113 23, Stockholm
1. Personal DATA THAT we PROCESS
We process the following categories of personal data about you:
Your name, email address, telephone number and postal address.
This means information regarding the company you work for, including company name, job title, workplace and sometimes information regarding your right to represent your company. This is applicable when you contact us in the role of representative of a company.
Personal identification number
If you are a sole trader, we will process your personal identification number as it is the same as your company registration number.
We will collect and store your communication with us and any information provided to us in such communication, for example if you fill in the open comment-field in the contact form on our website or when emailing us.
Please note that we receive any information you send to us. Because email communications are not always secure, we encourage you to not include sensitive data in your emails to us and avoid sharing sensitive data with us.
If you are a customer to Clinicbuddy, we may contact you to participate in online customer satisfaction surveys. If you decide to participate, you may be asked to provide certain information which may include personal information.
We will collect technical data from your computer (or mobile device) in connection with your use of our website such as IP address, browser type and version, screen resolution, preferred language, geographic location, operating system and computer platform. Even though we do not normally use technical data to identify individuals, sometimes individuals can be recognized from it.
We will process sensitive data about you if you provide us with such information and only to the extent necessary and justified.
2. How we gather your personal DATA
Information you give to us
Most of the information we process about you is received from you. You may directly or indirectly give us information about yourself in different ways, for example when you contact us to hire us or otherwise in your communication with us. You can always choose not to provide us with certain information. However, some personal data is necessary in order for us to provide you with our services. Not providing such personal data may prevent us from performing the services you expect from us.
Information we collect about you
We may also, responsibly and with your privacy in mind, obtain personal data about you from your employer, the website of your employer or other external public sources.
When you visit our website, we will collect technical data regarding your device from cookies and similar technologies. See the separate section on cookies below.
3. How your PERSONAL DATA will be used And the Legal grounds for it
Clinicbuddy processes your personal data for the following purposes and based on the following legal basis:
To communicate with you
Your contact details (name, email address and phone number) will be used to communicate with you. This processing can either be necessary for us under our contract with you or your employer or for our legitimate interest in effective communication with our customers, suppliers and business partners.
To market our services
Your contact information will be used to send newsletters, information about our services or event invitations to you. This processing is based on our legitimate interest of being able to market our services, as you have shown an interest in our services. Feel free to follow the unsubscribe instructions contained in the email received from us or contact us directly
If you are a sole trader, to identify you and your company
We process your personal identification number as a part of the information we keep about your company and to identify you as the representative of such company. This is necessary for the identification process and for our legitimate interest of being able to identify our customers, suppliers and business partners.
To fulfil our legal obligations.
Clinicbuddy are obligated to follow Swedish law. This means that your personal data will be processed to the extent necessary for us to fulfil our legal obligations, for example with regard to tax and book-keeping rules.
To protect our legitimate business interests and legal rights
We will use information about where we believe it is necessary to protect and enforce our legal rights, interests and the interests of others, for example in connection with legal claims, compliance, regulatory and audit functions.
In connection with a merger or acquisition
In connection with, due to strategical or business-oriented reasons, a potential merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company, the personal data we retain about you may be processed, shared or transferred, to parties involved in the process. This processing is based on our legitimate interest of being able to develop our business.
With your consent
Your personal data may be used for other purposes than stated above if you ask us to or you give us your consent. For example, if you are one of our customers we might contact you asking for your consent to publish a customer review by you for the purpose of marketing our services.
Only applicable to our customers:
To provide our services to you
If you are customer to Clinicbuddy, we will process your personal data to manage our customer relationship and to provide you with our services. This is necessary for upholding our obligations according to the contract we have entered into with you or your employer.
To administer our agreements
If you are a customer to Clinicbuddy, personal data will be processed when we enter into and during the agreements with you or your employer. This is necessary for us to be able to enter into and fulfil agreements with you or your employer and for our legitimate interest in being able to enter into and fulfil different types of agreements and to have a contact person in connection with the agreement.
For billing purposes
If you or your employer have ordered services from us, your personal data may be used for billing purposes. This includes having you as an invoice-reference. This processing is necessary and is based on our legitimate interest of being able to bill.
To conduct customer surveys
Your contact information may be used to conduct customer surveys, for example regarding Clinicbuddy and our services. Participation is voluntarily. This processing is necessary to pursue legitimate interests, such as our interest in developing and improving our business and services.
