Privacy Policy
GDPR privacy policy – AcouSort AB (Publ)
What is a privacy policy?
AcouSort protects your personal integrity. We therefore always strive to protect your personal data in the best way possible, follow applicable laws and regulations for personal data protection. Through this policy we want to inform you about how your personal data are managed and which kind of information AcouSort gathers and how it is used.
Who is responsible for your personal data?
AcouSort AB (Publ), organization number 556824-1037, with its address at Medicon Village, 223 81 Lund, Sweden is responsible for handling your personal data and thereby responsible for managing your data in a correct and safe manner in accordance with applicable legislation.
Personal data in AcouSort’s research
For you who have personal data registered with AcouSort for research purposes:
When personal data are handled it is required that the person registered has given their consent or that the handling is necessary to perform a task in the public interest.
According to the principal rule it is forbidden to handle sensitive personal information, for example information revealing race or ethnic origin, political views, religious conviction and information regarding health or sexual life. But there are exceptions in the law.
One exception is if the registered person has given their explicit consent. Another exception is for research purposes if the handling of data has been approved according to the law for Ethical Review of Research Concerning Human Subjects (Sw. Etikprövningslagen). Sensitive personal data may also be handled for statistical purposes without the registered person’s consent if the handling is necessary for conducting work in the public interest, and if the public interest for the actual research clearly outweighs the risk of unauthorized infringement of the person’s personal integrity. If the handling of data has been approved by an Ethics Board these prerequisites are considered fulfilled. It is not permitted to gather and store sensitive personal data for research or statistical purposes that have not been approved to be stored at the time of collection.
Ethics review
All research that involved handling of sensitive personal data or information about offenses shall be subjected to ethics review. The ethics review is carried out by an Ethics Review Board with representation both from the Public and Research Community, and it covers both the actual research project as well as the handling of personal data in accordance with the Data Protection Act. The basis of the review is outlined in the Ethical Review Act, where the research ethics review shall be a sufficient guarantee for that sensitive personal data are used in research only in those exceptions where some infringement into personal integrity really is justified.
The Ethics Review Board does not have to apply the assessment standard normally applicable, which is that the public interest clearly shall outweigh the risk of infringement into the individual’s personal data that the handling might entail. How the assessment standard normally is applied can however, be guidance for the Board’s assessments.
Personal Data for direct marketing
For you who have personal data registered with AcouSort for the purpose of marketing:
Your personal data can be used for direct marketing, newsletters, customer surveys and for statistical purposes, and can be used for mailings by mail and e-mail until you recall your consent. Sender of mailings is AcouSort AB.
Personal data for recruitment
For you who have left personal data for registration for recruitment purposes:
If you have given consent, AcouSort will manage your personal data and can take the opportunity to contact you if a matching position has become available.
Types of personal data that we manage
AcouSort stores information that you yourself have given us.
AcouSort gathers information from third party regarding stockholder information. This information comes from Euroclear Sweden AB.
How we use personal data
AcouSort uses personal data for the following purposes:
- Newsletters and other marketing information
- Stockholder information
- Recruiting needs
- Research purposes
- Employees
- Investors
- Collaboration partners
- Customers
Depending under which prerequisites the data has been gathered by AcouSort, you can appear in one or several categories.
Legal basis for our policy
The managing of personal data at AcouSort AB is done at the following grounds:
- So that AcouSort can fulfill its obligations towards you
- Legal obligation – management of personal data to fulfill requirements from e.g. the medicines act, the human cell and tissue management law, the accounting law, the companies act, VAT tax law, consumer rights law, on the judicial grounds of managing legal obligations. Also see section on “Personal Data in AcouSort Research” above.
Who can gain access to your personal data?
Your personal data will not be transferred or sold to third party. Your personal data can however be given out to third party (personal data assistants) if this is required to maintain services to you.
We will give out personal data to the following:
- Providers of IT systems within development and support. These suppliers provide services, technical solutions and platforms for AcouSort’s research programs
- Collaboration partners who manage marketing
- Potentially to authorities based on legal requirements
For above-described purposes, we will only distribute the data required.
How we protect your personal information
AcouSort AB takes the technical and organizational safety measures required by law to ensure that your personal data are not manipulated, lost or destroyed, or that unauthorized persons gain access to them. Our safety routines are continuously updated in step with technical developments.
Where are your data stored?
AcouSort AB stores all personal data that are collected from you within the EU and ESS. We do not give out personal data to third parties except in instances of requirements of law, or if to fulfill our obligations to you. Please also see information in the paragraph “Who can gain access to your personal data?”
How long do we store your data?
When you give your personal data to AcouSort AB you consent to AcouSort registering and managing the given data for the purposes stated above. We never handle your personal data for a longer period than allowed for by applicable laws, by-laws, practices or authority decisions. Data can be stored longer if required by e.g. the Ethics Review Act, the Medicines Act, the human cell and tissue management law, the accounting law, the Companies Act, VAT tax law, consumer rights law. The personal data are stored in AcouSort’s IT systems. You can contact us at any time and ask us to remove your personal data unless it is in violation of applicable law. If applicable law does not allow us to remove your personal data, but instead allows for anonymizing the data we will do so. In other instances, your personal data are not stored longer than necessary for each specific purpose of use.
Your rights
You have the right to ask for access to your personal data and get information on which data are stored with us, the purpose for the handling of these data, the recipients or categories of recipients to whom these data have been or will be provided, the estimated period for which, or the criteria on how the period will be determined, under which the data will be stored. You can contact us on the address below and ask to get the information sent by e-mail or mail. To ensure your security this information will only be sent to your registered address or to an e-mail in our customer database.
If you determine that the data AcouSort AB have processed are wrong or in violation to applicable legislation you also have the right to ask that the data are corrected, blocked or removed. This is done by contacting us. In some cases, AcouSort AB is required by law to handle your data even if you have asked them to be removed. If you wish to have your data ported to be available elsewhere (dataportability) we kindly ask you to contact us at the address below.
If you find that your personal data have been managed in violation of applicable legislation you always have the right to register a complaint with Datainspektionen, the Swedish regulatory authority; Data Inspection Board.
Links to other pages
At www.acousort.com there might exist links to external web pages outside of AcouSort’s influence. These are not covered by this policy.
Contact
If you have questions about how we manage your personal data or if you wish to port your data, contact gdpr@acousort.com. Regarding handling of your personal data, you can also contact Datainspektionen, the Swedish regulatory authority; Data Inspection Board.
Address:
AcouSort AB
Medicon Village
223 81 Lund, Sweden
gdpr@acousort.com
This policy has been updated by AcouSort AB (publ) and applies from 2024-05-31.