Privacy

Notice

Centiro cares about your privacy and protecting the personal data processed by us. All personal data is processed in accordance with applicable data protection legislation.

In this notice we describe how we collect, process, and share personal data. We also provide information about the rights of data subjects in relation to us as controller as well as our contact details.

WHAT PERSONAL DATA
DO WE PROCESS?

We collect the personal data provided directly by you to us on our website, by your acceptance of cookies or by e-mail. We may also supplement the personal data provided by obtaining information from private and public records and sources.

The personal data we process may consist of contact details (e.g. name, title, work address, telephone number, and e-mail address), tracking cookie data (user activity details). In relation to our events, we may collect and process personal data in the form of photos or video recordings. Prior to and during an event, we may also process sensitive personal data (special categories of personal data) regarding food allergies or special food requests if such information has been provided by you.

Where free text fields are available, including e-mails, additional personal data may be processed, if you have provided personal data in them.

WHAT ARE THE PURPOSES OF OUR
PROCESSING OF PERSONAL DATA?

We process the personal data provided so we can fulfil our obligations and commitments for administration, documentation, and communication purposes. We may also use personal data as a basis for our market and customer analyses, as well as for statistical purposes. In some cases, we may also want to use the personal data for marketing purposes, providing information about Centiro’s products and services, or to inform you about prior and future Centiro news and events.

Accepted cookies are used to collect information about how you interact with us and allow us to remember you. We use this information to improve and customize your browsing experience and for analytics and metrics about our visitors both on our website and other media. Via the cookies, the data will be processed without linking to you as a person, until you have submitted your contact details. As a registered contact your cookie data may be mapped, combined and associated with your other personal data for the purposes defined in this privacy notice.

Special categories of personal data (special food or allergies) will only be processed, subject to your consent, for administration of the event for which the information has been collected.

WHAT IS THE LEGAL BASIS
FOR OUR PROCESSING?

Our processing of personal data is normally based on a balancing of interests. This entails that we consider it necessary to process the personal data for the purposes of administrating an event, request, communication, or application and that these outweigh any opposing interests or fundamental rights and freedoms.

When we process personal data to analyze and develop our business, processing is based on our legitimate interest in improving our business and for communication.

When personal data is processed for marketing purposes, it will be based on balancing of interests or, where applicable, on your prior consent. In either case, you will always have the right to opt out either by withdrawing your consent or by using the opt-out link provided in the marketing e-mail, as applicable.

Processing of non-essential cookie data is based on your consent.

Special categories of personal data (special food or allergies) will be processed based on your consent, given by you when providing the information to us in relation to a particular event, if applicable. You are never required to provide us with information on special categories of data and you are most welcome to attend any event without providing such information. In such case, we may however not be able to ensure that we can fulfil your requests or avoid any allergies in foods or drinks which may be served in relation to the event.

WHO HAS ACCESS TO THE PERSONAL
DATA THAT WE PROCESS?

We employ appropriate technical and organizational security measures to help protect the personal data we process from loss and to guard against access from unauthorized persons, for example.

Personal data may be shared with Centiro’s international affiliates. Centiro will not disclose personal data to anyone outside Centiro, except where

(i) it has been agreed between us and the person whose personal data we process;

(ii) if we engage an external service provider or business partner who performs services on our behalf. Such service providers and business partners may only process personal data in accordance with our instructions and may not use personal data for their own purposes; or

(iii) we may be required to disclose your personal information in response to valid requests by public authorities, including to meet national security or law enforcement requirements.

HOW LONG WILL WE KEEP
PERSONAL DATA?

We do not save the personal data longer than necessary given the purpose of the processing, unless otherwise required or permitted by law.

Personal data provided by you on our website will be processed before and during performance of the service, event, commitment, or request and is subsequently keep for a period necessary for the purpose of processing, as otherwise separately agreed or informed, or for a longer period as required by the nature of the assignment or commitment. Photo and video recordings will be kept for as long as relevant for the purposes set out above or as agreed or informed in relation to the specific event, unless otherwise separately agreed or informed in relation to the applicable event.

