Data protection policy
This data protection policy describes what information we collect and why. For ToBeShore AB with registration number: 559366-6224, hereinafter referred to as “ToBeShore”, it is important that you as a private person and potential or current customer have your personal data processed in a safe and correct manner. Therefore, we advise you to read this data protection policy so that you are aware of how we process your information and why. If you disagree with anything that appears in this policy or have other questions, you can contact ToBeShore’s GDPR responsible.
The information we collect
Once the initial contact has been established between TobeShore a customer, we save your name (as customer contact), your email address, your phone number and the company name to which the case applies.
If you apply for a job at ToBeShore, we will save the information you provide to us for 3 years regardless of whether the application leads to recruitment or not. We do this to consider you for positions that may arise for which you may be suitable.
If you contact ToBeShore for any other reasons than mentioned above, we will not collect any personal data about you, apart from what you send to us. We save this information to manage daily communication with our customers or contacts, as well as to carry out customer surveys.
If you are a potential customer, have another type of contact with ToBeShore, or hire consultants from ToBeShore, the individual consultants may store personal data about your organization or employees. All ToBeShore employees have access to our IT and information security policy and receive training in the regulations, including guidelines on what information can be saved and how it should be stored. ToBeShore will, to the extent possible, follow up with our employees regarding these guidelines and how to save only the data that is essential to the assignment, to ensure you feel secure about processing of your information.
Duration of information storage
ToBeShore saves data about customers for the duration of the customer agreement and up to one year after said agreement has been terminated. After one year, ToBeShore removes the data but saves the name of the customer contact and company name for future assignments.
All employees have received routine descriptions regarding data cleanup, which state that after the end of a customer agreement or completion of an assignment, they must clear emails and other documentation.
Information related to job applications is saved for 3 years. Other emails and information are cleared as they no longer fulfill any purpose.
If you object to ToBeShore saving the name of a customer contact or company name, you can contact us at gdpr@tobeshore.se.
We do not share information
ToBeShore only uses data about external parties for internal use. However, with consent (verbal or written), the company name of our customers may be published on our website (www.tobeshore.se) — this does not include information such as customer contact data.
If you feel that the information about you or your company is misrepresented, or if you want to know more about the information that ToBeShore handles about you, please contact ToBeShore GDPR responsible at gdpr@tobeshore.se.
TobeShore role i GDPR
ToBeShore aims to protect the integrity of individuals and strives to work with customers and suppliers who live up to the GDPR requirements placed on companies. Depending on the type of consulting service we provide, the responsibility for the processing of personal data can be distributed among the contracting parties.
This text has been produced to clarify how ToBeShore perceives the distribution of responsibility for the processing of personal data according to current data protection legislation. Any questions can be directed to your contact person within TobeShore via gdpr@tobeshore.se.
Handling of personal data based on contract of consultants
ToBeShore may provide consultants to a customer/partner that may be employed by ToBeShore or by a contracted sub-consultant. According to the agreement, the consultant will work under the direction and responsibility of the customer/partner. In connection with such consulting services, the consultant may be subject to a non-disclosure agreement between the client and the consultant that prevents personal data from being shared with ToBeShore and any sub-consultant.
In cases where consultants process personal data under the customer’s direct responsibility and management during the provision of consulting services — using the work tools that the customer is responsible for such as the customer’s system — the customer is the personal data controller. ToBeShore or sub-consultants are not personal data assistants for such processing.
ToBeShore must ensure that the consultant has provided their consent to disclose personal data about the consultant to the customer by ToBeShore to the extent that it is necessary due to contracted consulting services. Under such circumstances, the customer is responsible for handling personal data for the data they receive and process. However, ToBeShore is responsible for disclosure of the personal data to the customer.
Processing of personal data for special assignments
When ToBeShore provides consulting services within the framework of special assignments (assignment agreements), such as assignments regarding design and technology solutions or support and maintenance services, ToBeShore may, where applicable, process personal data on behalf of the customer. Even when the consultant works under ToBeShore management and responsibility, because the customer ultimately decides on the processing of the personal data they transfer to ToBeShore due to agreed assignments.
In such scenarios, the customer is the personal data controller for personal data processing, and ToBeShore is the personal data assistant to the customer. ToBeShore is responsible as a personal data assistant for the work any hired sub-consultant undertakes in connection with the execution of assignments on behalf of the customer. According to ToBeShore, the work of such a sub-consultant does not actualize a subcontractor relationship, because sub-consultants work under ToBeShore direction and responsibility when carrying out the assignments.
For the latest information on how ToBeShore processes personal data, please visit us at www.tobeshore.se. Any questions can be directed to the contact person within ToBeShore who can be reached via gdpr@tobeshore.se.
Cookies
According to the Swedish Electronic Communications Act, a website that uses cookies must inform everyone who visits the website that this is the case. The purpose of the collection of cookies must also be made clear to visitors. Cookies are text files that store information about website visitors. ToBeShore uses different types of cookies to improve the website and our offer.
Type of cookies
Permanent cookies
Are text files stored in the user’s web browser and activated each time the user visits our website.
Session cookies
Temporary text files stored in the user’s web browser that are removed when you leave our website.
Third party cookies
We may use third-party cookies to enable traffic analysis generated by tools such as Google Analytics, LinkedIn Insight, and Facebook Pixel.
Turn off cookies
If you do not agree to the use of cookies, you can turn them off in the security settings of your browser.
For more information
If you believe that the information about you or your organization is incorrect or you would like to know more about the information that ToBeShore holds about you, please contact our GDPR responsible at: gdpr@tobeshore.se.
If you believe that ToBeShore manages your information in a way that is GDPR-incompliant, you have should notify the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten — IMY).
Call: +46 8-750 87 00
Email: imy@imy.se