Privacy Policy

 

2022-05-06

About Promimic AB and this privacy policy

Promimic AB, Reg. No. 556657-7754, Promimic AB, with registered address at AZ BioVentureHub, HB4, c/o AstraZeneca R&D Mölndal, 431 83 Mölndal, Sweden (“Promimic” or “we”) operates in the field of surface modification of dental and orthopaedic implants and has developed a nanotechnology with which unique bioactive surfaces on any implant can be created.

As part of our business, Promimic processes personal data for which Promimic is the data controller. This means that Promimic is responsible for ensuring that the processing of personal data is carried out in accordance with applicable law and this privacy policy. We take all necessary measures to make sure that your personal data are being processed by us in a lawful, fair and transparent manner.

It is important to us that you feel comfortable with how we process your personal data. This privacy policy covers all necessary information about our personal data processing and it is important that you read and understand this privacy policy before you use any of our services. You should not use any of our services if you do not approve of this privacy policy. Should you have any questions regarding our processing of your personal data, please contact us by using the contact details below.

Please note that our website may contain links to websites provided by third parties. These websites have their own privacy policies and Promimic is not responsible for their business or their information policies. We recommend users who submit information to or through these third-party websites to review the privacy policies on these websites before submitting any personal data to them.

For the collection, administration and retention of information collected via cookies, please refer to the “Cookies” section below.

What personal data do we collect and where from?

The types of personal data that we collect may, depending on the context, include:

  • name and contact information including address, mobile number and e-mail address;
  • job applications, including cover letters, resumé, photos and any personal data provided by you in your application (as applicable);
  • delivery and billing information, payment information and other information that you provide in connection with the purchase or delivery of a product or service;
  • other information that is relevant for customer surveys, advertisement/marketing or offers; and/or
  • IP address.

We may collect your personal data from the following sources:

  • when you contact us by e-mail or phone;
  • Promimic’s website, e.g. when you submit a job application or accept cookies;
  • by way of agreement, invoice or other business contact, if you are a customer or a contact person for any of our business partners; and/or
  • from third parties in the form of group companies, public records, or any of our business partners.
Why do we process your personal data?

Promimic may use your personal data for the following purposes and based on the following legal grounds:

  • Performance of a contract: For the handling and administration of purchases, deliveries of products and performances of services, to make payments, for recruitment processes, and to provide customer support.
  • Compliance with a legal obligation
    – We save invoice documentation and recruitment documentation in accordance with applicable accounting laws and regulations.
    – We process personal data when carrying out certain mandatory risk, security and anti-fraud controls.
  • Legitimate interests
    – Communication: In order for us to be able to communicate with you by e-mail (or other communication tools), and to handle any business transaction made by a business contact on behalf of a company, we process the contact person’s personal data.
    – For marketing purposes: In order for us to market our service in the best possible way we might need to use your data.
    – Product development: In order for us to optimise our product development and be able to build a fantastic product loved by our users, we might need to process parts of your data.
  • Consent
    – To provide you with direct marketing and to perform customer surveys.
Retention of personal data

Promimic takes all reasonable steps to ensure that your personal data is processed and stored securely. Your personal data will not be stored longer than permitted by applicable law or longer than necessary to fulfil the above stated purposes. Your personal data will be processed by us during the following time periods, after which they will be deleted:

  • Contact person for a company: Your personal data are saved for as long as you are an appointed contact person for a company doing business with Promimic.
  • Performance of a contract: Personal data (name, address, telephone number, e-mail, billing and delivery information) which is submitted to Promimic in connection with the order of products or services are stored for as long as necessary in order for Promimic’s performance of the agreement with you. This includes, inter alia, fulfilling delivery or warranty commitments.
  • Communication: If you are in contact with Promimic by, for example, e-mail your personal data are saved for as long as it is necessary for us to answer your question and complete any follow-up inquiries.
  • Job applicants: Promimic saves your application documentation, including your resumé, cover letter and photo, as applicable, during the recruitment process and for a following period of two years, in order for us to defend potential legal claims.
  • Legal obligation: Promimic saves any documentation that constitutes accounting information in accordance with applicable accounting legislation.
  • Consent: In the event that we process your personal data based on your consent, we only save your personal data for as long as we still have your consent.
  • Direct marketing: We may process your personal data for direct marketing purposes for as long as two years after the customer relationship has ended, unless you object to your personal data being used for direct marketing purposes.
Transfer of personal data

