interest for the purpose of providing and administer digital signing of contracts with the use of Bank-id, will be processed as long as the agreement is effective and as long as there are claims as a result of the agreement.

Our processing of your personal identity number based on our legitimate interest for the purpose of entering into a contract directly with you as private person will be processed as long as the agreement is effective and as long as there are claims as a result of the agreement.

Our processing of your nationality based on our legitimate interest for the purpose of complying with export control regulations that our collaboration partners from the United States requires us to do will be processed during the time you use the Data Factory Services.

Personal data processed for marketing purposes will be processed for 12 months from when the last time you read our newsletter or other marketing material. If you unsubscribe from receiving our newsletters or other marketing material we will store your personal data for a period of ten (10) years after our receipt of such request in order to make sure that no marketing material is sent to you. 

When it comes to processing of your personal data related to invoicing or payment, we will store the personal data necessary for the fulfilment of requirements under the Swedish Accounting Act (1999:1078) for a period of seven (7) years.


Transfer of personal data to countries outside the EU/EEA

We strive to only process personal data within the EU/EEA. When we transfer your personal data to third parties acting as our processors, e.g., supplier of the supply-, support and maintenance of IT- and cloud services, these processors may transfer data outside the EU/EEA on our behalf. In cases where our processors are transferring or processing personal data outside the EU/EEA, such processing is based either on a decision from the European Commission establishing that the country in question ensures an adequate level of protection or appropriate safeguards that ensure that your rights are protected such as standard contractual clauses adopted by the European Commission and supplementary security measures to such standard contractual clauses when necessary.

..........


Privacy Policy for business contacts

Within the program AI Sweden, Lindholmen Science Park collaborates with other organizations that are hosting the other local nodes within Sweden.

AI Sweden has a CRM-system that is hosted together with the following host-organizations: Kista Science City AB, Mobile Heights AB, Örebro University and Linköping Science Park AB. The above-mentioned organizations are joint controllers for the storing (management and security) of your personal data in the CRM-system. The respective organizations are hence solely responsible for all other types of processing of your personal data that they conduct, such as for example collecting personal data, for inserting the information in the system and their own usage of the information that is the CRM-system.

The organizations have entered into an agreement that regulates the joint responsibility. In accordance with this agreement the organization that collects your personal data is responsible for providing you with the required information in accordance with the GDPR at the right time.

The organizations have agreed that you as a data subject can contact either of the organizations to ask questions or to make a request. The organizations have also agreed that the organization that receives a request in accordance with the GDPR from you as a data subject shall handle such a request. You can contact Lindholmen Science Park through the contact information listed on the main page.

You can contact Kista Science City AB here.
You can contact Mobile Heights AB here.
You can contact Örebro University here.
You can contact Linköping Science Park AB here.

Below you can read about how Lindholmen Science Park processes your personal data in relation to the CRM-system.

Lindholmen Science Park process personal data about you as a business contact (partners, project parties and other relevant contacts).


What personal data do we process?

We process your first and last name, email address, telephone number, address, title/professional position and company affiliation (“Contact Information”).

We also process information about, and in relation to, meetings that representatives from us have had with you as a representative from your organization, including what type of information your organization has an interest for in relation to AI Sweden, information about which networks you participate in and the status of projects and initiatives that you are involved in.


What are the purposes of our processing of your personal data and what legal basis do we base such processing on?

We process your personal data for the purpose of maintaining a business relationship with you and/or your employer and your organization. This purpose includes:

  • administration, management, implementation and follow-up, etc. of the current business relationship and its deliveries and associated communication by telephone, email, text message or other communication channels;
  • management, follow-up, evaluations and administration;
  • effective marketing of Lindholmen Science Park’s business, projects and events;
  • planning, management, implementation and administration of focus groups and networks and associated communication by telephone, email, text message or other communication channels;
  • fulfilling contractual rights and obligations and other responsibilities towards your employer or principal when we have, have had or discuss to have a business relation with your organization, as well as to develop, follow-up and assess our program, AI Sweden;
  • fulfill legal requirements in relation to e.g. marketing legislation (keeping record of if you have unsubscribed to receiving our newsletters/marketing material).

This processing is based upon that the processing is necessary for the purposes of our legitimate interest to maintaining a business relationship with you and/or your employer. In addition, the legal basis for the processing related to keeping record of if you have unsubscribed to receiving our newsletters/marketing material, is that the processing is necessary for compliance with the Swedish Marketing Act.


From where do we collect your personal data?

We collect your personal data directly from you or your employer or principal.


Who do we share your personal data with?

We share your personal data with third parties that process personal data on our behalf, so called processors. These processors are, e.g., supplier of the supply-, support and maintenance of IT- and cloud services, suppliers of market and customer satisfaction surveys.

