- Byggnet takes protection of personal data and integrity seriously and endeavors to offer digital services and products which do not place the integrity of our visitors, customers and users at risk.
- The Policy also describes your rights against us and how you may invoke these rights. You are always welcome to contact us in the event of questions regarding integrity and data protection via an e-mail sent to us on the address set out in section 11 below.
- Through visiting our website, you accept the Policy and our processing of your personal data. You also approve that Byggnet may use electronic communication channels in order to submit information to you. It is important that you read and understand this Policy prior to any use of our services.
- We reserve the right to make changes in the Policy. If we make significant changes, we will notify you via the Services or in any other manner, thus enabling you to review the changes prior to them taking effect. In the event that you do not approve of the changes, you may terminate your account. Your continued use of the Services after we have published or notified you of the changes to this Policy means that you understand and accept the updated Policy.
Our services in general
- Byggnet provides, through the Services, a cloud based digital information handling system. The various functionalities contained in the Services enable the participants within a certain project (”Project”), through the Platform, to upload, organize, modify, process, distribute and store documents and other work material which concerns building projects; for instance drawings, project correspondence, etc. For further information on the various functionalities pertaining to the Services, please refer to www.byggnet.com.
- WHO IS THE DATA CONTROLLER WITH RESPECT TO YOUR PERSONAL DATA?
- Byggnet makes a distinction between information related to the user account and information which is uploaded, organized, modified, processed, distributed or stored in the Services by the users and the customers.
- Concerning information on the user account, e.g. e-mail address, name, mail address, telephone number, purchase- and payment information, account details, etc., our customer service and other support personnel has access to such information via administration interfaces. The Swedish company Byggnet Sverige AB (Reg. No. 559291-4112), P. O. Box 11093, SE-161 11 Bromma, Sweden, is the data controller for this personal data in accordance with applicable data protection regulations.
- Concerning information which has been uploaded, organized, modified, processed, distributed or stored in the Services by the customers or the users, only a few support personnel, in rare cases, and according to customers specific instructions, are entitled to enter the customer’s and user’s account. The Swedish company Byggnet Sverige AB (Reg. No.: 559291-4112), P.O. Box 11093, SE- 161 11 Bromma, Sweden, is a data processor in relation to this information. We are responsible for this personal data in our capacity as data processor in accordance with applicable data protection legislation and the customer´s instructions to us concerning processing of personal data (as applicable).
- WHAT PERSONAL DATA DO WE COLLECT FROM YOU?
Collection of personal data from customers and users – General
- We may collect personal data concerning our customers and users of Services in several ways. Personal data means any information relating to an identified or identifiable natural person.
- We kindly ask you as customer or user to exercise due care when submitting information to us, in particular in connection with free text boxes on our website or in the Services. Certain of our services and products are automated and are therefore not capable of recognizing mistakes regarding erroneous or sensitive personal data.
Information provided by our users and customers
- Customers and users may at any time be required to submit personal data to Byggnet when in contact with us or using our services and products. For example:
- When you create a user profile and account in the Services, buy our services and products, register news or product information or download information, updates and other material; we may request that you provide various types of personal data, such as name, mail-, delivery- and invoicing address, e-mail address, mobile- or other telephone number, fax number, employer-, purchase- and payment information, user name and password.
- When you make a return, file a complaint or otherwise contact our customer service or support personnel (including online blog and online chat application) for various matters, we may request personal data such as customer information, contact information, product information, bank- and payment details, employer- and IT equipment information as well as information on hardware, IP addresses, geographic information, language skills, reason for contacting us; information which we provide you in connection with your contact with us.
- When you contact us or provide your personal data in order to participate in our activities, to receive marketing materials and advertisements and information about our services and products, we may ask you to provide personal data; such as name, mailing address, e-mail address, mobile- or other telephone number.
- Certain of our online services, the website and online-activated services collect and provide us with information about our visitors, such as:
- Details concerning the online content which is displayed or integrated with our Platform or website, for example information concerning your web browser, the websites you visit and choice of objects and which objects the user “clicks”.
