Privacy of stakeholder data at Fiskars
- “controller” means the entity that decides how and why personal data are processed.
- “personal data” means any information relating to an identified or identifiable natural person; an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person.
- “process”, “processing” or “processed” means anything that is done with any personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
- “processor” means any person or entity that processes personal data on behalf of the Controller (other than employees of the Controller).
1. Lawful basis of processing
We collect your personal data based on one or many of the following legal bases:
- we have a legal obligation which obliges us to process your data;
- we have a legitimate interest in carrying out the processing for the purpose of managing, operating or promoting our business, and that legitimate interest is not overridden by your interests, fundamental rights, or freedoms (“legitimate interests”); or
- where you have given your consent to processing of your personal data
- the processing is necessary in connection with any contract between Fiskars and you (“contractual necessity”).
2. Personal data we collect
We may collect personal data either directly from you, indirectly from your company or its representatives, indirectly from your or your company’s stakeholders, automatically from your devices that interact with our services, or from third party sources as described below.
Information collected directly from you:
- Contact details: your name, email address(es), telephone number, postal address;
- Demographic information: gender, date of birth or age, language, title or degree;
- Any consents, communications and feedback that you provide to us;
- Work-related information provided by you: company/employer’s name and contact details;
- Social media profiles.
Information collected when our websites or other services are used:
- Your user account identity and registration date (if you are logged in);
- Your browser, operating system, device model, IP-address, time of access and duration of access;
- Cookies and other identification tags; and
- Other information collected based on your consent.
Information collected from other sources:
- If you or your company have connected to any Fiskars website, service or social media channel using your social media profile(s), we may collect the public information available on your social media profile(s);
- We may collect your data from public websites, business cards, electronic communication footer information;
- We may collect information from public registers, if such registers are available in your country;
- Updated delivery and contact information from delivery agents.
3. How Fiskars uses your personal data
As you are in a position of our stakeholder, we collect your personal data to establish and maintain business relationship between you, your company and us. In this respect, we may use your personal data for the following purposes:
- Offering, selling and delivering products as well as planning, supporting and maintaining marketing activities
- Invoice processing, sourcing, purchasing and contract management activities
- Other activities we may deem reasonable for creating or nurturing a business relationship between you, your company and Fiskars
- Product and services development and anonymized reporting
- Detection, investigation and prevention of unlawful activities
- Identifying users, for example any external persons visiting our premises
4. How long is your data stored
Your data is stored as long as it is necessary for the purposes of processing it i.e. as long as there is a valid contract between you or your company and Fiskars (unless your employment at the company ends, in which case we may delete your data as soon as we receive information on your departure and the processing of your data is no longer necessary); or we have otherwise a meaningful business relationship or business prospects with your company; plus, the applicable period for limitation of legal claims, and any additional periods required or permitted under applicable law.
5. How we disclose your personal data to other parties
We disclose your personal data only to the parties indicated below and for the following reasons only:
• International transfers. Our services may be provided using resources and servers located in various countries, partly located outside of EU/EEA. In the event that your personal data are transferred outside of EU/EEA, we will ensure that any such transfer is covered by appropriate contractual measures (e.g., using European Commissions Standard Contractual Clauses), that the transfer has an appropriate legal basis, and that the data processing and confidentiality fulfills the requirements in relevant laws.
• Lawful requests. We may be required by the binding requirements of applicable law, or for the purposes of responding to legal proceedings or other lawful requests to disclose your personal data to authorities or third parties.
• Protection of our interests and combating fraud. We may also disclose or otherwise process your personal data, in accordance with applicable law, to defend our legitimate interests (for example, in civil or criminal legal proceedings) and when combating fraud.
• Mergers and acquisitions. In the event of any sale, consolidation or reorganization of our businesses (for example mergers and acquisitions), we may disclose your personal data to prospective or actual purchasers or their advisers, where appropriate.
6. Steps taken to safeguard the personal data
We have created appropriate safeguards to protect your personal data. We have implemented both technical and organizational safety measures, and only certain restricted personnel are permitted to access your data. However, you should always be careful when transmitting your data via internet, as the transmission of data to our website will be at your risk.
7. Actions you can take in regard to the processing
Subject to applicable law, you may have the following rights with respect to the processing of your personal data:
- Accessing, or obtaining a copy of, your personal data
- Unsubscribing from our distribution lists
- Checking, rectifying and editing your personal data
- Blocking and deleting the cookies
- Erasure, or restriction of our processing, of your data
- Objecting to the processing of your personal data
- Having your personal data transferred to another processor, where technically feasible
- Withdrawing your consent
- Lodging a claim at the supervisory authority of the Member State of your habitual residence, place of work, or where the alleged infringement of GDPR took place
Please note that upon exercising any of the rights listed above, you may be requested to provide additional information for identification purposes. Such additional information shall not be used for any other purpose and will be removed after successful identification.
9. Our contact point
In general privacy issues, in issues relating to your account or to opt out from marketing messages, please contact our customer service:
Tel. +358 204 3910
Fiskars Sweden AB, Box 12249, 102 26 Stockholm
Tel. +46 42 36 11 00