We may also transfer personal data to third parties acting as independent controllers or joint controllers with Lindholmen Science Park, if such transfer is required by applicable law, or if we have another legal ground for such transfers, e.g., third parties that are acting as host organizations to one of our programs, for example as with the program AI Sweden, and therefore need to access some personal data to be able to fulfill their contractual obligations and undertakings followed by the collaboration agreement between the respective host organization and Lindholmen Science Park AB regulating their work within AI Sweden. We have provided specific information about how AI Sweden collaborates with such host-organizations and how this affects the processing of your personal data on AI Sweden’s website, here.


For how long period of time is your personal data stored?

We will process your personal data as long as we have a business relationship with you, your organization and/or your employer or principal and for 12 months after such business relationship has ended.

Personal data processed for marketing purposes will be processed for 12 months from when the last time you read our newsletter or other marketing material. If you unsubscribe from receiving our newsletters or other marketing material we will store your personal data for a period of ten (10) years after our receipt of such request in order to make sure that no marketing material is sent to you. 


Transfer of personal data to countries outside the EU/EEA

We strive to only process personal data within the EU/EEA. When we transfer your personal data to third parties acting as our processors, e.g., supplier of the supply-, support and maintenance of IT- and cloud services, these processors may transfer data outside the EU/EEA on our behalf. In cases where our processors are transferring or processing personal data outside the EU/EEA, such processing is based either on a decision from the European Commission establishing that the country in question ensures an adequate level of protection or appropriate safeguards that ensure that your rights are protected such as standard contractual clauses adopted by the European Commission and supplementary security measures to such standard contractual clauses when necessary.

..........


Privacy Policy in connection with AI Sweden’s collaboration with Ignite Sweden for the Swedish AI Startup Landscape

Lindholmen Science Park have entered into a collaboration with SISP Service and Development AB (“Ignite Sweden”) for creating a mapping of Swedish AI Startups, an initiative called The Swedish AI Startup Landscape. In this project, the two parties collect data about startup companies in Sweden, which includes personal data. The data is collected through Ignite Sweden’s database Magic and the organizations are joint controllers for the collection of personal data in relation to The Swedish AI Startup Landscape.

The two parties have entered into an agreement that regulates the joint controllership. In accordance with mentioned agreement the respective organizations are responsible for providing you with the required information in accordance with the GDPR at the right time.

The organizations have agreed that Ignite Sweden is responsible for handling questions and requests from you as a data subject. If you have questions, or if you wish to make a request, we ask you to contact Ignite Sweden through the contact information provided here.

How Lindholmen Science Park processes personal data transferred from Ignite Sweden in relation to The Swedish AI Startup Landscape.

Lindholmen Science Park, processes personal data about you when you, or your employer or principal (“Contact Persons”) sign up your organization to be a part of The Swedish AI Startup Landscape. 


What personal data do we process?

The personal data that we process includes your first and last name, email address, telephone number, address, title/professional position and company affiliation.


What are the purposes of our processing of your personal data and what legal basis do we base such processing on?

We process your personal data for the purpose of providing the offerings of The Swedish AI Startup Landscape and marketing the organization as an AI Startup as well as to provide the Startup with information, marketing and offerings related to the Swedish AI Startup Landscape and correlating initiatives, such as AI Sweden’s Startup-program, that we believe is in the interest of your organization. This processing is based upon that the processing is necessary for the purposes of our legitimate interests to provide the offerings of The Swedish AI Startup Landscape and market the organization as an AI Startup as well as to provide the Startup with information, marketing and offerings related to the Swedish AI Startup Landscape and correlating initiatives.

We also process your personal data for the purpose of fulfilling legal requirements in relation to e.g. marketing legislation (keeping record of if you have unsubscribed to receiving our newsletters/marketing material). This processing is based upon that the processing is necessary for compliance with the Swedish Marketing Act.


From where do we collect your personal data?

We collect your personal data directly from you or your employer, or another representative from your organization, in relation to the registration of your organization to participate in The Swedish AI Startup Landscape, through Ignite Sweden’s database Magic.


Who do we share your personal data with?

We share your personal data with third parties that process personal data on our behalf, so called processors. These processors are, e.g., suppliers of IT-services for the purpose of managing marketing, information and invitations in relation to The Swedish AI Startup Landscape and correlating initiatives. 

We will also transfer personal data to third parties acting as independent controllers or joint controllers with Lindholmen Science Park, if such transfer is required by applicable law, or if we have another legal ground for such transfers, e.g., third parties that are acting as host organizations to one of our programs, for example as with the program AI Sweden, and therefore need to access some personal data to be able to fulfill their legal obligations and undertakings followed by the collaboration agreement between the respective host organization and Lindholmen Science Park regulating their work within AI Sweden. We have provided specific information about how AI Sweden collaborates with such host-organizations and how this affects the processing of your personal data on AI Swedens website, here.


