In order for us to offer you our services and products, in some cases it is necessary that we share your personal data with other companies. Companies that process your personal data on our behalf and in accordance with our instructions are called subcontractors. The processor will always enter into a data processing agreement with us to ensure that a high level of protection of your personal data is maintained. The personal data we collect about you will be kept for as long as necessary, i.e. until payment and delivery of a purchase has been made or customer service has been completed. We also retain all personal data for up to 24 months after it is collected to ensure that you can access purchase history, track certain issues, and investigate and prevent fraud. Consent. In some cases, we may ask for your consent to the processing of personal data, para. B example if we wish to transfer your personal data to another company. In this case, we will inform you of the personal processing to which you consent, why and how you can withdraw your consent. Whistleblowing Solutions AB is the controller of the processing of personal data carried out by us or on our behalf. This means that we decide how and why your personal data is processed.
(c) the preparation of data protection impact assessments and, where appropriate, consultations with the supervisory authority; “Personal Data” means any information that may be attributed to you directly or indirectly. For example, your name, social security number, address, photo, email address, and IP address. Information that cannot identify you in itself may also be personal data if it can be attributed to you in combination with other information. Crime and abuse prevention. We collect data about your click and visitor history, technical data from the devices with which you visited our website (e.g. IP address. B, operating system, language, browser settings) and information about your customer service. We do this to prevent and investigate fraud and other crimes, as well as to improve the security of our Services. If you wish to exercise any of your rights or if you have any questions about Whistlelink`s processing of your personal data, please contact us using the contact details below. Newsletters and offers. If you have opted in to receive news and offers from us, we will ask you to provide your name and email address.
We may also process purchase history, purchase history and user-generated data (click history) and place of residence/country that you have provided from time to time to send information about our news and offers that may be of interest to you. Any communication from Whistlelink to you by email will always include a link where you can unsubscribe for future communications. If we process your personal data for purposes other than those mentioned above, we will inform you. (A) a description of the nature of the infringement (including, where possible, the categories and approximate number of data subjects and registrations); In accordance with paragraph 4.3.5 of this DPA, Seller will take and maintain appropriate security measures (including organizational and technical) in the processing of EU data prior to the processing of EU data in order to protect against unauthorized or accidental access, loss, alteration, disclosure or destruction of such data, in particular where the processing involves the transmission of data over a network. and against any other unlawful form of processing. 1.4 This DPA replaces and replaces all prior data processing agreements between the parties to the extent that they relate to the processing of EU data. We may also disclose personal information to third parties (such as the police, tax authority or other authority) in the event of a criminal investigation or if we are otherwise provided for by law or regulatory decision. We always process your personal data in accordance with applicable legislation, including the GDPR. According to the GDPR, the processing of personal data must be based on one or more legal bases: Personal data is information that is considered “personal data” under EU data protection laws. Right to object.
You have the right to object to the processing of your personal data by Whistlelink. Below we describe the processing of personal data carried out or otherwise controlled by Whistlelink as a company. If you have any questions about how your personal data is processed, you can contact us using the contact details provided in section 10 below. In some cases, we share your personal data with companies that are considered independent controllers once they have taken over some of your personal data. This means that we no longer determine how your personal data is processed. This is the case, for example, if you click on an affiliate link that takes you to another website. This is also the case when we share your personal data with companies that offer payment solutions. This Privacy Policy only contains information about how Whistlelink processes your personal data, so we encourage you to read the Privacy Policy on other websites you visit.
4.3.1 Processing of EU Data solely on behalf of Yahoo and in accordance with the documented instructions, the Agreement and this DPA (the “Instructions”). Instructions may be provided by Yahoo on behalf of an affiliate in the EEA, including instructions for international data transfers. The provider may not process EU data for purposes other than the provision of the services in accordance with the contract; Right to erasure. In some cases, you have the right to ask us to delete your personal data. 5.1 Without limiting or affecting any other provision of the Agreement, if Seller wishes to engage one or more third parties acting on its behalf to perform its obligations under this DPA and the Agreement and to delegate all or part of the processing activities to such processor, Seller must obtain Yahoo`s prior written consent to the processor. The Provider shall enter into appropriate contractual agreements with such authorised sub-processors which provide for the same level of data protection and information security obligations with respect to EU data as those binding on the Seller in this DPA and in the Processor`s Model Clauses, including third party rights over data subjects. If a sub-processor fails to comply with its EU data protection obligations, the provider remains fully liable to Yahoo for the performance (or non-compliance) of the sub-processor`s data protection obligations with respect to EU data. 7.2 Without limiting or influencing any other provision of the Agreement (including the Network Security Terms), the parties agree that in the event of termination or partial termination of the Services in connection with the processing of EU Data in accordance with this DPA and the Agreement of the Providers and any sub-processor to which Yahoo has consented in accordance with paragraph 5 of this DPA, Yahoo shall, at Yahoo`s option, return to Yahoo all EU Data and copies thereof. or securely destroys it and certifies that Yahoo has taken such action, unless applicable EU law requires the retention of such EU data.
In this case, the Seller guarantees the confidentiality of the EU data it holds (and obtains it from each sub-processor) and only actively processes such EU data after that date, to the extent required by applicable EU law. At Whistlelink, we are committed to protecting your personal integrity and want you to feel safe when using our products and services. With this Privacy Policy, we want to ensure that you understand how we process your personal data and how we ensure that whistlelink`s processing of personal data is carried out responsibly in accordance with applicable law, including the General Data Protection Regulation (the “GDPR”). .