To develop and improve our business and services
Statistics and information from customer surveys will be used as material for us in our work towards developing and improving our business and services, which also is our legitimate interest that we base this processing on.
4. How we share YOUR PERSONAL DATA
Sometimes, we need to share your personal information with other trusted individuals and companies. Your personal information is shared with:
Our employees and consultants
Your personal data will, when appropriate, be shared with some of our employees and consultants. However, we will restrict access to those of our employees and consultants who need it to perform their jobs, for example to provide you with customer support. Our employees and consultants are of course subject to strict confidentiality.
Our service providers
We transfer to or share your personal data with our suppliers and subcontractors who help us provide the services to you or supply other services to us which require the processing of personal data, such as cloud-based CRM-systems or our servers.
We provide personal data to third parties solely for the purpose of delivering our services and to manage our daily operations including marketing of our services. Our suppliers and subcontractors are not authorized by us to use or disclose your personal data except as necessary to perform services on our behalf or to comply with legal requirements.
Authorities and other public actors
Sometimes legal obligations may require us to share information about you, for example to respond to lawful requests from law enforcement agencies, regulatory agencies, and other public and government authorities. We may also disclose information if needed to detect and prevent fraud or in connection with a legal process, for example to enforce our agreements or to protect our rights, you or others.
5. Where we PROCESS your personal data
Clinicbuddy always strives to process and store your data within the EU/EEA. However, your data may in certain situations be transferred to, and stored at, a destination outside of the EU/EEA territory.
Please note that privacy laws in countries outside of the EU/EEA may not be the same as, and in some cases may be less protective than, privacy laws in your country. However, we always select our service providers carefully and take all the necessary steps to ensure that your personal data is processed with adequate safeguards in place in accordance with the General Data Protection Regulation 2016/679 (GDPR). These safeguards are either that we sign the EU Commission Standard Contractual Clauses or ensure that the service provider is established in a country which the EU Commission has deemed as having adequate privacy protection or, if the company is established in the United States, certified under Privacy Shield.
Please contact us for more information about the applicable safeguard in a specific case.
6. How long we keep your PERSONAL DATA
Clinicbuddy keeps your personal data only as long as necessary to fulfil the purposes for which it was collected. How long depends on the type of information and why we process it. We regularly review our need to keep data, taking into account applicable legislation.
If you have a business relationship with us, we generally save your personal data during our relationship and as needed for tax and book-keeping purposes etc.
Personal data processed on the basis of your consent (e.g. sensitive data), will be deleted when your consent is withdrawn or upon expiry of the purpose for which your consent was given. Moreover, we store data to the extent we believe it is necessary to protect our legal rights, legitimate interests and the interests of others. Your data may also be stored for a longer period if required by applicable statutory retention periods.
7. Your rights
Right to object
You have right to object to processing based on legitimate interest. This means that we may no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests. You can always contact us for more information on the balance test that has been made.
You may also object to your personal data being processed for direct marketing purposes.
Right to access your data
You have the right to request a transcript of personal data processed by us, and additional information on how the data have been collected, processed, shared, etc. The first transcript may be requested free of charge, however if you make repeated and unreasonable requests for copies we might charge you with an administrative fee.
Right to transfer your data.
You have the right to transfer your personal data to another controller under certain conditions.
Right to rectification. You have the right to correct inaccurate or incomplete information about yourself.
Right to erasure (‘right to be forgotten’). You have the right to request that we delete personal data about you, for example if the data is no longer necessary in relation to the purposes for which it was collected or otherwise processed, or if there is no legal basis for processing the data.
Right to restriction
You are entitled to request that the processing of your personal data should be limited until inaccurate or incomplete information about you has been corrected, or until an objection from you have been handled.
Right to withdraw your consent. You may at any time withdraw any consent you have given us. However, please note that it will not affect any processing that has already taken place.
Right to complain
You have the right to lodge a complaint to the Supervisory Authority in the country you live or work in, if you believe that we have not complied with our obligations regarding your personal data. In Sweden the Supervisory Authority is Datainspektionen, which also is our lead supervisory authority, and you can find more information at their website: https://www.datainspektionen.se.
Please note that if you request restriction or erasure it might affect our abilities to provide our services to you. Moreover, legal rights or obligations (such as confidentiality, accounting and tax legislation) may prevent us from disclosing or transfer all or part of your information, or from immediately deleting your information.