For how long period of time is your personal data stored?

Your personal data will be stored as long as your organization is part of The Swedish AI Startup Landscape and correlating initiatives and for the time the responsible representative of your organization deems that your personal data is needed for such purposes. 

Personal data processed for marketing purposes will be processed for 12 months from when the last time you read our newsletter or other marketing material. If you unsubscribe from receiving our newsletters or other marketing material we will store your personal data for a period of ten (10) years after our receipt of such request in order to make sure that no marketing material is sent to you. 

If you want to change the contact information, or if you wish to request any of your other rights as a registered individual, you can do so by contacting Ignite Sweden though the contact information provided through the link above.


Transfer of personal data to countries outside the EU/EEA

We strive to only process personal data within the EU/EEA. When we transfer your personal data to third parties acting as our processors, e.g., supplier of the supply-, support and maintenance of IT- and cloud services, these processors may transfer data outside the EU/EEA on our behalf. In cases where our processors are transferring or processing personal data outside the EU/EEA, such processing is based either on a decision from the European Commission establishing that the country in question ensures an adequate level of protection or appropriate safeguards that ensure that your rights are protected such as standard contractual clauses adopted by the European Commission and supplementary security measures to such standard contractual clauses when necessary.

..........


Privacy Policy for marketing activities and invitations

We process personal data about you as a recipient of marketing material and invitations to our events (“Recipients”).

What personal data do we process?

The personal data that we process about you as a Recipient is your first and last name, email address, title/professional position and company affiliation. This personal data has been collected due to the circumstance that:

  • the Recipient or its employer or principal has or has had a business relation with Lindholmen Science Park AB, or discussions or negotiations regarding such business relations.
  • the Recipient or its employer or principal has registered the Recipient as a participant to any of Lindholmen Science Park AB’s events.
  • the Recipient or its employer or principal has signed up the Recipient as a receiver of Lindholmen Science Park AB and its respective program.

We also process information about when you receive and open our newsletters as well as what links you click on in the newsletter.


What are the purposes of our processing of your personal data and what legal basis do we base such processing on?

We process the personal data of you as Recipient for the purpose of communicating with and sending marketing materials to you, including newsletters, invitations to our events and information about us, our programs, projects and events.

This processing is based upon that the processing is necessary for the purposes of our legitimate interest to maintaining a business relation with you and to be able to communicate with you in your professional capacity regarding information and events that we believe is in your interest due to your engagement through a business relation, that you have registered to receive such information or because you have registered to participate in one of our previous events.

We process information about when you receive and open our newsletters as well as what links you click on in the newsletter based for the following purposes:

  • to determine the retention period as described below,
  • to gather statistics to improve the content of our marketing material (if you want to read more about this type of analysis please see our information about cookies here).
  • fulfill legal requirements in relation to e.g. marketing legislation (keeping record of if you have unsubscribed to receiving our newsletters/marketing material).

This processing is based upon that the processing is necessary for the purposes of our legitimate interest of determining when your personal data should be deleted and to improve the content of our marketing materials. In addition, the legal basis for the processing related to keeping record of if you have unsubscribed to receiving our newsletters/marketing material, is that the processing is necessary for compliance with the Swedish Marketing Act.


From where do we collect your personal data?

We collect your personal data directly from you or your employer or principal.

The information about when you receive and open our newsletters as well as what links you click on in the newsletter is collected through the IT-services we use for managing the send out of marketing materials to you.


Who do we share your personal data with?

We share your personal data with third parties that process personal data on our behalf, so called processors. These processors are, e.g., supplier of the supply-, support and maintenance of IT- and cloud services, suppliers of market and customer satisfaction surveys.

We may also transfer personal data to third parties acting as independent controllers or joint controllers with Lindholmen Science Park, if such transfer is required by applicable law, or if we have another legal ground for such transfers, e.g., third parties that are acting as host organizations to one of our programs, for example as with the program AI Sweden, and therefore need to access some personal data to be able to fulfill their contractual obligations and undertakings followed by the collaboration agreement between the respective host organization and Lindholmen Science Park AB regulating their work within AI Sweden. We have provided specific information about how AI Sweden collaborates with such host-organizations and how this affects the processing of your personal data on AI Sweden’s website, here.


For how long period of time is your personal data stored?

We process your personal data as long as you or your employer or principal has a business relationship with us and for twelve (12) months thereafter, or for personal data processed for marketing purposes, 12 months from when the last time you read our newsletter or other marketing material. If you unsubscribe from receiving our newsletters or other marketing material we will store your personal data for a period of ten (10) years after our receipt of such request in order to make sure that no marketing material is sent to you.


