Privacy policy

Stiftelsen Beat Diabetes, org 802481-5014. co/Ringvägen 52 10462, Stockholm Sweden is the data controller in respect of your personal data and is committed to protecting and respecting your privacy and personal integrity when you are using our services, browsing through or website or using our applications (our Services). This Privacy Policy will help you understand what personal data we collect about you, why it is collected and how it is used by us. It will also clarify how you can exercise your rights when you are trusting us to handle your personal data for you. We ask that you take a moment to read this Privacy Policy carefully and familiarize yourself with its content. If you have any questions, you are welcome to contact us by using the contact information provided at the end of this Privacy Policy.

Please note that our Services may contain links to and from websites that can be held by our network partners, advertisers and affiliates. If you follow a link to any of these websites or use third party services, you should be aware that they have their own privacy policies and that we do not assume any liability for their processing of your personal data. Therefore, please make sure to read their privacy policies before providing your personal data to them.

MINORS

We take it very seriously to protect the safety and privacy of children online and we do not knowingly market to or solicit personal data from children under the age of 16 without obtaining verifiable parental consent.

WHAT PERSONAL DATA DO WE COLLECT FROM YOU?

When you access, connect to, sign up to, participate in, create an account for, make individual purchases within or otherwise use our Services, we may collect personal data about you. The personal data we collect will depend on the circumstances and the Services you are using, but could consist of the following:

Personal data that you actively provide to us

  • Name, e-mail address, phone number and postal address.
  • Company details and title
  • Information requested by us from you when you contact us through our form
  • Your correspondence address if you contact us.

Personal data obtained from third parties

We may supplement the information that we collect from you with information that we receive from third parties and through your use of websites, products or services of other companies within our foundation. This may include information we receive from content providers regarding, for example, your use of our Services so that we can personalize your service and recommend content that you might like. It can also include information from third parties that collect consumer information including demographic and interest data. We may then combine this information with your personal data to help us predict your preferences, to direct marketing offers that might be more relevant to you, and to help us better analyze customer information for business modeling purposes. Lastly, we may obtain credit information about you from outside credit reporting agencies to help us with customer authentication and credit-related decisions.

WHY DO WE COLLECT YOUR PERSONAL DATA?

Our purposes

We process your personal data for the following purposes:

A) For the sake of our contractual relationship:

  • For the provision of our Services to you, including to fulfil your requests, improve your experience of our Services and to administer our contractual relationship with you.
  • To ensure that content from our Services is transmitted to you and your device in the most efficient way.
  • To provide order and invoice information to you.
  • To allow you to use our applications on social media, provided that you select to use them in accordance with your security settings.
  • To notify you about changes to our Services.
  • To provide offers, news, information, products or services that you request from us.
  • To carry out analysis on an aggregated level to improve our products and services.

B) For our legitimate purposes:

  • To share your information with other entities within the Beat Diabetes Foundation when it is necessary for administrative purposes or for the provision of our Services to you.
  • To use IP-address, device identifiers or other information necessary to block disruptive use or Services, for the reason of protecting our Services or otherwise enforcing or applying our Terms and Conditions.
  • To provide information in a merger & acquisition processes, for the reasons of business and strategic management
  • To provide you with offers, news, information, products or services that we believe may be of interest to you, including tailoring advertising so that it relates to your likely interests.
  • For analysing and statistical purposes.
  • For the establishment, exercise or defence of legal claims.

C) For marketing purposes:

  • To send you our newsletter, if you have agreed thereto, which may also contain offers, news or information related to our Services and/or other products or services within the Beat Diabetes Foundation which we believe may be of interest to you. Please note that you can unsubscribe at any time from our newsletter by changing your account preferences on your account page or by clicking the “unsubscribe” link in the newsletter.

D) We may also process your personal data if it is necessary for us to comply with a legal obligation or authority decision.

What legal ground in GDPR is the processing of your personal data based on?

The processing of personal data for the purposes described under:

  • point (A) is necessary for the performance and conclusion of our contract with you;
  • point (B) is necessary for our legitimate interest of developing, administering, protecting and marketing our Services as well as from a business and strategic management perspective;
  • point (C) will only occur if we have received your consent to such processing;
  • point (D) is necessary to comply with a legal obligation or authority decision.

Is it mandatory for you to provide your personal data?

Personal data that we request from you and that is marked "mandatory" in anyway, for example by using the * symbol, is required for us to provide our Services (for statutory, contractual, administrative, technical or similar reasons). However, some of the personal data may be required only in the event that you use specific features, turn on optional parts of the Service or request certain resources, offerings, promotions, programs, etc. from us or our partners, as will be further indicated prior to collecting such personal data from you.

WHO MIGHT WE SHARE YOUR PERSONAL DATA WITH?

Intra-group transfers

We may disclose your personal data to other companies within the Beat Diabetes Foundation if it is necessary for administrative purposes or the provision of our Services to you. If you have agreed thereto, we may also disclose your personal data to companies within the Beat Diabetes Foundation for marketing purposes. Beat Diabetes Foundation who have access to your personal data follow practices consistent with this Privacy Policy.

Partners and advertisers

We may share your personal data with our partners and advertisers but only when you have requested it or provided your consent for us to do so.

We may also use aggregate information to monitor usage of our Services in order to help us improve and develop our Services, and we may provide such aggregate information to third parties e.g. content partners or advertisers. This aggregate information does not include personal data and cannot at any reason be linked to you.

