Directed towards our business contacts – customers/suppliers representatives/stakeholders – and others who communicate with us
Responsible organization and contact details
Schain Research, corporate ID number 559203-2162 (“Schain Research”, “we”, “us”), is responsible (the data controller) for the processing of your personal data as described in this privacy notice. You may always reach out to us with any questions, queries or requests on matters related to our processing of your personal data.
Our data protection officer (DPO) is Christina Jones. You may contact our DPO at christina@schainresearch.com.
It is important to us that you are aware of what personal data we collect about you and how it is collected. The type of data processed varies with different types of business relationships. This Privacy Notice is directed towards our business contacts (customers/suppliers/representatives/stakeholders) and others who communicate with us. Below you will find a summary of what data we collect about you, for what purposes, and the legal basis for this processing:
Type of data collected
Name, Email Address, Role/Title, Phone number
Our source
Yourself (if you fill out the contact form on our website or otherwise get into contact with us), LinkedIn, Company website or public records (if we want to get in contact with you and collect your contact information from such sources)
Our purpose(s)
Communication with you in your role as a representative of a Schain Research customer/supplier/partner or other stakeholder. Also, through administration of business information in our relationship with business contacts, and to provide an efficient way for customers and stakeholders to contact us (e.g. filling out the contact form on our website).
Legal basis
Our legitimate interest (business interest) to contact and communicate with our business contacts and partners as part of our business operations.
Schain Research will not pass on any personal data about you to any third party unless required by law to do so, or unless it is necessary in connection with our relationship with you.
Our service providers
We use external service providers for the processing of your personal data, such as suppliers who provide us with IT services (e.g. website hosting and email).
Transfers to third countries
Schain Research always makes sure to process your data within the EU/EEA. Should a situation arise where the data must be processed in, and thereby transferred to, a destination outside of the EU/EEA by us or one of our suppliers or subcontractors, we will take all reasonable legal, technical, and organizational measures to ensure that your data is treated securely and with an adequate level of protection compared to and in line with at least the level of protection offered within the EU/EEA.
Data retention and security
We will keep your data for the time necessary depending on our relationship with you. This means, inter alia, that we will delete your personal data if you request us to do so, or if we are informed that you have left the company for which you used to be a representative and that another person should be our contact person instead. Important business-related information about what has been agreed between us and the company you represent etc. will, however, be kept as long as necessary for such business-related purpose and administrative/accounting obligations (where applicable).
Schain Research protects your personal data using technical and organizational security measures. To prevent unauthorized access and ensure data accuracy, Schain Research has implemented strict guidelines for the organization regarding the processing of personal data and two-factor authentication is required to access our systems.
Your right to access
This enables you to receive a copy of the personal data and to check that we are lawfully processing it. Your request will be processed promptly, and within the timeframe required by GDPR. We will provide you with the information free-of-charge. For any further copies, we reserve the right to charge a reasonable fee based on our administrative costs for such request.
Your right to rectification
We make every effort to ensure that all data we process is accurate. If you discover that we have incomplete or inaccurate personal data about you in our records, please let us know and we will complete, or rectify, this information immediately.
Your right to erasure
You have the right to request that we erase your personal data under the following circumstances:
- your personal data is no longer needed for the purpose(s) we collected it for
- the personal data is processed for direct marketing purposes
- your right as an individual overrides our legitimate interest to continue the processing of your personal data (where we rely on legitimate interest as the legal ground)
- the processing of your personal data has not been in compliance with applicable law
We will always erase personal data if needed in order for us to comply with a legal obligation. If we refuse your request to erasure, we will provide you with information regarding our ground(s) for such refusal.
Your right to restrict processing
You have the right to obtain restriction of the processing of your personal data under certain circumstances listed in the GDPR.
The right to data portability
Where we process your personal data by automated means with your consent as the legal basis or for the performance of a contract, you have the right to receive the personal data that you have provided to us in a structured, commonly-used and machine-readable format (data portability).
The right to object
If you object to our processing of your personal data (including profiling) based on the purpose of our legitimate purposes, we will cease the processing unless we can demonstrate compelling legitimate grounds. We may also continue with the processing activity if it is necessary for the establishment, exercise or defense of legal claims. If our purpose for the processing is direct marketing, we will immediately cease with such processing upon receiving a request to objection from you, per above.
If you want to review, verify or correct your personal data, request erasure of your personal data or object to the processing of your personal data, please send an email to info@schainresearch.com.
Data protection queries
We have appointed a Data Protection Officer [DPO] to oversee compliance with this privacy notice. If you have any questions about how we handle your personal data, please contact Christina Jones at christina@schainresearch.com.
You have the right to make a complaint at any time to Datainspektionen, the Swedish supervisory authority for data protection issues.