- Service- or server logs, storage information about your use of the Services, such as IP address, web browser information (including http user agent strings), HTTP-client request information and time and place for your activities, domains, units and program settings, fault and hardware activity.
- Information about your hardware´s physical location, geo localization services and applications, browser settings or other internet activation services or other information which our support administration needs in order to assist customers and users in connection with detection of defects.
- Our services are dynamic and we continually launch new functions, which may result in collection of new information concerning customers and users. When we collect new personal data, we will notify the customer or the user and, where relevant, also update this Policy.
Information received by us in our capacity as processor of personal data
- Our processing of personal data under the agreements with our customers are governed by personal data processing agreements in order to safeguard integrity and to comply with applicable legislation. The data processing agreement is an integrated part of Byggnet´s general terms and conditions with the customer.
- An employer (or other natural or legal person which purchases Services for utilization by the users), may provide personal data to us concerning users as employees, project participants or subcontractors utilizing the Services. As a consequence, we may access information concerning, inter alia, user name, area of work, project role, area of responsibility, title and the IP address from which the user is expected to use the service. In relation to this information, Byggnet acts in its capacity as processor of personal data and processes the information solely in accordance with the employer´s specific instructions and with the purpose of providing our service and products according to the customer agreement.
- During utilization of the Services, our customers and users will continually upload, organize, modify, process, distribute and store information under each Project in the Services. In relation to this information and materials Byggnet is solely a processor of personal data and will process personal data in accordance with the customer´s or user´s specific instructions. The scope of personal data which can be stored in the Services may vary depending on the case and customer.
- The users have control over and have several options connected to this personal data. The customer´s administrator, employer or project leader may for example give users access to or deny access to the Services through changing the user´s settings, direct/re-direct rights, export data and create new users for the account and share documents.
- For additional information concerning personal data which the customer (controller of personal data) or user (e.g. employer or project leader) process in our Services, please contact the customer or user in question. For questions regarding who is controller of data for specific personal data, the customer or user may contact us at the address set out in section 11, below.
- As regards questions and/or to invoke the user´s rights concerning personal data processed by us in our capacity as data processor, we kindly refer to the company which has entered into the customer agreement with Byggnet, i.e. the company or employer which has given you access to the Services.
- HOW DO WE USE YOUR PERSONAL DATA?
- Our use of customers´ and users´ personal data will depend on the Services utilized by them and how these Services are utilized. We use information about customers and users in order to provide, maintain and adapt the Services and to make them available in a relevant and user-friendly manner for the customers and the users.
- More specifically we collect and use personal data for the following purposes:
- We use your log in details in order to verify your identity and to provide access to the Services.
- There are options for individual adjustment with respect to our subscription and Services in order to assist the users to plan and lead construction projects effectively; including uploading, organizing, modifying, processing, distributing and storing information and materials concerning various Projects.
- We use personal data for the purpose of processing the customer´s and user´s orders via our online service for printing of, for example, drawings or other digital material.
- We may communicate with you, e.g. concerning the available supply services, security and other similar communication with respect to the Services or the Platform and your use of our services and products. This may relate to information on how the Services may be utilized by you, updates and reminders. You can always change your communication settings. However, please note that you may not opt out from our service messages, including messages involving information on security, technical operations or legal or regulatory issues.
- We utilize personal data concerning customers and users in order to send out invitations and to communicate concerning our services and products, with the purpose of enhancing them. Information regarding the availability of services or content in the Services which the customer or user has access to, will be sent out when relevant for the customer´s or user´s utilization of our services and products.
- We use data (which may include your communication with us) which is necessary in order to respond to and handle complaints, notices for default and service problems (e.g. defects).
- Our Services are constantly under development in order to offer competitive solutions for customers and users. Consequently, we may from time to time conduct various customer- or user surveys. We, or companies engaged by us, may therefore use personal data in order to communicate with customers and users and perform surveys with respect to our services and products.
