Introduction

In our various roles as employer, customer and supplier, SmiLe Incubator, (company reg. no. 556827-3550) constantly works to protect the privacy of individuals by striving to ensure that all personal data are handled in compliance with the legal requirements of the General Data Protection Regulation (GDPR).

SmiLe Incubator has taken organizational and technical measures to protect personal data from unauthorized access and to ensure that the information is available and is not lost, unintentionally altered or accessed by unauthorized persons. We continually adapt our policies, procedures and security measures in pace with changes in our operations and technology.

Background

The Swedish Personal Data Act (PDA), which is based on the EU’s data protection directive, has been in effect in Sweden since 1998. Other EU countries have similar protection laws. The purpose is to protect people against privacy breaches in connection with personal data processing. On May 25, 2018, the General Data Protection Regulation (GDPR) superseded the data protection directive and national legislation (such as the Swedish PDA) in all EU countries. The GDPR is similar to the PDA, but includes several important modifications, the most noteworthy of which is the introduction of financial sanctions.

GDPR Policy

SmiLe Incubator has adopted a GDPR policy stipulating how to process and protect personal date in its operations and delivered services. The policy consists of an introduction to GDPR, a personal data policy, a GDPR IT security policy and contact information.

IT security

SmiLe Incubator constantly works to improve IT security so that personal data in technological information processing systems, IT equipment and portable media are protected in a professional manner.

Storage and deletion of personal data

SmiLe Incubator does not store personal data any longer than is necessary for the purposes of the processing. Personal data that are no longer relevant for the purposes for which they were gathered are regularly deleted or anonymized.

Countries where personal data are stored and processed

Personal data provided to SmiLe Incubator are processed and stored only within the EU/EEA; in other words, they are not transferred to or processed in any third-party country.

Employees

Employees who may come into contact with personal data have received basic information about GDPR and how to process personal data.
Suppliers
SmiLe Incubator ensures that our suppliers are aware of their responsibilities regarding their treatment of personal information and their compliance with the GDPR through Personal Data Processor Agreements.

Customers

When signing agreements, customers are informed about matters such as their rights, what SmiLe Incubator does to comply with the Data Protection Regulation (GDPR) and to ensure the privacy of individuals, as well as relevant contact information.

Photography

We take photos and publish material from our events.

Personal data controller

The personal data controller at SmiLe Incubator who determines the purposes of and methods used to process personal data and who is ultimately responsible for ensuring that data are processed in compliance with the applicable personal data legislation is:

SmiLe Incubator AB, company reg. no. 556827–3550
Medicon Village
Scheelevägen 2
SE-223 81 Lund, Sweden

For further information regarding our processing of personal data, requests for an extract from the register and/or deregistration, please contact us by e-mail info@smileincubator.life.