Transfer of personal data to countries outside the EU/EEA

We strive to only process personal data within the EU/EEA. When we transfer your personal data to third parties acting as our processors, e.g., supplier of the supply-, support and maintenance of IT- and cloud services, these processors may transfer data outside the EU/EEA on our behalf. In cases where our processors are transferring or processing personal data outside the EU/EEA, such processing is based either on a decision from the European Commission establishing that the country in question ensures an adequate level of protection or appropriate safeguards that ensure that your rights are protected such as standard contractual clauses adopted by the European Commission and supplementary security measures to such standard contractual clauses when necessary.

..........


Privacy Policy for the processing of personal data for registration and participation to events

We process personal data about you when you are registered and participating (“Participants”) in our events, seminars and workshops (“Events”), due to the circumstance that you or your employer or principal has registered for, participates in or has participated in an Event.


What personal data do we process?

We process your first and last name, email address, telephone number, place of employment/title and other information that you as a Participant confirm when you register for one of our Events.

We also process details of any food restrictions or preferences that you as a Participant has registered when you signed up for our Event.

In the case of us taking pictures and/or video recordings at our Events we are also processing personal data in the form of pictures and recorded materials of you as a Participant.


What are the purposes of our processing of your personal data and what legal basis do we base such processing on?

We process personal data about you as a Participant for the following purposes:

  • to provide, administer and follow up our Events, e.g., to calculate the number of participants and from which organizations and to conduct surveys after an Event etc;
  • to communicate with and send marketing materials about and invitations to our Events to Recipients, including newsletters, information about Lindholmen Science Park AB, our programs, projects and Events;
  • to collect marketing material from the Event in the form of pictures and/or video recordings;
  • fulfill legal requirements in relation to e.g. marketing legislation (keeping record of if you have unsubscribed to receiving our newsletters/marketing material);
  • invoicing and payment procedure, if applicable.

This processing is based upon that the processing is necessary for the purposes of our legitimate interest to arrange and host Events, evaluate and improve our Events, to provide information about Lindholmen Science Park and to market Lindholmen Science Park’s business on our website or the websites of our respective programs, on printed material and on our social media channels. In addition, the legal basis for the processing related to keeping record of if you have unsubscribed to receiving our newsletters/marketing material, is that the processing is necessary for compliance with the Swedish Marketing Act.

We process personal data about you as a Recipient based on your consent, in accordance with articles 6 and 9 of the GDPR, for the following purposes:

  • to be able to pre order food and beverages in accordance with any food restrictions or preferences for the Recipient to the Event.
  • to collect marketing material from the Event in the form of pictures and/or video recordings.

We process your personal data found in verifications (in relation to invoices and payments) and the like for the purpose of fulfilling the requirements in the Swedish Accounting Act (1999:1078). The legal basis for this processing is that the processing is necessary for the compliance with a legal obligation which we are subject to.


From where do we collect your personal data?

We collect your personal data directly from you or your employer or principal in conjunction with you registering for one of our Events and in conjunction with you participating at our Event.


Who do we share your personal data with?

We share your personal data with third parties that process personal data on our behalf, so called processors. For Events, your personal data is for example shared with our suppliers and partners who manage the Event administration, as well as with our supplier of the system we use for Event booking and communication in conjunction with the Event.

We will also transfer personal data to third parties acting as independent controllers or joint controllers with Lindholmen Science Park, if such transfer is required by applicable law, or if we have another legal ground for such transfers, e.g., third parties that are acting as host organizations to one of our programs, for example as with the program AI Sweden, and therefore need to access some personal data to be able to fulfill their contractual obligations and undertakings followed by the collaboration agreement between the respective host organization and Lindholmen Science Park regulating their work within AI Sweden. We have provided specific information about how AI Sweden collaborates with such host-organizations and how this affects the processing of your personal data on AI Sweden’s website, here.


For how long period of time is your personal data stored?

We process information on food restrictions or preferences until the Event is finished.

We process images and or/recorded material for a period of three (3) years after the Event and seminar, or as long as Lindholmen Science Park has a legitimate interest in processing such personal data.

If you have not given your consent, we will process your personal data as long as you or your employer or principal has a business relationship with us and for twelve (12) months thereafter.

Personal data processed for marketing purposes will be processed for 12 months from when the last time you read our newsletter or other marketing material. If you unsubscribe from receiving our newsletters or other marketing material we will store your personal data for a period of ten (10) years after our receipt of such request in order to make sure that no marketing material is sent to you. 

When it comes to processing of your personal data related to invoicing or payment, we will store the personal data necessary for the fulfilment of requirements under the Swedish Accounting Act (1999:1078) for a period of seven (7) years.