- If customers or users complete a contract- or web form with name, e-mail address, telephone number, preferences, etc., then we will use this data in order to respond to questions, send information or perform other tasks which we are asked to perform.
- We use customer- and user information in order to produce aggregated data sets, where it is no longer possible to identify the customer or user. We may for example use information to generate statistical information about our users or customers, their occupation, field of business, marketing materials delivered or clicked on, or to produce a demographic analysis of visitors on our website.
- We use data (including communication with us) when considered necessary for security reasons or to investigate potential fraud or other violation of our user terms, terms and conditions, our applicable instructions, policies, guidelines and standards.
- With respect to information which we process in our capacity as processor of personal data, the purpose and means of the processing is determined by the controller of personal data (customer, project leader, employer). Kindly refer to the respective data controller for more information on how the user´s personal data is processed in and with respect to our Services.
- ON WHAT GROUNDS DO WE COLLECT DATA FROM YOU?
- Our collection and processing of the customers´ and users´ personal data is a pre-requisite in order for us to market, inform, provide and develop the Services or to enable the users to participate and to access the information they need in order to fulfil their duties in a Project in accordance with the customers´ requests, as well as to test the Services.
- Byggnet has deemed that processing of personal data according to this Policy is necessary in order for:
- Byggnet to fulfil its contract obligations with customers and users – Article 6.1(b) in the General Data Protection Regulation (EU) 2016/679).
- Byggnet to fulfil its legal obligations according to law, regulation or any decision or decree rendered by virtue of law (e.g. the Swedish Accounting Act (Sw: “bokföringslagen”, etc.) – Article 6.1(c) in the General Data Protection Regulation (EU) 2016/679).
- Byggnet has a legitimate interest to process customers´, visitors´ and users´ personal data in connection with marketing campaigns, supply of product information, handling of customer service tasks and general inquiries concerning the Services and the Platform, IT- and information security, etc. It is our assessment that our interests to process your personal data are under these circumstances not overridden by the interests from customers and users for non-processing of their personal data – Article 6(1)(f) in the General Data Protection Regulation (EU) 2016/679.
- For more specific information regarding performed interest balance assessments and risk and consequence analyses regarding our processing of customers´ and users´ personal data, please contact us at the address set out in section 11, below.
- WHO HAS ACCESS TO YOUR PERSONAL DATA?
- The user profiles in the Services are partly searchable and visible for project participants, employers or project leaders; e.g. user name, title, field of responsibility and role within a Project. Given the fact that the Services concern a system for information handling, it is inherent that users may be invited by other users and that these may jointly upload, organize, modify, process, distribute and store documents and other work materials which the project participants shall be able to access, e.g. drawings, project correspondence, etc.
- We will not forward, sell or trade your personal data to third parties for marketing purposes or any purpose which is inconsistent with the intended use of the Services. Data which is forwarded to third parties will only be used in order for us to provide the Services or in order for the users to utilize the functions of the Services.
- We may need to share personal data when required under applicable law, court proceedings or other legal proceedings or if we reasonably deem that it is necessary to disclose the information in order to (1) investigate, prevent or take measures upon suspicion or actual detection of illegal activities or in order to aid public authorities; (2) fulfil our agreements with customers and users; (3) protect the security of the Services and/or the integrity. We will notify our customers and users with respect to grounds for sharing such data to the extent that we are not legally prohibited from doing so.
- We use suppliers in order to maintain our systems, data analyses, accounting, payments, fraud prevention, marketing and development. These suppliers may be given access to customers´ and users´ personal data insofar as necessary for them to perform their assignments on our behalf. They are obliged not to disclose or use the information for any other purpose.
- If your personal data is transferred internationally, including to countries which are not regarded to have an adequate level of security for the protection of personal data, we will see to it that such a level is obtained through ensuring that the recipients adhere to harmonized binding contract obligations in accordance with applicable standards or through applying other security mechanisms.