Promimic only transfers personal data as described below. We always observe great caution when transferring your personal data and your personal data is only transferred in accordance with this privacy policy and after taking appropriate security measures. We do not sell personal data to third parties. Promimic may transfer your personal data in the following situations:

  • Group companies: Promimic may transfer your personal data to our subsidiary for the purpose of improving products and services, for marketing purposes and in order to follow up and ensure a high quality in the business.
  • Business partners which are not group companies: Our business partners will get access to your personal data to the extent necessary for them to fulfill their obligations relating to your purchase. We will clearly state when one of our business partners is involved in your purchase.
  • Business transactions: If all or part of Promimic’s operations is sold or integrated with any other business, operation or company, your personal data may be disclosed to our advisors, potential buyers and their advisors, and be transferred to the new owners of the operation.
  • Third-party service providers: Some companies provide services on our behalf. These services include, inter alia, distribution, credit reports and delivery of products. These companies will get access to your personal data to the extent necessary for them to fulfill their obligations, but they may not use or share the information for any other purposes.
  • Legal obligations: Your personal data may also be disclosed for the purpose of Promimic’s compliance with certain legal obligations and it may be transferred to the police and other relevant public authorities when permitted and required by law.

Under certain circumstances, personal data may be transferred to countries outside of the EU/EEA, for example to the USA, where Promimic has a subsidiary, or to service providers established in a third country. When such transfers are carried out, Promimic takes all appropriate measures to ensure that your personal data is adequately protected and that all processing is performed in accordance with this privacy policy. You can always be confident that all transfers of your personal data to countries outside of the EU/EEA are carried out in compliance with applicable data protection laws, as Promimic will ensure that at least one of the following conditions are fulfilled in relation to each of those transfers:

  • the receiving country ensures an adequate level of protection, in accordance with Article 45 of Regulation (EU) 2016/679;
  • Promimic has collected your consent prior to the transfer;
  • an agreement including certain standard contractual clauses issued by the European Commission (e.g. (EU) 2021/914) have been entered into between Promimic and the recipient, without any conflicting changes or amendments; or
  • the recipient has adopted binding corporate rules for the processing which have been approved by the relevant supervisory authority and the recipient of the personal data in the third country is bound by these rules.

You have the right to obtain a copy of the safeguards that we use when transferring personal data to a country outside of the EU/EEA by contacting Promimic.

Joint controllers

Promimic and Promimic Inc. are joint controllers for the processing that takes place in the companies’ mutual CRM system. The parties share personal data with one another in order to, inter alia, improve products and services, for marketing purposes and in order to follow up and ensure a high quality in the business. The legal basis for this processing is legitimate interest and the purposes for the processing are as follow:

–  Your name and contact information, including address, mobile number and e-mail address are processed for marketing purposes; and
– Your name, contact information, purchase history and information that you provide in connection with the purchase or delivery of a product or service is processed in order to follow up, improve the products and the business, and to ensure high quality.

Cookies

Promimic uses cookies on its website. A cookie is a small text file sent from a website to your web browser, and stored on your device’s hard drive, when you visit a website that uses cookies.

Cookies are widely used both in order for websites to function and in order to improve your user experience, by personalising content and relevant advertising. As owners of the website, Promimic receives information collected from the cookies. Promimic uses cookies. These are cookies without which our website would not function. For these cookies, no consent is needed seeing as these are necessary. Promimic does use cookies for e.g. marketing or statistical purposes. Promimic does not sell any information generated from the information collected through the use of cookies but may share it with third parties if necessary.

There are different types of cookies, which can be categorised both based on their origin and based on how long they are stored on your device. In relation to how long cookies will remain on your device, Promimic only uses session cookies. A session cookie is sent to your device so that the webpages can function properly during your visit and is not stored on your device; it is erased when you close down your web browser.

Your rights

Under applicable law, you have certain rights towards parties that process personal data, such as Promimic. In this section, we describe your rights and what they mean for you in respect to the personal data that we process. If you want to read more about what the Swedish Data Protection Authority (Sw. Integritetsskyddsmyndigheten) writes about these rights, we have added links to relevant sites on their website, under each section below.

If you have any questions or wish to know more, you are welcome to contact us on the contact details specified at the end of this privacy policy.

Right to information and access

In this privacy policy, we describe what personal data that are processed by us in different situations, however, if you want to know more about whether or not we process your personal data, and if so, to what extent, you have the right to receive such information. You can contact us on the below contact details and request information about what personal data that we process.

If you want to read more about the right to information, please see the relevant sections here.

