External Privacy Notice
Introduction.
Who are we?
What is personal data?
How do we obtain your personal data?
Personal data categories we process about you.
Special categories of personal data.
Purpose and legitimate basis of processing your personal data.
How we process and retain your personal data.
How we protect your personal data.
Sharing your personal data.
Your rights.
Data Protection Officer.
Updating this Privacy Notice.
Introduction.
We understand that you are aware of and care about your own personal privacy and personal data, and we take that very seriously. HANZA values the privacy of our customers, suppliers and employees.
Who are we?
HANZA is a group of manufacturing companies. The term “HANZA” refers to HANZA Holding AB and its wholly owned subsidiaries. HANZA currently operates in Sweden, Finland, Estonia, Poland, the Czech Republic, Germany and China.
You can contact all the HANZA companies through our Global Switchboard +46 86246200 or by sending an email to moc.aznah@ofni. HANZA’s Head Office is located at Torshamnsgatan 35, 164 40 Kista, Sweden.
What is personal data?
Personal data is any information relating to an identified or identifiable natural person. An identifiable natural person is a person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
How do we obtain your personal data?
- When you provide it to us yourself by filling in a contact form atcom, sending us a letter by post, sending an email to email addresses available on the hanza.com website, sending an email to any email address ending with moc.aznah@“” or subscribing to our mailing list. Also from business cards you have given to our representatives.
- Within the HANZA Holding AB stock acquisition or subscription process.
- When you are listed as a contact person in a business relationship between your employer and HANZA.
- We may also occasionally obtain personal data about you from publicly-available sources, such as contacts from your company’s website.
- Sometimes we get your personal data during everyday activities from our business partners and other third parties.
- We use cookies on our website for its technical functioning and for gathering statistics. A cookie is a small piece of data that a website stores on the visitor’s computer or mobile device.
Personal data categories we process about you.
HANZA does business with other companies. For that reason, we process personal data that is mainly business contact information. Such as your name, business email address, business phone number, business address, the company you work for and your position.
If you are applying for a job and send us your CV and other possible personal data, then we process personal information about your qualifications, employment history, place of residence – all the categories of personal data that you provide to us.
If you are shareholder in HANZA Holding AB, then we process your personal identification data and the amount of shares.
When you visit our webpage, www.hanza.com, you will be informed that this webpage uses cookies. If you accept, software upon which our site is built and hosted will gather information with the help of cookies to remember the pages you visit on our website, the date and time of your visit, your computer and connection information, such as your browser type and version and operating system, and the Internet Protocol (IP) address used to connect your computer to the Internet.
However, as you have the possibility to provide us with personal data that is not listed above, we may also unknowingly process categories of personal data not listed above.
Special categories of personal data.
Special categories of personal data include personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for uniquely identifying you, data concerning health or data concerning your sex life or sexual orientation.
We do not obtain or process special categories of personal data (sensitive data) about you. If you have provided us with personal data what can be categorised as sensitive data, then we will take actions to delete this data or obtain explicit consent from you for our continued processing of it.
We do not knowingly attempt to solicit or receive information from children and we will take actions to delete personal data about children or will obtain the parental consent required for processing it when we learn that we process such data.
Purpose and legitimate basis of processing your personal data.
We process your personal data only for the original purpose it was obtained.
- We assume that if you provided us your business contact information, the company you are representing already has business relations with us or there is a clear intention to enter into business with HANZA. We will use your business contact information for contacting you regarding future business opportunities and for customer surveys. So, our purpose in processing personal data in that case is to provide you our contract manufacturing services. The legitimate basis is entering into or carrying out the contract with the company you represent.
- If you have some other important matter, due to which you have contacted us and have requested a response, then our purpose of processing your personal data is to satisfy your request, and processing personal data for that purpose is in our legitimate interest.
- We process your data if it is necessary to comply with statutory requirements and the processing purpose is to comply with different legal obligations we have, including disclosing the identity of shareholders.
- The purpose of processing personal data gathered by cookies is to allow our website hosting company to get our site usage statistics. Processing is based on our legitimate interest in ensuring availability of the HANZA website.
How we process and retain your personal data.
- We select and forwardinformation you have provided to usto relevant persons at HANZA, depending on the content of your request. If we find, that you have provided us personal data that does not have any connection with doing business with HANZA or is otherwise not related to HANZA in any way, then we will delete correspondence received from you.
- Your personal data will be processed in one or several of the following countries: Sweden, Finland, Estonia, Poland, Germany or the Czech Republic, where HANZA has factories or in Sweden, Ireland and the Netherlands, where our IT service providers have data centre
- We will delete immediately any correspondence that can be classified as spam or phishing letters and irrelevant sales or marketing proposals.
- If we are already in business with you or if we can conclude from the information, you have provided that there is an intention of entering into business with HANZA, then we will add your contact information to our ERP or CRM systems and retain it until it is needed for carrying out the contract.
- We will retain personal data that we must process for complying with statutory requirements for as long as is required by legal acts.
How we protect your personal data.
We have deployed a wide range of technical and organizational security measures to help protect your personal data against undue access, modification and deletion. Those measures are covering physical security, human resource security, asset management, information handling, access control, user access management, cryptography, protection from malware, backup, network security, etc.
Selected companies in HANZA are holding ISO27001 information security certification and Information Security Management System implementation is conducted throughout the HANZA.
Sharing your personal data.
We may disclose your personal information to all HANZA companies (i.e. subsidiaries and holding company) if it is necessary for the original purpose. We do not sell, trade or otherwise transfer your personal data to third parties. Exceptions are third parties who are processors and from whom we outsource the services to support our main business. Such as IT services or security services. These parties agree to keep the information confidential and not use it for other purposes not agreed upon. We may also disclose your personal data if it is necessary to comply with statutory requirements.
We do not transfer your personal data outside the European Economic Area. However, if you have directly contacted our personnel in China, your business contacts will be processed in China. Nevertheless, we consider this to pose little risk to you, due to the nature of this data and as there are also adequate data protection measures in place – data is in HANZA’s protected computer network and is managed in servers situated in the European Union.
Your rights.
The General Data Protection Regulation (“GDPR”)
https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=uriserv:OJ.L_.2016.119.01.0001.01.ENG
provides the following rights for you as an individual regarding your personal data:
- The right to be informed;
- The right to access your personal data;
- The right to rectification;
- The right to erasure;
- The right to restrict processing;
- The right to data portability;
- The right to draw back consent;
- The right to object processing;
- Rights in relation to automated decision making and profiling.
However, GDPR also stipulates many restrictions to those rights listed above.
If at any point you need more information about your personal data that we process and how we process it, then please contact HANZA or our Data Protection Officer for more information.
If you are not satisfied with our response or believe we are not processing your personal data in accordance with the law, then you have the right to submit your complaints to The Swedish Data Protection Authority or your own national Data Protection Authority. Contacts of Data Protection Authorities can be found in European Commission web page:
https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm
Data Protection Officer.
HANZA has appointed a Data Protection Officer. If you have any questions or concerns about the personal data processing at HANZA, then feel free to contact DPO by sending email to moc.aznah@opd
Updating this Privacy Notice.
We are aware that information privacy is an ongoing responsibility, so we will update this Privacy Notice occasionally, as needed.
The current version of privacy notice was accepted on 08.02.2022 by HANZA CEO.