Personal data policy

What personal data does Kontek process?

Personal data that Kontek may process about you are:

How do we collect your personal data?

In general, Kontek collects personal data directly from you or other people connected to our customer. If the customer you work for purchases products or services from Kontek or through a partner company, we may collect information about you from the partner company.

We also use cookies and other tracking technologies when you use Kontek websites to optimize your experience with Kontek, our products and our websites.

Cookies are small files that are stored by your browser when you visit web pages. There are two main types of cookies, session cookies and "persistent" cookies. Session cookies are only stored during your visit and are deleted when you close your browser. Other cookies are stored and recognize you when you visit the website again. We use both session cookies and permanent cookies on kontek.se.

The cookies help to distinguish between different users and how they navigate the site. This information is important to us at Kontek so we can improve and customize the site for our different users. Cookies are used on many websites to give a visitor access to various functions and thus a better experience of the visit to the website.

How to avoid cookies

If you want to avoid cookies, you can set your browser to automatically refuse cookies or to inform you that a website contains cookies. More information on how to do this can be found in your browser's help section. In the event that you do not refuse cookies, when you use our website, we assume that you consent to the processing of personal data via cookies.

Cookie policy

At kontek.se, we use both first-party and third-party cookies* for various purposes. Some of the cookies placed on your computer are, as mentioned earlier, deleted when you leave our website (session cookies) while others remain on your computer so that the website recognizes you from time to time if you return with web visits (permanent cookies).

• At kontek.se, we use cookies to facilitate the use of the website and make the pages load as quickly as possible on your computer (first-party session cookies).
• Via the analysis tool Google Analytics (first-party session and permanent cookies), statistics are collected on how our visitors move around the website, such as how long the visit takes, which pages are visited, which browser is used, etc. The data collected via cookies cannot be linked to the identity of a specific user. In addition, we use cookies to streamline and follow up our sales campaigns.

*Definition of first-party and third-party cookies
All cookies have a sender in the form of a domain name. A first-party cookie is a cookie where the cookie has the same domain name sender as the website, i.e. the cookie is set by the website the user is visiting, while a third-party cookie is a cookie where the sender comes from a different domain than the one the user is visiting. In other words, the cookie has a domain name sender that is different from the URL of the website.

‍Why we process personal data

Kontek's privacy policy applies when Kontek processes your personal data for various purposes when you interact with us, such as;

Buying and delivering

• Managing customer orders, contracts and payments
• Offering services directly to you, such as e-learning, webinars and reports
• Offer products and services to our customers.
• Create and manage accounts for users of our services
  
  

Support and improvement

• Improve and develop the quality, functionality and user experience of our products, services and Kontek websites, and provide our customers with a pleasant customer journey.
• Provide customer support for our products and services
  
  

Security and safety

Detecting, remediating and preventing security threats and abuse, as well as performing maintenance and troubleshooting.

Marketing and promotion

• Managing and sending marketing material
• Create interest profiles to promote relevant products and services
  
  

Recruitment

Legal basis for processing your personal data

Kontek processes personal data on several legal bases.

Contract with you

We process your personal data based on a legally binding contract with you, e.g. when you apply for a job at Kontek. Processing your personal data such as CV, application and references is necessary for Kontek to handle requests from job applicants before entering into a contract.

Your consent

Kontek may process your personal data based on consent. You always have an opportunity to withdraw your consent after the consent is given.

Legitimate interest

Kontek has a legitimate interest when we process your personal data for security, support and improvement or when you act as a contact person for an existing or potential customer. Your personal data is processed from a business perspective in a way we believe does not conflict with your freedoms and rights as a private person.

Furthermore, Kontek processes your personal data based on a legitimate interest if you sign up for a webinar or download content from our websites. The legitimate interest is to assist you with accurate content, conduct webinars, market and administer your requests.

How your personal data is shared

Within the Group

As Kontek is part of the Visma group of companies, it is important to us that we provide you with the best possible overall experience. To maintain an overview and have insight, Kontek may share your personal data between companies within the Visma group.

Outside Kontek

Kontek may also share your personal data with external third parties in the following contexts:

• Business partners
  Kontek may share your personal data with our partners where it appears legitimate from a business perspective and in accordance with applicable data protection laws.
• Public authorities
  Law enforcement and other authorities may request access to personal data from Kontek. In these cases, Kontek will hand over the information if a court order exists to support this.

When does Kontek use subcontractors?

Kontek uses sub-processors to process personal data. These are usually cloud service providers or other IT providers.