We can also provide you with a copy of the personal data that we process. Such copy of personal data includes information about e.g. what categories of personal data that we process, what the personal data are used for, how long the personal data are stored, with whom the personal data are shared and from where the personal data have been obtained.

If you want to read more about the right to access, please see the relevant sections here.

Right to rectification

We strive towards ensuring that the personal data we process about you are correct, and we update the personal data when required. However, if you note that we process incorrect personal data about you, you can contact us on the below contact details to update your personal data.

You also have the right to request that we add personal data that is missing about you, if this is relevant based on the purpose(s) for which your personal data are processed. You may then provide additional information to ensure that such personal data are added.

If you want to read more about the right to rectification, please read the relevant section here.

Right to erasure (right to be forgotten)

You have the right to request that the personal data we process about you are deleted. However, this right is limited; in order for us to erase the personal data we process about you, certain conditions must be fulfilled. You may, for example, have the right to have personal data deleted if the data are no longer necessary for the purposes for which they were collected, or if you revoke your consent, or if you object against us using your personal data for marketing purposes.

The right to erasure is, however, limited as an exception may be applicable on the personal data in question. We may, for example, retain your personal data if it is required in order to establish, bring or defend ourselves against legal claims.

If you want to read more about the right to erasure, please read the relevant section here.

Right to object

You always have the right to object against our processing of your personal data, if the legal basis for our processing (see the “Why do we process your personal data?” section above) is that the processing is necessary for purposes in relation to our legitimate interest, including profiling.

If you object against the processing we carry out of your personal data, we do not have the right to process your personal data unless we can prove that we have a legitimate interest for the processing, that outweighs your interests, rights and freedoms, or if the processing is required for the purpose of determining, exercising or defending ourselves against legal claims. If we consider that we have such legitimate interests, or if the personal data is required for the purpose of determining, exercising or defending ourselves against a legal claim, we will inform you about this and the reasons for our assessment.

You may also object against the processing of your personal data for marketing purposes (including profiling, if such processing takes place). If you do this, we will cease to process your personal data for these purposes.

If you want to read more about the right to objection, please read the relevant section here.

Right to limit the processing of your personal data

You may demand that the processing of your personal data is limited, e.g. if you think that the personal data we process about you is incorrect or unlawful, or during the time when we assess if our legitimate interests outweigh your privacy interests (when you have objected against our processing of your personal data).

If you want to read more about the right to limitation, please read the relevant section here.

Right to transfer personal data (data portability)

You have the right to request that your personal data that you have provided us with be transmitted in an electronic format (if the legal basis for our processing is your consent or the fulfilment of a contract) and in a structured, commonly used and machine-readable format. This does, however, presuppose that the processing that is carried out is automatic (i.e. not in physical form, on paper). If IT allows for it, and if you request it, we can transfer your personal data to another controller.

If you want to read more about the right to transfer personal data (data portability), please read the relevant section here.

Right to withdraw your consent

In the event that we process your personal data based on your consent as our legal ground, you have the right to withdraw your consent at any time. You may withdraw your consent by contacting us on the contact details provided below. Such withdrawal may be made in whole or in part. The withdrawal of consent will take effect from the time of your withdrawal (i.e. the processing that we have done before you revoked your consent is not affected). If you do not wish to receive marketing and offers from us, you can unsubscribe by clicking on the link in the relevant email. Please note that if you withdraw your consent, you may not be able to use parts or all of our services.

Right to complain

You may file a complaint with the Swedish Data Protection Authority (Sw. Integritetsskyddsmyndigheten), or another relevant supervisory authority, if you believe that our processing of your personal data is not carried out in accordance with applicable laws.

If you want to read more about the right to complain, please read the relevant section here.

You have may to identify yourself

Please note that in order to protect your integrity, we may, if needed, require that you identify yourself in connection with our assistance.

Changes to the privacy policy

Please note that the terms of the privacy policy may be changed or amended. Any new version will be published on Promimic’s website. Consequently, you should review these terms on a regular basis to make sure that you are satisfied with the changes. In case of any material changes we will, however, e-mail you, if you have given us your e-mail address, to make you aware of any changes made.

Contact us

If you have any questions related to this privacy policy, if you suspect that a breach of this privacy policy has occurred, or if you would like to contact us for any reason stated in this privacy policy, please contact us using the contact details provided below.

Contact information for personal data controller:

Name: Magnus Larsson
Phone: +46 709-776477
E-mail: magnus.larsson@promimic.com

Promimic AB
Promimic AB
AZ BioVentureHub, HB4
c/o AstraZeneca R&D Mölndal
431 83 Mölndal
info@promimic.com