This policy concerns compliance with privacy and data protection legislation and applies to all handling and storing (processing) of personal information.
Processing of personal data means within the context of this policy action or combinations of actions, regardless if they are automated or not, the collection, registration, organization, categorization, storing, modification, reading, usage, transfer, adjustment, combination, limitation, or destruction and similar of personal information.
The objective of this policy is to ensure secure handling and management of personal information and compliance with applicable rules and legislations.
Cloudist Solutions supports and respects international laws and standards on human rights. Cloudist Solutions is specifically committed to complying with the data protection legislation and relevant regulations applicable in Sweden.
Furthermore, Cloudist Solutions recognizes that privacy is important to its customers and users and is committed to respect and safeguard the privacy of data subjects.
The following principles shall apply with regards to the processing of personal data:
• Personal data shall only be collected and processed if it is done:
• Fairly and lawfully
• To the extent necessary
• For a legitimate purpose
• In an adequate, relevant, and necessary manner with regards to the purpose
• Personal data shall not be processed or retained longer than legally required or necessary for operational purposes, efficient customer care, and relevant commercial activities
• Personal data shall be kept accurate and reasonably up-to-date
• Best practice shall be applied to communicate what data is collected about the customers and for which purpose
• Use unambiguous and informed data subject consent with respect to collection and processing of personal data
• Provide individuals with information concerning what personal information is stored about them, allow correction of stored personal information, means to request removal of personal information, and the right to get their personal information transferred
Cloudist Solutions collects and processes personal data for legitimate business purposes, including entering into and executing business agreements with you, or the company you work for, or collaborating with other business partners, marketing Cloudist Solutions and its services and products, or otherwise permitted or required of teams.
The following are examples of business purposes where Cloudist Solutions can use personal data:
• To conduct business planning and development, strategic reviews, and statistical evaluation;
• To issue and process invoices and payments;
• To maintain the secure and efficient use of internal information, to ensure that business-critical information and other assets are secure and protected;
• To maintain good health and safety
• To investigate and prevent fraud, misunderstandings, violations or other violations of legal rights and obligations;
• To handle disputes and complaints, ie compensation claims, and to ensure that legal obligations that Cloudist Solutions is otherwise subject to.
If not otherwise specified in a specific usage agreement, personal data collection and processing is performed for the purpose of providing operational services, efficient customer care, and relevant commercial activities.
Cloudist Solutions is committed to data protection by design. This especially concerns the prevention of unauthorized access, disclosure, reading, copying, modification, erasure, and removal of personal data as well as mechanisms for verification of the lawfulness of processing operations.
Cloudist Solutions shall maintain an updated record of processing. It shall detail all personal data processed by Cloudist Solutions and its partners, consultants, and other parties with access to personal information where Cloudist Solutions is the controller. The records of processing shall also detail all parties where Cloudist Solutions is the processor and where data protection agreements (DPAs) are applicable.
Furthermore, Cloudist Solutions shall perform regular data protection impact assessment and, based on those risks, deploy additional relevant security controls.
Cloudist Solutions shall maintain appropriate documentation with respect to data protection. This information shall be provided upon request. The information may regard the controller, processing operations, collected data including its associated purpose, and third parties, including their location relevant to personal data legislation. The Data Protection Officer shall ensure that the organization complies with this policy. Cloudist Solutions shall assign a data protection representative, who shall handle requests from individuals regarding privacy and personal data protection.
Cloudist Solutions AB shall perform an annual data expurgation.
Personal data that is processed electronically by Cloudist Solutions is stored mainly on servers located in the EU / EEA.
Personal data may be shared by third-party suppliers who may process data on behalf of Cloudist Solutions, such as IT suppliers, sub-consultants, lawyers, and other external professional advisers.
Personal information may be shared with Cloudist Solutions partners to the extent required for Cloudist Solutions ABs fulfillment of any actual or potential contracts with you or if required by law or by any decision of a court or other competent authority or court.
Any international transfer of personal data that takes place will be subject to appropriate security measures and all reasonable measures to ensure that your personal data is protected and maintained in accordance with this Privacy Statement and applicable laws on privacy data will be taken, including the use of standard agreements clauses approved by European the Commission.
In accordance with applicable data protection legislation, under certain conditions and exceptions, you have the following rights:
• The right to information about and access to your personal data, including the right to data portability
• The right to have personal data corrected or updated
• The right to be deleted (‘The right to be forgotten’)
• The right to restrict treatment
• The right to object to a certain treatment
• You have the right to submit all complaints regarding Cloudist Solution's compliance with data protection laws to the appropriate supervisory authority.
Cloudist Solutions, org.nr 556668-1044 (Fortlax AB)