Privacy Policy

PRIVACY POLICY

INTRODUCTION

EMPE Diagnostics cares deeply about integrity, and we intend on making our outmost efforts to obtain and maintain the trust of our customers, prospective customers, and all parties affiliated with us. This means that we will, in a true and transparent manner, strictly handle personal data exclusively for the specifically intended purposes, at all times. We do not intend to sell personal data to other companies, since that’s not what our business is about.

The definitions of how and why we collect and process personal data is stated in the paragraphs below.

WHAT INFORMATION WE GATHER AND WHY

The purposes stating why we collect your personal data, and what we do with it can be seen in the lists below. We do not collect personal data without having been given specific consent.

The type of personal data we may ask to collect:

  • Name(s)
  • Address(es)
  • Phone number(s)
  • E-mail address(es)
  • Identification number(s)
  • Billing information
  • Location identification
  • online-ID´s (username(s))
  • Passwords
  • Pictures
  • Video recordings

The reasons why we may collect personal data:

  • Swedish book keeping act
  • Security
  • Employment-related activities of current employees
  • Employment-related activities of former employees
  • Educational activities
  • Remuneration
  • Customer registration
  • Statistical studies from surveys/forms
  • Complaints, feedback, support-related information
  • Delivery information
  • Supplier contact
  • Sub-supplier contact
  • Newsletters
  • Authority contact
  • Fulfil contracts
  • Payments, or related activities

 

We do notgather personal data (or any data of any kind for that matter) from children (under 18 years old). Should such data be submitted to us, we will delete it, and if possible, contact the responsible parties.

WEBSITE VISITORS

We do not use cookies in our website, and we do not collect personal data through our website without your consent.

Personal data may only be collected when we get contacted through our online form(s) or via e-mail, if considered relevant and necessary.

HOW WE PROTECT PERSONAL DATA

Below a list can be seen of procedures we follow to protect the personal data we have:

  • Information backups
    • We regularly create backups of the personal data we handle. The personal information in those backups are retained for up to one year after the last consent approval.
  • Encryption
    • We use encryption for sensitive data such as the personal data we gather. The digital platforms we use apply encryption solutions as well.
  • Anonymization, pseudonymization
    • We do not currently use anonymization or pseudonymization procedure for the personal data.
  • Physical security
    • Personal data that is physically stored is protected through a locked metal cabinet in a room that is unlocked only during working hours. Apart from that, the data is protected through motion sensing alarms, as well as camera systems at our facility.

VENDORS, SUPPLIERS, AND AFFILIATES

The vendors and suppliers that are work with, including affiliates, may at times request certain personal data that we hold. If that is the case, we will make sure the owner of the personal data is aware and gives consent prior to us sharing any data.

We also make sure that the entities we share the data with have an adequate Privacy Policy, according to the GDPR guidelines, so as to not risk the personal data that may be shared.

CONSENT AND DATA WITHDRAWAL

Consent given to us may be withdrawn at any time. Should data subjects want their personal data deleted or transferred from us, they just need to contact us at privacy@empediagnostics.com, and we will comply without delay.

POTENTIAL DATA BREACHES

In the case of a potential data breach, we will:

  • Investigate the incident in conjunction with the appropriate authorities.
  • Establish the severity of the intrusion.
  • Provide suggestions for how to minimize the impact of the breach.
  • Report to the user’s that are affected, as well as the Swedish Data Protection Authority (Datainspektionen) within 72 hours.