- We may also share personal data as part of a sale, merger or ownership change or during preparations for such change. A company which acquires us, or part of our business, is entitled to continue to use this personal data, however always only in a manner which complies with this Policy, unless the customer or the user is otherwise informed.
- Our website may contain links to and from our partners´ and advertisers´ websites. If you follow such link, please be advised that our partners´ at all times applicable privacy policies will be applicable, and that we are not responsible for them.
- HOW LONG DO WE STORE YOUR PERSONAL DATA AND WHERE DO WE STORE IT?
- We will only store your personal data for as long as it is necessary for us in order to provide the Services or to fulfil our obligations to our customers and users. We will however not store our customers ´and users´ personal data for a longer period than necessary, taken into account the purpose for which they were collected.
- We maintain customers´ and users´ personal data after they have terminated their accounts if it is necessary in order to fulfil our legal obligations (including requests from authorities), comply with laws and regulations, establish, invoke or defend legal claims, maintain security, prevent fraud and abuse, fulfil our user agreements or, as per their request, to continue communication with them.
- The information collected by us is stored on our servers in Kista, Sweden. Please note that our suppliers may have access to customers´ and users´ personal data in accordance with this Policy, which means that personal data may be transferred and processed in a country outside the EU/ EEA. All such transfer of personal data will be made in accordance with applicable legislation.
- WHAT ARE YOUR RIGHTS?
- With respect to personal data for which Byggnet is the data controller, the customers and users are hereby advised of the following rights:
- Right to access of its personal data; which means that they are entitled to confirmation on whether personal data concerning them is processed and, if so, also to have access to this personal data (extract from register) and certain other information regarding the processing.
- In certain cases, a right to access its personal data in a structured, available and machine readable format and without hindrance be able to order the data to be transferred from Byggnet to another controller of data (so-called data portability).
- Right to correction of its personal data in the event that it is erroneous or incomplete. In certain cases, they are entitled to object to Byggnet´s processing of the personal data and to request correction or deletion of the personal data.
- As the case may be, if they have given consent to certain processing of personal data, they are always entitled to withdraw such consent.
- When processing is made pursuant to and based upon a balance of interest (please see section 5.2 (c), above), they are entitled to make objections regarding the processing at any time.
- Right to object to processing of personal data for direct marketing purposes at any time, following which the personal data will no longer be used for such purposes.
- Right to have its data limited if they object to the correctness of the data or if they have objected to the processing as per the above, in both cases during the time for Byggnet´s review of their request and investigation of the matter.
- Right to file a complaint at any time regarding Byggnet´s processing of personal data or utilization of their rights to the relevant supervisory authority (i.e. Sw.: Datainspektionen).
- Customers and users who wish to invoke their rights are kindly requested to contact Byggnet with such request (please see section 11, below, for contact details).
- With respect to personal data for which Byggnet is the data controller, the customers and users are hereby advised of the following rights:
- SECURITY INFORMATION
- Byggnet has implemented technical and organizational security measures which are aimed to protect personal data from unintentional or unlawful destruction, loss or deterioration. These measures also protect the customers´ and users´ personal data from unauthorized distribution, disclosure, abuse and other processing which contravenes applicable law.
- We regularly monitor our systems in order to identify possible vulnerability and potential attacks. We can however not guarantee the security for information which customers and users submit to us or information which is uploaded, organized, modified, processed, distributed and stored within a Project. There is no guarantee for the protection from unauthorized access or disclosure, change or destruction of personal data despite our physical, technical and administrative security measures.
- For more information regarding our security, please refer to operation and security.. You are kindly welcome to contact us in the event of questions concerning security.
- CONTACT DETAILS – BYGGNET SVERIGE AB
In the event of questions, comments or complaints regarding this Policy or regarding our work with data protection or our IT- and information security, please contact us as: Byggnet Sverige AB
(Reg. No. 559291-4112)
F.A.O.: Integrity Byggnet
P.O. Box 110 93