Transfer of personal data to countries outside the EU/EEA

We strive to only process personal data within the EU/EEA. When we transfer your personal data to third parties acting as our processors, e.g., supplier of the supply-, support and maintenance of IT- and cloud services, these processors may transfer data outside the EU/EEA on our behalf. In cases where our processors are transferring or processing personal data outside the EU/EEA, such processing is based either on a decision from the European Commission establishing that the country in question ensures an adequate level of protection or appropriate safeguards that ensure that your rights are protected such as standard contractual clauses adopted by the European Commission and supplementary security measures to such standard contractual clauses when necessary.

..........


Privacy Policy for the processing of personal data of speakers and exhibitors

We process personal data about you when you participate as a speaker, presenter and/or exhibitor (“Speaker”) at our events, seminars and workshops (“Events”).


What personal data do we process?

We process your first and last name, email address, telephone number, place of employment/title (“Contact Details”) and field of expertise, former experiences and other information that the Speaker provides in relation to them agreeing to participate as a Speaker at one of our Events. If applicable, we also process personal data needed for payment procedures.

We also process details of any food restrictions or preferences that you have registered when you signed up as a Speaker at our Event.

In the case of us taking pictures and/or videorecording at our Events we also process personal data in the form of images, video- and sound recordings of you from the Event as well as your statements from interviews or similar.


What are the purposes of our processing of your personal data and what legal basis do we base such processing on?

We process your personal data for the purpose of administering and managing your participation as a Speaker and to fulfill contractual obligations towards you as a Speaker such as payment, if applicable. This includes:

  • to inform the general public about our Events and participating Speakers;
  • marketing of our Events on Lindholmen Science Park AB website or the website of Lindholmen Science Park AB’s respective programs, in our newsletter and in our social media channels;
  • to provide, administer and follow up our Events;
  • to communicate with and send marketing materials about and invitations to our Events to Recipients;
  • to be able to publish information and content from the Event on our websites, in our newsletters and/or in our social media channels;
  • to collect marketing material from the Event in the form of pictures and/or video recordings;
  • to use the Speaker’s name, picture and title/area of expertise in our marketing materials for the Event;
  • Payment procedure, if applicable.

This processing is based upon that the processing is necessary for purposes of our legitimate interest to arrange and host Events, to provide information about Lindholmen Science Park and to market our business on Lindholmen Science Park’s website or the websites of our respective programs, on printed material and on our social media channels.

We process your personal data based on consent, in accordance with articles 6 and 9 of the GDPR, for the purpose of us being able to pre order food and beverages in accordance with any food restrictions or preferences for the Speaker to the Event.

We process your personal data found in verifications (in relation to invoices and payments or participation in activities of representation) and the like for the purpose of fulfilling the requirements in the Swedish Accounting Act (1999:1078). The legal basis for this processing is that the processing is necessary for the compliance with a legal obligation which we are subject to.


From where do we collect your personal data?

We collect your personal data directly from you as a Speaker or your employer or principal in conjunction with you registering as a Speaker at one of our Events and in conjunction with your participation at our Event.


Who do we share your personal data with?

We share your personal data with third parties that process personal data on our behalf, so called processors. For Events, your personal data is for example shared with our suppliers and partners who manage the Event administration, as well as with our supplier of the system we use for Event booking and communication in conjunction with the Event.

We will also transfer personal data to third parties acting as independent controllers or joint controllers with Lindholmen Science Park, if such transfer is required by applicable law, or if we have another legal ground for such transfers, e.g., third parties that are acting as host organizations to one of our programs, for example as with the program AI Sweden, and therefore need to access some personal data to be able to fulfill their contractual obligations and undertakings followed by the collaboration agreement between the respective host organization and Lindholmen Science Park AB regulating their work within AI Sweden. We have provided specific information about how AI Sweden collaborates with such host-organizations and how this affects the processing of your personal data on AI Sweden’s website, here.


For how long period of time is your personal data stored?

The personal data that we process based upon that the processing is necessary for the performance of our contract with you will be processed until the contract has been terminated.

We will process your information on food restrictions or preferences until the Event is finished, or before this if you withdraw your consent. You can easily withdraw your consent at any time by contacting us through the contact information listed on the main page.

Lindholmen Science Park processes images and/or recorded materials for a period of three (3) years after the Event, or as long as Lindholmen Science Park AB has a legitimate interest in processing such personal data.

When it comes to processing of your personal data related to invoicing, payment or participation in activities of representation, we will store the personal data necessary for the fulfilment of requirements under the Swedish Accounting Act (1999:1078) for a period of seven (7) years.


Transfer of personal data to countries outside the EU/EEA

We strive to only process personal data within the EU/EEA. When we transfer your personal data to third parties acting as our processors, e.g., supplier of the supply-, support and maintenance of IT- and cloud services, these processors may transfer data outside the EU/EEA on our behalf. In cases where our processors are transferring or processing personal data outside the EU/EEA, such processing is based either on a decision from the European Commission establishing that the country in question ensures an adequate level of protection or appropriate safeguards that ensure that your rights are protected such as standard contractual clauses adopted by the European Commission and supplementary security measures to such standard contractual clauses when necessary.

