Privacy centre
Privacy notice for event attendees
-
1. Why and how we process your personal data
This privacy notice (“Privacy Notice”) describes how Mölnlycke Health Care AB, reg. No. 556547-5489, including all its affiliates (“Mölnlycke”, “we”, “us” and “our”) processes personal data relating to individuals who attend, participate in or otherwise are present at events organized by us (the “Events”).
Mölnlycke Heath Care AB is responsible for the processing of your personal data as described in this Privacy Notice in the capacity of data controller. You can contact our Data Protection Officer (DPO) directly via email at privacy@molnlycke.com, if you have any questions or concerns. You may read more general information about how and why we process personal data at https://www.molnlycke.com/privacy-center/ or you can contact us at phone number: +46 31 722 30 00.
-
Purpose:
Purpose: Mölnlycke will process your Personal Data for the following purpose and compatible secondary purposes, in accordance with applicable law:
- To organise, administer and document the Event, including managing registrations, attendance, and practical arrangements related to the Event,
- To communicate internally about the Event and Mölnlycke’s activities, including publication of images and information on internal channels such as Mölnlycke’s intranet and other internal communication platforms,
- To maintain internal records and archives documenting Mölnlycke’s events and corporate activities.
Personal Data collected at the Event is intended for internal use only. Any use of Personal Data for external communications will take place only after your explicit consent has been obtained.
Legal basis: We only process your Personal Data to the extent permitted or required in accordance with applicable data protection legislation.
The legal basis for the processing of your Personal Data in connection with the Event is that the processing is necessary for the purposes of Mölnlycke’s legitimate interests (Article 6(1)(f) GDPR), namely, to organise, document, and internally communicate about the Event and Mölnlycke’s activities.
Retention period: Mölnlycke will store your Personal Data for a period of two (2) years from the date of the Event, unless a longer retention period is required under applicable law. After the applicable retention period has ended, your Personal Data will be deleted.
Data collection: We collect your Personal Data primarily directly from you in connection with your participation in the Event, for example through event registration, attendance, or interactions during the Event. We may also collect Personal Data through photographs or video recordings taken at the Event, which may be captured by Mölnlycke or by third‑party photographers engaged by Mölnlycke.
Data sharing: We will share your Personal Data with the following recipients:
- Entities within Mölnlycke Group of companies and Mölnlycke affiliates.
- Agencies and other consultants working for Mölnlycke in connection with the Event.
- IT service providers used for the purpose of the Event (such as registration platforms).
Data transfer: Please note that we may transfer, store, and process your Personal Data within and outside the European Economic Area (EEA) for the purposes described above, including to Mölnlycke affiliates located in countries where Mölnlycke operates globally, such as the United States, Australia and New Zealand.
If we transfer your Personal Information from a country which requires that a so-called transfer mechanism is used to safeguard your rights, we will rely on one of the formally approved options, as applicable. This could e.g., be:
- European Commission’s Adequacy Decisions. You can access a list of the countries that the European Commission has decided provide an adequate level of data protection here: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en.
- European Commission’s or the UK standard contractual clauses. You may access the European Commission’s standard contractual clauses here: https://eur-lex.europa.eu/legal-content/en/TXT/?uri=CELEX%3A32021D0914.
-
2. Your rights
In this section we describe your rights as a data subject. You can exercise them by contacting us, using the contact details above. Please note that not all rights listed below are absolute and there are exemptions which can be valid.
Right of access. You have the right upon request to get a copy of your Personal Data which we process and to get complementary information regarding our processing of your Personal Data, such as for what purposes the processing occurs, relevant categories of personal data and the recipients of such personal data.Right to rectification. You have the right to have you Personal Data corrected (rectified) and/or complemented if it is wrong and/or incomplete.
Right to erasure. You have the right to request that we erase your Personal Data without undue delay in the following circumstances: (i) the Personal Data is no longer necessary in relation to the purposes for which it was collected or otherwise processed; (ii) you object to our processing of Personal Data, and we do not have any overriding legitimate grounds for the processing; (iii) the processed Personal Data is unlawfully processed; or (iv) the processed Personal Data has to be erased for compliance with legal obligations.
Right to restriction. You have the right to restrict the processing of your Personal Data in the following circumstances: (i) you contest the accuracy of the Personal Data during a period enabling us to verify the accuracy of such Personal Data; (ii) the processing is unlawful, and you oppose erasure of the Personal Data and request restriction instead; (iii) the Personal Data is no longer needed for the purposes of the processing, but is necessary for the establishment, exercise or defence of legal claims; or (iv) you have objected to the processing of the Personal Data, pending the verification whether our legitimate grounds for our processing override your interests, rights and freedoms.
Right to object. You have the general right to object to our processing of your Personal Data when it is based on our legitimate interest. If you object and we believe that we may still process your Personal Data, we must demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or for the establishment, exercise or defence of legal claims.
Complaints to the supervisory authority. If you believe that our processing is performed in breach of applicable data protection legislation, we encourage you, in first-hand, to contact us in order for us to oversee your complaint. You may at any time file a complaint with the supervisory authority in Sweden, or with your local supervisory authority. The data protection authority in Sweden is ‘Integritetsskyddsmyndigheten’. You can find contact details to each local EU supervisory authority by visiting this link: https://edpb.europa.eu/about-edpb/about-edpb/members_en.
Security measures. We have taken measures to ensure that your personal data is handled in a safe way. For example, access to systems where personal data is stored is limited to our employees and service providers who require it in the course of their duties. Such parties are informed of the importance of maintaining security and confidentiality in relation to the personal data we process. We maintain appropriate safeguards and security standards to protect your personal data against unauthorized access, disclosure, or misuse. We also monitor our systems to discover vulnerabilities.