How we handle covid-19

Hemfrid's Privacy Policy

1. INTRODUCTION

Hemfrid AB (”__Hemfrid__”, ”__we__” or ”__us__”) process personal data about you who:

  • are a customer of Hemfrid,
  • are a contact person, or an employee, of a company which is a corporate customer of Hemfrid,
  • visit our web page, app or social media (digital channels),
  • come in contact with us in any other way, e.g. through our customer service, or
  • participate in market activities arranged by us (for example competitions or customer surveys).

This privacy policy explains how we process your personal data and your rights under the data protection legislation.

2. WHAT IS PERSONAL DATA AND WHAT IS PROCESSING OF PERSONAL DATA?

Personal data is any information that directly, or indirectly together with other information, can be linked to a living person. This means that a range of different types of information, such as name and contact details, IP addresses, purchase history and information related to a matter, is considered personal data.

Processing is any action taken with the personal data, e.g. collection, storing, modification, use for different purposes, altering or deletion of personal data.

3. WHAT CATEGORIES OF PERSONAL DATA, FOR WHAT PURPOSES AND ON WHAT LEGAL BASIS IS PERSONAL DATA PROCESSED?

3.1 You who are a customer of Hemfrid

If you are an existing customer of Hemfrid (as an private individual or as a contact person or employee of a company which is a corporate customer), we will process personal data which is necessary to administer our relationship with you, or to fulfil our agreement with you or your company. Personal data attributable to those closely related to you, such as your partner or children, may also be processed in connection with our provision of family services. Personal data may also be collected from, and shared with, our partners if you choose to sign a separate agreement regarding benefits and offerings from such partners.

Categories of personal data Purpose Legal basis
(i) Contact information: name, social security number, phone number and e-mail address.

(ii) Housing information: postal address, door code, key and access to the home.

(iii) Order- and deduction information: purchase and transaction history and payment information.

(iv) Login credentials: e-mail address and password.

(v) Demographic information: age, gender, civil status and education.

(vi) Sensitive personal data: health information and information regarding children (when ordering our childcare services).

(v) Invoicing information: invoicing instructions and information on invoices.
(i) To provide the services you have ordered and to administrate our agreement with you or your company

(ii) To communicate with you and administer the customer relationship (e.g. claims and RUT/ROT-deduction applications)

(iii) To send marketing to you, inter alia, through letter, e-mail and sms/mms. You can opt-out from further marketing by clicking on a link in each message sent through e-mail or sms/mms, or by contacting us via the contact details in section 8 below. Your personal data may also be analysed and grouped (so-called profiling) in order to provide you with relevant and customized information and marketing

(iv) Offer customer benefits in collaboration with our partners

(v) Obtain anonymized statistics over the usage of our services and to develop, test and improve our services, and

(vi) Fulfil legal obligations (e.g. accounting requirements) and to report criminal activity.
(i) Performance of an agreement: To fulfil our obligations in the agreement with you and to administer the agreement (e.g. handling claims)

(ii) Legal obligation: To fulfil our legal obligations, e.g. accounting and tax legislation.

(iii) Legitimate interest: we have a legitimate and compelling interest for processing your personal data, e.g. to provide you with marketing, to obtain statistics of over the usage of our services, and to communicate with you when it is not a direct result of our agreement. When personal data is processed regarding others than existing customers (e.g. relatives, partners or contact persons for corporate customers) this is done with the basis of a legitimate interest.

3.2 You who visit and use our digital channels

Whenever you visit/use our digital channels, we collect information that you choose to submit to us, e.g. name, e-mail address and phone number. We may also collect personal data through cookies. Hemfrid's use of cookies is described in our cookiepolicy.

Categories of personal data Purpose Legal basis
(i) Contact information: name, social security number, phone number and e-mail address

(ii) Surfing habits and visiting history: which pages you have visited on our (and others) website, and for how long

(iii) Demographic information: Age, gender, civil status, address and education

(iv) Login credentials: e-mail address and password

(v) Profiling- and movement patterns: choices and purchases made, number of clicks, location data, preferences, custom audience and profile

(vi) Technical data: technical equipment used, timestamps, metadata, cookie-ID and IP-address.
(i) To maintain, provide, test and improve our digital channels

(ii) To offer you support when facing a problem on our digital channels

(iii) To send marketing to you, inter alia, through letter, e-mail and sms/mms. You can opt-out from further marketing by clicking on a link in each message sent through e-mail or sms/mms, or by contacting us via the contact details in section 8 below.

(iii) To create reports, review the effect of marketing campaigns and create anonymized statistics regarding the usage of our digital channels

(iv) For management, development and testing of our IT systems in order to secure that our digital channels uphold high quality as well as identifying and preventing security attacks such as viruses

(v) To create customized target audiences in order to provide relevant and tailored offerings and advertisements to you on Hemfrid's, and our partners, digital channels.
(i) Performance of an agreement: To fulfil our obligations in the agreement with you, which you have entered in connection with orders on our digital channels, and to administer the agreement

(ii) Legitimate interest: we have a legitimate and compelling interest for processing your personal data, e.g. to provide you with marketing if you are an existing customer, review the effects of marketing campaigns, to obtain anonymized statistics, and to and manage, develop, test and improve our IT system.

(iii) Consent: we will only send electronic direct marketing to you who are not an existing customer of Hemfrid if you have consented to this in advance.

3.3 You who contact our customer service or otherwise come in contact with us

When you contact us, e.g. with queries to our customer service or when you otherwise contact us, e.g. in communication on social medias, we process the personal data that you choose to submit to us or which we collect about you e.g. in connection with administrating you customer service request.