Third parties for security or other legitimate reasons

We may also disclose your personal data to third parties, if we reasonably believe that disclosure of such personal data is necessary:

  • to comply with valid legal obligations including subpoenas, court orders, governmental requests or search warrants, and as otherwise authorized by law;
  • to protect our rights or property, or the safety of our customers or employees;
  • to protect against fraudulent, malicious, abusive, unauthorized or unlawful use of or subscription to our Services and to protect our network, Services, devices and users from such use;
  • to advance or defend against complaints or legal claims in court, administrative proceedings and elsewhere;
  • to determine credit risk, for reporting purposes or to obtain payment for our Services;
  • as part of mergers & acquisitions, provided that the prospective buyer or seller agree to respect your personal data in a manner consistent with our Privacy Policy;
  • to outside auditors and regulators.

Third party suppliers

We may use third party suppliers to perform services for us such as to provide the infrastructure and IT services (including but not limited to data storage), process credit and debit card transactions, to provide customer services, collecting debt analysis and improve data and process customer inquiries and perform other statistical analyzes. In the performance of these services the third-party suppliers may have access to your personal data but is only authorized to process it strictly on our behalf and in accordance with our instructions.

WHERE DO WE PROCESS YOUR PERSONAL DATA?

The personal data that we collect from you may be transferred to and stored at a destination outside the European Economic Area ("EEA"), including at destinations that are not subject to a decision by the European Commission establishing an adequate level of protection of personal data. It can be shared with other companies within the Beat Diabetes Foundation, processed by staff working for us or for one of our suppliers, located outside the EEA. Such personnel may for example be involved in the fulfillment of your order, the processing of your payment details and execution of our support services. We will take all reasonable necessary steps to ensure that your personal data is treated securely and in accordance with this Privacy Policy and have adopted appropriate safeguards to protect it. If you wish to have further information on or a copy of these safeguards, please contact us using the contact information provided at the end of this Privacy Policy.

HOW LONG DO WE KEEP YOUR PERSONAL DATA?

We will only keep your personal data for as long as we consider necessary for the fulfilment of our purposes, that we have described above under “WHY DO WE PROCESS YOUR PERSONAL DATA”, after which we will securely delete or in some cases anonymise your personal data. We do regular status checks to review when personal data needs to be deleted. However, as we process your personal data for various purposes, the actual period for which the personal data will be stored will depend on the circumstances.

HOW DO WE PROTECT YOUR PERSONAL DATA?

Safeguarding your personal data is a priority for us. Any personal data that you provide to us is stored on secure servers and we use rigorous procedures to protect against loss, misuse, unauthorized access, alteration, disclosure, or destruction of your personal data. Any payment transactions will be encrypted by industry-standard technology.

Although we work hard to protect your personal data, we cannot guarantee that our safeguards will prevent every unauthorized attempt to access, use or disclose personal data. However, we maintain security and incident response plans in the event of a physical or technical incident to handle this in a timely manner and limit any negative effect of such incident.

HOW CAN YOU ACCESS YOUR PERSONAL DATA?

We understand that you may at times need further information from us regarding your personal data and how it is processed or that you may wish to update or correct the personal data you have provided us with. In light hereof, you have inter alia the following rights:

  • Right to access your personal data: you have the right to obtain confirmation from us as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data and information.
  • Right to rectification of personal data: if you find that personal data that we process about you is inaccurate, you have the right to have us correct such personal data.
  • Right to erasure of personal data (right to be forgotten): under certain circumstances, such as if your personal data has been unlawfully processed or you have withdrawn your consent (if the processing of your personal data is based on consent), you have the right to request and obtain erasure of your personal data from us.
  • Right to restriction of processing: under certain circumstances, such as if you question the accuracy of your personal data or you have objected to our legitimate purpose to process your personal data, you have the right to request that we restrict the processing of your personal data until a solution has been found.
  • Right to object to processing: under certain circumstances, such as if you question our legitimate interest to process your personal data, you have the right to object, on grounds relating to your particular situation, to such processing.
  • Right to data portability: if your personal data is processed by automated means based on your consent or for the fulfilment of our contractual relationship, you have the right to request that we provide you with your with personal data on a machine-readable format for transmission to another data controller.
  • Right to lodge a complaint with a supervisory authority: you have the right to lodge a complaint regarding our processing of your personal data with your supervisory authority.

If our processing of your personal data is based on your consent, you have the right to withdraw such consent at any time (this will however not affect the processing based on your consent before its withdrawal) by contacting us or by updating the settings in our Services (where applicable).

Please contact us using the contact details provided below to make a request in respect of your rights. We will use commercially reasonable efforts to respond to your request within 30 days of receiving such request. If we cannot honour your request within the 30-day period, we will let you know the reasons why and when we expect to be able to fulfil your request.

CHANGES TO THIS PRIVACY POLICY

Our Privacy Policy may change from time to time. Therefore, you should make sure to review the latest version of this policy on a regular basis. We will post any Privacy Policy changes here and, if the changes are significant, we will provide you with a more prominent notice such as an email notification. If we change this Privacy Policy in a way that will affect how we use your personal data, we will advise you of the choices you may have as a result of those changes. We will also keep prior versions of this Privacy Policy in an archive for your review.

CONTACT

The data protection officer in respect of the Service may be contacted by email info@beatdiabetes.se

We welcome any questions, comments and requests regarding this Privacy Policy which should be sent to helena.kolvik@beatdiabetes.se

We operate under and are bound by the General Data Protection Regulation 2016/679 ("GDPR") and the Electronic Communications Act (2003:389).

Do you want to get involved?

We believe that everybody can contribute to the fight against diabetes. Get in touch with our team to learn more about how you can get involved. Together, we turn great ideas into new ways to help BEAT diabetes.

Get involved