..........


Privacy Policy for Visitors

We process your personal data in in connection with that you visit our premises (“Visitors”).


What personal data do we process?

We process your first and last name, email address, telephone number and place of employment/title.


What are the purposes of our processing of your personal data and what legal basis do we base such processing on?

We process your personal data for the following purposes:

  • to administrate your visit;
  • to ensure safety and security of our premises, e.g., for fire routines or other safety incidents;
  • to safeguard and exercise our rights and interests regarding safety and trade secrets, if applicable.

This processing is based upon that the processing is necessary for the purpose of our legitimate interest to administer your visit to our premises, ensure safety and security in our premises and to our property.


From where do we collect your personal data?

We collect the personal data directly from you or your employer or principal in connection with your visit or in preparation for your visit.


Who do we share your personal data with?

We share your personal data with third parties that process personal data on our behalf, so called processors, e.g., supplier of the supply-, support and maintenance of IT- and cloud services, etc.

We will also transfer your personal data to third parties acting as independent controllers, if such transfer is required by applicable law for us to be able to protect and exercise our legal rights, e.g., in case of burglary at our premises or other safety- or security incidents, or in case of an emergency where the health and safety of a Visitor or other persons is in danger.


For how long period of time is your personal data stored?

Your personal data will be processed for fourteen (14) days after your visit. After that your personal data will be deleted.


Transfer of personal data to countries outside the EU/EEA

We strive to only process personal data within the EU/EEA. When we transfer your personal data to third parties acting as our processors, e.g., supplier of the supply-, support and maintenance of IT- and cloud services, these processors may transfer data outside the EU/EEA on our behalf. In cases where our processors are transferring or processing personal data outside the EU/EEA, such processing is based either on a decision from the European Commission establishing that the country in question ensures an adequate level of protection or appropriate safeguards that ensure that your rights are protected such as standard contractual clauses adopted by the European Commission and supplementary security measures to such standard contractual clauses when necessary.

..........


Privacy Policy for Supplier Contacts

We process personal data about you as a contact person of one of our tenderers and/or suppliers (“Supplier Contacts”), due to the circumstance that you or your employer or principal has or has had discussions or negotiations regarding such business relations.


What personal data do we process?

We process your first and last name, email address, telephone number, address, CV, title/professional position and company affiliation and other personal data that is relevant for tenders that is transferred to us from you or your employer or principal (“Contact Details”).

When you as a Supplier Contact sign an agreement through our service for digital signing with the use of Bank-id, we process your personal identity number (Sw. personnummer). When we enter into an agreement directly with you as a private person, we process your personal identity number.


What are the purposes of our processing of your personal data and what legal basis do we base such processing on?

We process your personal data as a Supplier Contact for the following purposes:

  • to analyze and manage tenders that we receive and to communicate with such tenders as well as to award contract to the winning tenderer;
  • to manage, administer and fulfil orders;
  • to communicate in relation to past, current and upcoming orders and other necessary communication in relation to the tender or the awarded contract;
  • administration, management, implementation and follow-up etc. of the current business relationship and its deliveries as well as associated communication by telephone, email address or other communication channels;
  • invoicing and payment procedure, if applicable.

This processing is based upon that the processing is necessary for purposes of our legitimate interest to analyze and manage received tenders as well as to fulfill our contractual rights and obligations towards the contracting employer or principal.

We process your name, email address, title/professional position and company affiliation for the following purposes:

  • marketing of our business, projects and events;
  • management, follow-up, evaluations and administration of supplier surveys;
  • fulfill legal requirements in relation to e.g. marketing legislation (keeping record of if you have unsubscribed to receiving our newsletters/marketing material);
  • to safeguard and exercise our legal rights.

The processing is based upon that the processing is necessary for purposes of our legitimate interest to send marketing materials and information that we believe is in the interest of you as a Supplier Contact or your employer or principal and our legitimate interest to be able to follow-up and evaluate the business relationship and its deliveries and protecting our legal rights. In addition, the legal basis for the processing related to keeping record of if you have unsubscribed to receiving our newsletters/marketing material, is that the processing is necessary for compliance with the Swedish Marketing Act.

We process your personal identity number for the purpose of providing and administering digital signing of contracts with the use of Bank-id for a secure identification. The personal identity number is processed based upon that the processing is necessary for the purpose of our legitimate interest to be able to provide digital signing of agreements, keeping the signed contract for the time during which we need to be able to prove the contract and its content as well as protecting and exercising our legal and contractual rights.

When we enter into a contract directly with you as a Supplier Contact, we also process your personal identity number as a part of the agreement for the purpose of ensuring your identity so that we know and can document who we enter into an agreement with. This processing is based upon that the processing is necessary for the purposes of our legitimate interest to ensure your identity as being a contracting party to us.

