Bikupa Datacenter AB policy for personal data management.
1 INTRODUCTION AND PURPOSE
The purpose of this policy is to ensure that Bikupa Datacenter AB, with organization number 559026-0104, handles personal data in accordance with the EU General Data Protection Regulation (GDPR). The policy covers all processing where personal data is handled and includes both structured and unstructured data.
This policy is rooted in all our employees.
2 APPLICATION AND REVISION
The Board is responsible for ensuring that the processing of personal data complies with this policy.
The policy must be established by the board at least once a year and updated as necessary.
Johanna Thörnblad is responsible for maintaining the process of updating the policy annually as a result of new and changed regulations.
This policy applies to everyone in the company.
3 ORGANIZATION AND RESPONSIBILITY
Johanna Thörnblad has the overall responsibility for the content of this policy and that it is implemented and complied with by the business. Johanna Thörnblad may delegate responsibility and implementation to a suitable person at the company.
All employees are responsible for acting in accordance with this policy and what it wants to ensure.
4 CONCEPTS AND ABBREVIATIONS
CONCEPT
PERSONAL INFORMATION
A personal data is all kinds of information that can be directly or indirectly attributed to a natural person who is alive.
REGISTERED
The person to whom a personal data relates, ie the natural person who can be directly or indirectly identified through the personal data in a register.
PERSONAL DATA PROCESSING
A measure or combination of measures concerning personal data – regardless of whether they are carried out automatically or not – such as collection, registration, organization and structuring.
5 PERSONAL DATA PROCESSING
Each personal data processing shall take place according to the following principles:
LEGALITY
PURPOSE LIMITATION
TASK MINIMIZATION
CORRECTNESS
STORAGE MINIMIZATION
INTEGRITY AND CONFIDENTIALITY
The personal data Bikupa Datacenter AB retains may not be transferred to third parties unless the person concerned has given permission for this or as a result of an official decision.
Our data processing is documented on an ongoing basis in the Processing Register.
Follow-up and evaluation of our handling of personal data must take place at least annually.
Any incidents concerning personal data that we process must be reported to Johanna Thörnblad without delay. She shall without undue delay and no later than within 72 hours report the incident to the Data Inspectorate and otherwise take the necessary measures in connection with the incident.
Our requirements for personal data to be handled in accordance with the GDPR must always be ensured in the procurement and development of IT solutions and services, and must be part of the requirements specification and any agreements.
6 CAMERA SURVEILLANCE IS IN PLACE WITH THE AIM OF BOTH PREVENTING AND INVESTIGATING CRIME
As a monitored person you can exercise several rights, in particular to access or to delete your personal data. We store materials for 7 days.
DATA PROTECTION OFFICER
Johanna Thörnblad
Bikupa Datacenter AB, c/o Pretax
Kungsgatan 8, 111 43 Stockholm
+34 678.712.414
dataprotection@bikupadatacenter.com
This information is also available in non-digital format at Bikupa Datacenter, Hangargränd 1, 961 43 Boden.
Furthermore, complaints can be sent directly to Intigretetsskyddsmyndigheten (the Swedish Privacy Protection Authority) at imy@imy.se