1. WHY AND HOW WE PROCESS YOUR PERSONAL DATA
This privacy notice (the “Privacy Notice”) describes how Mölnlycke Health Care AB, reg. No. 556547-5489, including all its affiliates (“Mölnlycke”, “we”, “us” and “our”) will process your personal data.
Mölnlycke Heath Care AB is responsible for the processing of your personal data as described in this Privacy Notice in the capacity of data controller. You may read more about how and why we process your Personal Data at https://www.molnlycke.com/privacy-center/ or you can contact us at phone number: +46 31 722 30 00.
You can also contact our Data Protection Officer (“DPO”) directly via email at privacy@molnlycke.com, if you have any questions or concerns.
Categories of personal data: Mölnlycke may process the following categories of your personal data:
- your name;
- your title;
- your contact details; and
- your opinions included in the nomination
(hereinafter referred to as the “Personal Data”).
Third party Personal Data: As your nomination include limited Personal Data about a third party, Mölnlycke kindly asks you to inform such individual about Mölnlycke’s processing and their rights in accordance with this Privacy Notice.
Purpose: Mölnlycke will process your Personal Data for the following purpose and compatible secondary purposes, in accordance with applicable law:
- To administer you nomination in the marketing campaign Silent Hero Award.
Legal basis: We only process your Personal Data to the extent permitted in accordance with applicable data protection legislation. This means that we need to have a legal basis for the purposes for processing your Personal Data.
The legal basis for our processing of your Personal Data is:
- our legitimate interest of preparing a marketing campaign to promote health care professionals contributions.
Retention period: We will store your Personal Data for as long as the contract with you is valid and thereafter for a period of seven (7) years.
After such period has ended, your Personal Data will be anonymised or deleted.
2. HOW WE COLLECT YOUR PERSONAL DATA
The Personal Data will be collected by Mölnlycke directly.
3. HOW WE SHARE AND TRANSFER YOUR PERSONAL DATA
Recipients: We will share your Personal Data with the following recipients;
- Entities within Mölnlycke Group of companies and Mölnlycke affiliates.
- Mölnlycke social media channels.
- Potential and actual customers.
- Agencies and other consultants working for Mölnlycke.
- IT service providers.
Transfer: Please note that we may transfer, store, and process your Personal Data outside your country of domicile for the purposes listed above, including to Mölnlycke affiliates in Europe, USA, Australia and New Zealand, and on Mölnlycke social media channels, for the purpose of increase awareness on wound care management.
If we transfer your Personal Information from a country which requires that so called transfer mechanism are used to safeguard your rights, we will rely on one of the official options, as applicable. This could e.g., be:
- European Commission’s Adequacy Decisions. This means that the European Commission has assessed and decided that your Personal Information will be equally protected in that country as within the EU/EEA. You can access a list of the countries that the European Commission has decided provide an adequate level of data protection here: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en
- European Commission’s or the UK standard contractual clauses. These clauses function as a contract between Mölnlycke and the recipient, with the purpose of safeguarding your rights. You may access the European Commission’s standard contractual clauses here: https://eur-lex.europa.eu/legal-content/en/TXT/?uri=CELEX%3A32021D0914
4. YOUR RIGHTS
In this section we describe your rights as a data subject. You can exercise them by contacting us, using the contact details above. Please note that not all rights listed below are absolute and there are exemptions which can be valid.
-
Right of access
You have the right upon request to get a copy of your Personal Data which we process and to get complementary information regarding our processing of your Personal Data.
-
Right to rectification
You have the right to have your Personal Data rectified and/or complemented if they are wrong and/or incomplete.
-
Right to erasure
You have the right to request that we erase your Personal Data without undue delay in the following circumstances: (i) the Personal Data is no longer necessary in relation to the purposes for which they were collected or otherwise processed; (ii) you object to our processing of Personal Data, and we do not have any overriding legitimate grounds for the processing; (iii) the processed Personal Data is unlawfully processed; or (iv) the processed Personal Data has to be erased for compliance with legal obligations.
-
Right to restriction
You have the right to restrict the processing of your Personal Data in the following circumstances: (i) you contest the accuracy of the Personal Data during a period enabling us to verify the accuracy of such Personal Data; (ii) the processing is unlawful, and you oppose erasure of the Personal Data and request restriction instead; (iii) the Personal Data is no longer needed for the purposes of the processing, but are necessary for you for the establishment, exercise or defence of legal claims; or (iv) you have objected to the processing of the Personal Data, pending the verification whether our legitimate grounds for our processing override your interests, rights and freedoms.
-
Right to object
You have the general right to object to our processing of your Personal Data when it is based on our legitimate interest. If you object and we believe that we may still process your Personal Data, we must demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or for the establishment, exercise or defence of legal claims.
-
Right to data portability
If your Personal Data has been provided by you and our processing of your Personal Data is based on your consent or on the performance of a contract with you, you have the right to receive the Personal Data concerning you in a structured, commonly used and machine-readable format in order to transmit these to another service provider where it would be technically feasible and can be carried out by automated means.
-
Complaints to the supervisory authority
If you believe that our processing is performed in breach of applicable data protection legislation, we encourage you in first-hand to contact us in order for us to oversee your complaints. You may at any time also file a complaint with the supervisory authority in Sweden, ‘Integritetsskyddsmyndigheten (imy@imy.se), or with your local supervisory authority. You can find contact details to each local European supervisory authority here: https://edpb.europa.eu/about-edpb/about-edpb/members_en.
-
Security measures
We have taken measures to ensure that your personal data is handled in a safe way. For example, access to systems where personal data is stored is limited to our employees and service providers who require it in the course of their duties. Such parties are informed of the importance of maintaining security and confidentiality in relation to the personal data we process. We maintain appropriate safeguards and security standards to protect your personal data against unauthorized access , disclosure or misuse. We also monitor our systems to discover vulnerabilities.