We process your personal data found in verifications (in relation to invoices and payments) and the like for the purpose of fulfilling the requirements in the Swedish Accounting Act (1999:1078). The legal basis for this processing is that the processing is necessary for the compliance with a legal obligation which we are subject to.


From where do we collect your personal data?

The personal data is collected directly from you or your employer or principal. We may also collect personal data from third parties acting as references to your organization as a tenderer or supplier


Who do we share your personal data with?

We share your personal data with third parties that process personal data on our behalf, so called processors, e.g., supplier of the supply-, support and maintenance of IT- and cloud services, etc.

We will also transfer personal data to third parties acting as independent controllers or joint controllers with Lindholmen Science Park, if such transfer is required by applicable law, or if we have another legal ground for such transfers, e.g., third parties that are acting as host organizations to one of our programs, for example as with the program AI Sweden, and therefore need to access some personal data to be able to fulfill their contractual obligations and undertakings followed by the collaboration agreement between the respective host organization and Lindholmen Science Park AB regulating their work within AI Sweden. We have provided specific information about how AI Sweden collaborates with such host-organizations and how this affects the processing of your personal data on AI Sweden’s website, here.


For how long period of time is your personal data stored?

Personal data processed for contractual and business relationship purposes will be processed as long as we may have any contractual rights and obligations towards you as Supplier Contact or your employer or principal. If the employment or contract with you is terminated with the supplier or in relation to us, we will cease to process your personal data as soon as we have received information of such termination from the supplier.

Personal data processed for marketing purposes will be processed for 12 months from when the last time you read our newsletter or other marketing material. If you unsubscribe from receiving our newsletters or other marketing material we will store your personal data for a period of ten (10) years after our receipt of such request in order to make sure that no marketing material is sent to you. 

Our processing of your personal identity number for the purpose of providing and administering digital signing of agreements through the use of Bank-id, will be processed as long as the agreement is effective and as long as it is possible to put forward claims as a result of the agreement.

Our processing of your personal identity number for the purpose of entering into a contract directly with you as private person will be processed as long as the agreement is effective and as long as it is possible to put forward claims as a result of the agreement.

When it comes to processing of your personal data related to invoicing or payment we will store the personal data necessary for the fulfilment of requirements under the Swedish Accounting Act (1999:1078) for a period of seven (7) years.


Transfer of personal data to countries outside the EU/EEA

We strive to only process personal data within the EU/EEA. When we transfer your personal data to third parties acting as our processors, e.g., supplier of the supply-, support and maintenance of IT- and cloud services, these processors may transfer data outside the EU/EEA on our behalf. In cases where our processors are transferring or processing personal data outside the EU/EEA, such processing is based either on a decision from the European Commission establishing that the country in question ensures an adequate level of protection or appropriate safeguards that ensure that your rights are protected such as standard contractual clauses adopted by the European Commission and supplementary security measures to such standard contractual clauses when necessary.

..........


Privacy Policy for Candidates

We process personal data about you who have applied for employment at Lindholmen Science Park AB (“Candidates”).


What personal data do we process?

We process your first and last name, email address, telephone number, address, photo, CV, educational and professional experience, information from references where applicable and other information provided in application documents or in other ways in the recruitment process as well as interview notes where applicable.


What are the purposes of our processing of your personal data and what legal basis do we base such processing on?

We process your personal data for the following purposes:

  • to collect and review applications, CV, personal letters and grades/diplomas etc.;
  • to assess and evaluate the Candidate based on the information submitted in the application documents, individually and in relation to other candidates;
  • recruitment administration such as the booking of interviews and associated communication;
  • to safeguard and exercise our legal rights.

This processing is based upon that the processing is necessary for the purposes of our legitimate interest to recruit employees with the right competence.

We process your personal data as a Candidate based on consent for the following purposes:

  • to save your personal data in a candidate pool for possible future available vacancies within Lindholmen Science Park;  

We also process your personal data as a Candidate for the following purposes:

  • to negotiate with relevant trade unions when applicable;
  • to fulfill our legal obligations and to safeguard and exercise legal rights according to the Swedish Discrimination Act (Diskrimineringslagen 2008:567).

This processing is based upon that the processing is necessary for compliance with legal obligations that we are subject to. 


From where do we collect your personal data?

We collect the personal data directly from you. In addition to the personal data that you as a Candidate provide us with, we may also collect personal data from the references that you have listed.


Who do we share your personal data with?