Categories of personal data Purpose Legal basis
(i) Contact information: name, social security number, phone number and e-mail address

(ii) Customer service request: customer number, complaints, queries, information related to your housing, order information, RUT-deduction information, purchase- and transaction history, payment information, and other information which you choose to submit to us.
(i) To communicate with you and administer your request through our customer service, e-mail forms and our social media accounts

(ii) To analyse calls and chat conversations in order to improve our communication and for your and our security

(iii) To obtain anonymized statistics regarding the usage of Hemfrid's communication channels

(iv) To maintain, develop, test and improve Hemfrid's services and the technical platforms on which they are provided.
(i) Performance of an agreement: To fulfil our obligations in the agreement with you and to administer the agreement

(ii) Legitimate interest: we have a legitimate and compelling interest for processing your personal data, e.g. to communicate with you, provide you with marketing and information, analyse calls and use of our communication platforms, and to and manage, develop, test and improve Hemfrid's services and technical platforms.

3.4 You who participate in marketing activities

When you participate in marketing activities, e.g. contests, customer surveys, seminars, events and other marketing activities that we organize, we will process personal data that you choose to submit to us.

Categories of personal data Purpose Legal basis
(i) Contact information: name, social security number, phone number and e-mail address

(ii) Marketing activities: Information on your participation in the marketing activity, opinions, preferences and other information that you choose to submit in connection to the activity.
(i) To administer the marketing activity, including communicating the outcome of the activity and paying out eventual prizes

(ii) To inform about and invite you to new marketing activities

(iii) To send marketing to you, inter alia, through letter, e-mail and sms/mms. You can opt-out from further marketing by clicking on a link in each message sent through e-mail or sms/mms, or by contacting us via the contact details in section 8 below.

(iv) To obtain anonymized statistics from the activities in order to improve Hemfrid's services

(v) To maintain, develop, test and improve Hemfrid's services and the technical platforms on which they are provided
(i) Legitimate interest: we have a legitimate and compelling interest for processing your personal data, e.g. to administer the marketing activity you have chosen to participate in, to review the effects of marketing campaigns, to direct marketing to you who have participated in a marketing activity, to obtain anonymized statistics and to maintain, develop, test and improve Hemfrid's services and the technical platforms on which they are provided.

(ii) Consent: we will only send electronic direct marketing to you who are not an existing customer of Hemfrid if you have consented to this in advance.

4. ERASURE OF PERSONAL DATA

Your personal data is processed only as long as necessary in order to fulfil the purpose of the processing activity or to fulfil Hemfrid's legal obligations. Thereafter, your personal data is erased in accordance with our erasure policy. Please see examples of erasure periods below.

  • Customer's personal data is processed during the term of the agreement and 24 months thereafter.

  • Personal data that we obtain from partners is processed for as long as you use the offering and for a maximum of 12 months thereafter.

  • Information on RUT/ROT-deductions is processed for as long as there is a risk that the Tax Authority (Sw. Skatteverket) decision may be appealed or changed.

  • Personal data which is required to be saved according to the Accounting Act (Sw. bokföringslagen) will be saved for seven years, counted from the expiry of the calendar year in which the financial year to which the information was attributable expired.

  • Information on retention times for cookies can be found in our cookie policy.

5. SECURITY MEASURES FOR PROTECTION OF PERSONAL DATA

A high level of security for your personal data is of utmost importance to Hemfrid, and we have put in place appropriate technical and organizational security measures to protect your personal data from unauthorised access, modification, dissemination and destruction.

6. LIMITATIONS IN THE TRANSFER OF PERSONAL DATA

Hemfrid may engage external partners and supplier to perform services on behalf of Hemfrid, e.g. to provide IT services or assist in marketing, analysis or statistics. The performance of these services may entail such parties, both within and outside of the EU/EEA, obtaining access to your personal data.

If you choose to enter into a separate agreement regarding benefits and offerings from Hemfrid's partners, your personal data will be shared with these partners.

Companies which are processing personal data on behalf of Hemfrid are obliged to sign an agreement with Hemfrid in order to ensure a high level of protection of personal data. In relation to companies outside of the EU/EES, additional protective measures are undertaken, e.g.by signing an agreement which includes the European Commission's model clauses for data transfers, which can be found on the European Commission's website.

Hemfrid may transfer personal data to a third party, such as the police or other authority, in the course of an investigation or otherwise when obliged thereto by law or governmental decision.

7. RIGHT TO INFORMATION AND RIGHT TO COMPLAIN

You have certain rights in relation to Hemfrid. If you wish to exercise any of these rights, please contact us on the contact information provided in Section 8 below:

  • Right to access (register transcript) – a right to obtain confirmation and information of the processing of your personal data.

  • Right of rectification – a right to have your personal data corrected.

  • Right to object – a right to object against our processing if the legal ground for the processing is based on a balancing of interests or if it is used for direct marketing.

  • Right of erasure – a right to have your personal data erased. This right is limited to data that, by law, requires your consent to be processed, if you withdraw that consent and oppose the processing.

  • Right to restrict data processing – a right to demand that the processing of personal data is restricted, e.g. if you oppose the correctness of the data. While the matter is investigated, Hemfrid's access to the data in question is restricted.

  • Right to data portability – a right to request that personal data be sent from one data controller to another. This right is restricted to data, which you have submitted to us.

8. CONTACT INFORMATION TO THE CONTROLLER

Hemfrid i Sverige AB

Postal address: Box 38154, 100 64 Stockholm

Visiting address: Rosenlundsgatan 13, 118 53 Stockholm

E-post: info@hemfrid.se

Phone: 0200-11 45 50