When Kontek uses sub-processors, Kontek signs Data Processing Agreements (DPA) with them to protect your privacy. All sub-processors are located within the EU/EEA.

You can always request an overview and more detailed information about Kontek's sub-processors. How to contact Kontek can be found at the bottom of this document.

How long will your personal data be stored?

Kontek will only retain your personal data for as long as necessary to fulfill our contractual obligations. When we process your personal data on other legal grounds, such as legitimate interest, the information is kept for as long as it is necessary to fulfill the purpose of the processing.

Consequently, your personal data may be subject to different retention policies based on the type of data and the purpose of collecting it. Below we mention some examples:

Contact persons

If you are Kontek's contact person at a company that is a supplier, customer or partner of ours, we will use your data as follows.

In order for Kontek to fulfill these agreements with your employer, we need to have information about the contact person(s) we should contact to discuss and manage the contractual relationship. We will collect and process your name, contact details (such as phone number and email address) and position or title, and record them in our systems. We will process the data for as long as you are the designated contact person for Kontek for the company you are employed by. We will stop processing when you are no longer the contact person, or when the company you are employed by terminates the relationship with Kontek.

We also use your data to market Kontek's services to the company you are employed by.

Job seekers

If you apply for employment with us here at Kontek, we process your personal data as follows.

When you apply for employment with Kontek, you submit certain information, in the form of name, social security number, contact details and CV. Your application may also contain other information, which you voluntarily add to it.

We need to process this information in order to assess your application. Kontek has a legitimate interest in reviewing potential employees, the information is necessary for a possible contractual relationship between us and you, in the form of an employment contract, and Kontek has legal obligations to fulfill in application procedures.

The data will be processed by Kontek's HR department and by the person in charge of the department you have applied for, in order to be able to make an employment decision regarding the current vacancy.

We will keep your data for two years in relation to your application for the position in question. We need to do this in case someone claims that Kontek has not complied with applicable law in the recruitment process, for example if someone claims to have been discriminated against and Kontek needs to defend itself against such a claim. The data will then only be used for this purpose.

Marketing activities

Another example is contact information stored for marketing purposes, including leads or potential customers. Such personal data will be deleted no later than 24 months after the last recorded activity.

For further information regarding deletion, please contact Kontek (contact information can be found in the last section of this document).

‍Your rights

As a data subject, you may invoke the following rights in relation to Kontek's processing of your personal data:‍

• Right of access: you have the right to request a copy of the personal data we process (about you).
• Right to rectification: You also have the right to request Kontek to correct inaccurate personal data concerning you. If you have a user account with Kontek for a Kontek Service, this can usually be done under "your account", "your profile", or equivalent for the relevant Kontek Service.
• Right to erasure: You can request Kontek to erase data about you.
• Right to restriction (of processing): You can ask us to restrict the processing of your personal data.
• Right to data portability. You can ask us to provide you or others with your personal data in a structured, commonly used and machine-readable format.
• Right to object: You have the right to object to our processing of your personal data on the basis of legitimate interest or direct marketing purposes. You also have the right to object to our processing of your personal data for the performance of tasks carried out in the public interest or in the exercise of official authority or on the basis of legitimate interests.

Please note that there may be certain exceptions or limitations to the above rights that may apply depending on the specific circumstances of your situation. In such cases, we will provide you with detailed information about the applicable exception or limitation and assist you in exercising your rights to the fullest extent possible, in accordance with applicable laws and regulations. ‍Please use dpo@kontek.se to submit requests under this section.

Amendments

We encourage you to review Kontek's privacy policy regularly. If Kontek makes significant changes to this policy that materially alter our privacy practices, we may also notify you by other means, such as email or through our website, before the changes take effect.

The Privacy Policy is revised annually. Last updated: 2023-11-20.

Contact us for more information

Kontek is a Swedish company that is part of a group that has legal entities, business processes, management structures and technical systems that cross borders. Kontek delivers software and services to both public and private organizations in Europe. Kontek's head office is located in Ljungby.

Head office: Långgatan 19, 341 32 Ljungby, Sweden.
Telephone: +46 372 89 000

We value your opinion. If you have any comments or questions about our privacy policy, other privacy issues or about a possible data breach, please send them to dpo@kontek.se.

We handle questions and complaints confidentially. Our representative will contact you to address any questions or concerns and to describe the options available to resolve them. We aim to ensure that complaints and queries are resolved in an accurate and appropriate manner.

Finally, you also have the right to lodge a complaint with the Data Protection Authority (IMY ) regarding the processing of your personal data.