Functional, necessary cookies will be kept for a maximum lifetime of two years. Non-essential cookies, processed subject to your consent, will be kept for a maximum lifetime of thirteen months.

Special categories of personal data (information on special food or allergies) will be deleted immediately after the event.

WHAT ARE THE RIGHTS
OF THE DATA SUBJECT?

Centiro Solutions AB, Reg. No. 556396-8063, at the registered address Vevgatan 6, 504 64 Borås, Sweden, is the controller of the personal data processing as described above. This means that we are responsible for ensuring that the personal data is processed correctly and in accordance with applicable data protection laws.

Data subjects have the right to know what personal data we process about them. A data subject also has the right to request that we rectify or erase inaccurate or incomplete personal data about them (e.g. if the personal data is no longer needed for the purpose or if the consent is withdrawn). Data subjects are also entitled to object to specific processing of personal data and request that processing of personal data be restricted. Finally, data subjects have the right to receive personal data provided by themselves in machine-readable format and have the data transferred to another party responsible for data processing. Please be informed that restriction or erasure of personal data may mean that we are unable to meet our commitments.

Where the processing is based on your consent you always have the right to withdraw your consent at any time by sending a request to Centiro’s Data Protection Officer (see contact details below).Anyone who is dissatisfied with how we process their personal data is entitled to report this to the Swedish Data Inspection Board (Sw. Datainspektionen),which is the supervisory authority for our processing of personal data. The individual has the possibility under certain conditions to invoke binding arbitration.

If you have any questions or complaints about how we process your personal data or wish to exercise any of your rights set out above, you are welcome to contact us by e-mail at centiroprivacy@centiro.com or by regular mail to the address below.

Centiro has appointed a Data Protection Officer (DPO) who you can contact in relation to any questions or requests you may have.

HOW IS DATA TRANSFERRED
CROSS-BORDERS?

Transfers of data outside the EU/EEA, for example to Centiro affiliates, are made in accordance with applicable data protection laws and for the purposes specified above. Transfers of this type are based on the EU Commission’s standard contractual clauses and additional security measures, as applicable.

In addition to other measures as described above, although no longer valid as a legal ground for transfer of personal data to the US, Centiro has decided to continue complying with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States as per Centiro Privacy Shield Policy. Centiro has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in Centiro Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.

Centiro commits to comply with the Privacy Shield Principles with respect to the personal data received from our customers and their users in the EEA in connection with the use of the Software as a Service (SaaS) delivery within Centiro, as well as expert services including consultant and support services. We ensure these individuals the right to access their personal data as well as the means to limit the use and disclosure of it. We are subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC) and assume liability in cases of onward transfers to third parties.

To learn more about the Privacy Shield program, and to view our certification, please visit The Privacy Shield. Centiro has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) with regard to unresolved Privacy Shield complaints concerning data transferred from the EU.

In compliance with the Privacy Shield principles, Centiro commits to resolve complaints about our collection or use of your personal information. EU individuals that want to access the Centiro Privacy Shield Policy in its entirety or have inquiries or complaints regarding our Privacy Shield policy should contact Centiro at the contact details set out below.


CONTACT DETAILS                                  

CONTROLLER:
Centiro Solutions AB (556396-8063)
Vevgatan 6
504 64 Borås
+46 33 290 390

DPO:
Henrik Rydell
centiroprivacy@centiro.com

PRIVACY SHIELD CONTACT
INFORMATION

If you have any questions or comments regarding our Privacy Shield policy or if you need to update, change, or remove your information, contact us on centiroprivacy@centiro.com or by regular mail to:

Centiro Solutions Inc.
Attn: Privacy
CIC Boston
50 Milk Street, 16th Floor
Boston
Massachusetts 02109
USA

For additional information visit our Compliance Page.

It looks like you may be using a web browser version that is out of date.
For more security, speed and full experience on this site, please update your browser below.