We share your personal data with third parties that process personal data on our behalf, so called processors, e.g., supplier of the supply-, support and maintenance of IT- and cloud services, etc. or joint controllers with Lindholmen Science Park, if such transfer is required by applicable law, or if we have another legal ground for such transfers, e.g., third parties that are acting as host organizations to one of our programs, for example as with the program AI Sweden, and therefore need to access some personal data to be able to fulfill their contractual obligations and undertakings followed by the collaboration agreement between the respective host organization and Lindholmen Science Park AB regulating their work within AI Sweden. We have provided specific information about how AI Sweden collaborates with such host-organizations and how this affects the processing of your personal data on AI Sweden’s website, here.

We may also transfer personal data of Candidates to third parties acting as independent controllers, e.g., trade unions, the Swedish government and third parties for the purpose of protecting and exercise our legal rights, in connection with labor law disputes, etc.  


For how long period of time is your personal data stored?

Personal data processed for the purpose of employing you for an announced role will be processed for as long as the recruitment process is ongoing and will thereafter be processed for another twenty-four (24) months, for us to be able to safeguard and exercise our legal rights according to the Discrimination Act (Diskrimineringslagen 2008:567). After this mentioned time period, the personal data will be deleted.

If you as a Candidate has given us your consent to save your personal data for possible future recruitment opportunities, the personal data will be saved for twenty-four (24) months from when the initial recruitment process for which you were a part of ended, after that the personal data will be deleted. The personal data will also be deleted if you withdraw your consent. You can easily withdraw your consent at any time by contacting us through the contact information listed on the main page.


Transfer of personal data to countries outside the EU/EEA

We strive to only process personal data within the EU/EEA. When we transfer your personal data to third parties acting as our processors, e.g., supplier of the supply-, support and maintenance of IT- and cloud services, these processors may transfer data outside the EU/EEA on our behalf. In cases where our processors are transferring or processing personal data outside the EU/EEA, such processing is based either on a decision from the European Commission establishing that the country in question ensures an adequate level of protection or appropriate safeguards that ensure that your rights are protected such as standard contractual clauses adopted by the European Commission and supplementary security measures to such standard contractual clauses when necessary.

..........


Privacy Policy for the processing of personal data through cookies

We process personal data about you who visit our websites (www.lindholmen.se, or the respective websites of any of Lindholmen Science Park’s programs (the “Websites”) through our use of cookies.


What personal data do we process?

We process your IP-address, information on the duration of the visit to our websites, the links that you have clicked on, the number of pages that you have viewed, the choices you have made on our websites as well as how you found our websites.


What are the purposes of our processing of your personal data and what legal basis do we base such processing on?

We process your personal data for the purpose of gathering statistics for internal analytics to understand how our communication channels and digital platforms are used by visitors to the Websites, which website you have visit prior to our Websites and what content on our Websites that are of interest to you. We also process your personal data for the purpose of ensuring that our websites can be used by you as a visitor in the way we intend. These processing activities are based upon that the processing is necessary for the purposes of our legitimate interest to provide you as a visitor to our Websites with a good user experience and to enable us to improve our content, quality and relevance on our digital platforms and communication channels.

If you don’t want to allow the placing of cookies you can change the settings of your browser to block cookies.


From where do we collect your personal data?

The personal data is collected directly from you when you visit our Websites through the cookies on our Websites.


Who do we share your personal data with?

We transfer your personal data to Google LLC and its subsidiaries. Read more about Google Analytics and Google’s processing of your personal data here.

We may also transfer personal data to third parties acting as independent controllers or joint controllers with Lindholmen Science Park, if such transfer is required by applicable law, or if we have another legal ground for such transfers, e.g., third parties that are acting as host organizations to one of our programs, for example as with the program AI Sweden, and therefore need to access some personal data to be able to fulfill their contractual obligations and undertakings followed by the collaboration agreement between the respective host organization and Lindholmen Science Park regulating their work within AI Sweden. We have provided specific information about how AI Sweden collaborates with such host-organizations and how this affects the processing of your personal data on AI Swedens website, here.


For how long period of time is your personal data stored?

The time we are processing your personal data depends on which cookie that is placed on your browser. Permanent cookies will remain on your computer until you delete them or until they expire, and you return to any of our Websites. Session cookies do not have an expiration date and are stored temporarily on your computer during the time you visit any of our Websites. Possible session cookies are removed when you close your browser.

You can read more about how we use cookies here.


Transfer of personal data to countries outside the EU/EEA

We strive to only process personal data within the EU/EEA. When we transfer your personal data to third parties acting as our processors, e.g., supplier of the supply-, support and maintenance of IT- and cloud services, these processors may transfer data outside the EU/EEA on our behalf. In cases where our processors are transferring or processing personal data outside the EU/EEA, such processing is based either on a decision from the European Commission establishing that the country in question ensures an adequate level of protection or appropriate safeguards that ensure that your rights are protected such as standard contractual clauses adopted by the European Commission and supplementary security measures to such standard contractual clauses when necessary.