Market communication privacy policy
Version 1.0, 2023-10-26
1. General
1.1
BankID is an e-identification and signature service ("BankID") that enables companies, banks, organisations and authorities to both identify and enter into agreements with private individuals on the Internet. BankID is an electronic ID document comparable to passports, driving licences and other physical IDs. BankID meets trust level 3 requirements in accordance with the Swedish eID quality mark and is audited by the Swedish Digital Administration Authority (DIGG).
1.2
Finansiell ID-Teknik BID AB (“we” or “our”), the company that owns www.BankID.com/en (see Section 2), performs market communication and thereby have a need to handle personal data as data controller for such purpose.
1.3
We protect your privacy and strive to always protect your personal data in the best way. This Market Communication Privacy Policy (the "Market Communication Privacy Policy") describes what kind of personal data about you that is processed and stored when we perform market communication such as webinars, seminars, sales events, e-mail campaigns, web-based meetings or phone based sales and meetings. It also describes how we collect your personal data, how it is used, how it may be shared, what measures that have been taken to protect your personal data and your rights regarding your personal data.
2. Who we are
2.1
Finansiell ID-Teknik BID AB was founded in 2002 and is a technology company that owns, manages and further develops BankID.
2.2
Finansiell ID-Teknik BID AB has the following Corporate Identification Number and contact details:
CIN 556630-4928
Phone: +46 (0) 8 411 81 50
Email: info@bankid.com
Address: Kungsgatan 33, 111 56 Stockholm. Sweden
2.3
If you have questions about how your personal data is processed, collected, used, protected and shared or if you wish to exercise your rights as set out in Section 7, you are welcome to contact our Data Protection Officer. You can reach the Data Protection Officer at:
Phone: +46 8 411 81 50
Email: dpo@bankid.com
3. How your personal data is collected
The personal data we process relating to you is mainly collected from you when you visit and use our website, through open sources such as but not limited to social media, company home page(s) or when we come into contact with you – e.g. via email, telephone or personal meetings, conferences, events or similar occasions. We may also collect your personal data from a third party, usually from the company you represent or from our suppliers.
4. How your personal data is processed
4.1 Introduction
We only process your personal data to the extent permitted in accordance with applicable data protection legislation. This means inter alia that we need to have a legal basis for the purposes for our processing your personal data, which in our context generally means one of the following legal bases.
Legitimate interests – the processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, provided that they are not overridden by your interests or fundamental rights or freedoms (in which case the processing would not be allowed).
Consent – the processing is carried out with your prior consent, where we inter alia are responsible for clearly informing you of what processing you consent to and your right to withdraw your consent in relation to our continued processing.
Performance of legal obligations – the processing is necessary in order to fulfil our legal obligations according to law or other statutes that we are subject to, or if we are subject to orders or decisions by courts or authorities, which require us to process your personal data.
Below, we explain more about the categories of personal data we process, for what purposes we process them and what legal bases we rely on when processing your personal data, including for how long we store your personal data.
4.2 Market communication
4.2.1
Your personal data is processed and stored for the purpose to administer and communicate market communication in order to provide you information about our business, services and current activities.
4.2.2
The personal data we process consist of
First and last name.
Contact details such as email address, telephone number, location and business address.
Professional title and information regarding the company you represent.
4.2.3
We only communicate marketing messages via email and otherwise to you if the content is relevant in relation to you and the company you represent. Our marketing is based on our legitimate interests, where our legitimate interest is to be able to market ourselves and our Services. In relation to private individuals, we will only send you marketing communications if you have registered for such communications and agreed to receive them.
4.2.4
We process and store your personal data to communicate marketing messages to you as long as you have not opted out from receiving further messages. Such opt-out can be done at any time by using the link for opt-out provided in our messages.
4.2.5
We will share your personal data with our suppliers of marketing services, please see section 5 for more information.
5. How your personal data is shared
5.1
Your data is not shared with any third party except as for the purpose described below.
5.2
We may use service providers for Market Communication and Sales Admin Supportive Tools such as, but not limited to, a CRM system (Customer Relationship Management system), an Event Management Platform, Marketing Campaign Tool or Online Advertising Tool. In the case of Finansiell ID-Teknik BID AB performing an event, an Event Management Platform can be engaged for invite, performance and evaluation of an event, such as a webinar. The service provider of that Market Communication supportive tool will then act as data processor for your personal data. When Finansiell ID-Teknik BID AB uses such a service provider we enter into a personal data processing agreement with that service provider and take other suitable measures to ensure that your personal data is processed in line with this Market Communication Privacy Policy.
