Privacy policy

This Website Privacy Policy aims to describe the content and manner in which the Sund Birsta AB processes personal data, in accordance with Art.13 of EU Regulation 679/2016 (hereinafter – for the sake of brevity – “GDPR”), for the purpose of using this website in an informed manner.

Listed below are: the Data Controller, the Data Handler, the type of personal data processed, the purpose and legal basis of processing, how data are provided and how long they are stored, compulsory data, data recipients, transfer of data outside the EU, authorized data handlers, rights of Data Subjects.

Data controller

Sund Birsta AB
Heffners allé 51, SE-851 25 Sundsvall, Sweden
hereinafter – for the sake of brevity – “the Company”

Type of data processed

When Data Subjects browse this website, the Company only collects their common data (first name, surname, country of origin, e-mail address, any previous company, telephone number)

Purpose of data processing

Data collected through web browsing

Legal basis for processing

Legitimate Interests pursuant to Art. 6, par. 1, letter f of the GDPR

Data provision

The system automatically collects the data during browsing.

Purpose of data processing

2 years

Data recipients

The data can be processed by external individuals acting as independent controllers, such as supervisory and monitoring authorities and bodies, and subjects in general, whether public or private, who are entitled to request the data.

The data can also be processed on behalf of the Company by other subsidiaries or companies belonging to the Group, including Danieli, and/or by external companies designated as data handlers and who may also be the recipients of processing instructions. These subjects are basically divided into the following category: companies that offer website maintenance services.

Transfer of data to countries outside of the EU

Personal data are not transferred to recipients outside the EU.

Authorized data handlers

The data are only handled by subjects tasked with pursuing the above-mentioned purposes, who have been explicitly authorized to handle the data and have received the necessary instructions.

Rights of the data subject and complaints to the supervisory authority

By e-mailing, Data Subjects may ask the Company for permission to access their data, or to cancel, correct and add to their data, and to limit processing in the cases specified in Art. 18 of the GDPR, and to object to processing for the Company’s legitimate interests.

Moreover, in cases where data handling is based on consent or is done using automated tools, Data Subjects are entitled to receive the data in a commonly used structured, readable format, and, if technically feasible, to transfer them to another data controller without impediment.

Data Subjects have the right to revoke any consent granted at any time.