6. How your personal data is protected
Your personal data is stored on systems that are only available to Finansiell ID-Teknik BID AB and selected employees at the companies operating market communication supportive tools who need the data for the performance of their duties. In order to protect your personal data against unauthorised access, disclosure and misuse, appropriate safeguards are taken and security standards are maintained. Systems where personal data is processed are located on secure servers with limited access and all communication is done with secure encryption. Furthermore, technical tools such as firewalls and monitoring tools are used and all personnel who may come into contact with your personal data are trained in the importance of maintaining security and confidentiality in relation to the personal data being processed.
7. Your rights
7.1
You have a number of rights in relation to us and our processing of your personal data. In this section you will find information about your rights. If you wish to exercise your rights, please contact us. We ask you to note that we may need more information from you in order to e.g. confirm your identity before proceeding with your request to exercise your rights.
7.2
You have the right to obtain a confirmation as to whether or not we process your personal data. If that is the case, you also have the right to receive copies of the personal data concerning you that we process as well as additional information about the processing, such as for what purposes the processing occurs, relevant categories of personal data and the recipients of such personal data.
7.3
You have the right to, without undue delay, have incorrect personal data about you rectified. You may also have the right to have incomplete personal data completed.
7.4
You have the right to request that we erase your personal data without undue delay in the following circumstances:
The personal data is no longer necessary in relation to the purposes for which they were collected or otherwise processed;
Our processing is based on your consent and you withdraw your consent to the relevant processing;
You object to processing that we carry out based on a legitimate interest, and your objection overrides our or another party’s legitimate interest of the processing;
The processed personal data is unlawfully processed;
The processed personal data has to be erased for our compliance with one or more legal obligations.
Please note that your data may continue to be processed to the extent that Finansiell ID-Teknik BID AB has a legal basis to process your personal data, e.g. if it is necessary in order to fulfil a legal obligation.
7.5
You have the right to request that we restrict the processing of your personal data in the following circumstances:
You contest the accuracy of the personal data during a period enabling us to verify the accuracy of such data;
The processing is unlawful and you oppose erasure of the personal data and request restriction instead;
The personal data is no longer needed for the purposes of the processing, but is necessary for you for the establishment, exercise or defense of legal claims;
You have objected to the processing of the personal data which we carry out based on a legitimate interest, pending the verification whether your objection overrides our or another party’s legitimate interest to continue with the processing.
7.6
You have a right to object to our processing of your personal data when it is based on our or another party’s legitimate interest. If you object, we must demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms in order to be allowed to continue with our processing.
7.7
If our processing of your personal data is based on your consent, you have the right to receive the personal data you have provided us relating to you in an electronic format. You also have the right to have the personal data transferred from us directly to another data controller, where technically feasible.
Please note that this right to so called data portability does not cover personal data which we process manually.
7.8
If our processing of your personal data is based on your consent, you always have the right to withdraw your consent at any time. A withdrawal of your consent does not affect the lawfulness of the processing that took place based on the consent before your withdrawal.
7.9
If you believe that Finansiell ID-Teknik BID AB process your personal data not in accordance with applicable data protection legislation, you may file a complaint with the Swedish Authority for Privacy Protection (Sw. Integritetsskyddsmyndigheten), whose contact details can be found at www.imy.se.
8. Data transfer
We store and process your personal data only within the EU/EEA and does not transfer such data to any country outside the EU/EEA. However, we will transfer your personal data to service providers who, either themselves or by their sub-contractors, are located or have business activities in a country outside the EU or EEA. In such cases, we are responsible for ensuring that the transfer is made in accordance with applicable data protection legislation before it occurs, e.g. by ensuring that the country in which the recipient is located ensures an adequate level of data protection according to the European Commission, or by ensuring appropriate safeguards based on the use of standard contractual clauses that the European Commission has adopted and other appropriate measures to safeguard your rights and freedoms.
Here you can access the European Commission’s standard contractual clauses
The country outside the EU/EEA to which our service providers currently transfer personal data is the USA. However, the personal data is only stored in servers located within the EU.
9. Changes
We reserve the right to change this Market Communication Privacy Policy from time to time. If we make changes to this policy, the new version will apply from the time it is published on this website, bankid.com. At top of the page, you can see when the policy was last updated.