GDPR

We welcome and support the General Data Protection Regulation as it is firmly grounded in human rights principles and serves to strengthen the rights of all individuals.

What is GDPR?

GDPR (General Data Protection Regulation) is the EU data protection regulation and it came into force on 25 May 2018. The purpose of the law is to strengthen individuals’ rights and protection during the processing and handling of personal data. You can find a link to the law in full by clicking here.

The regulation affects all companies, organizations and industries that handle personal data and will, among other things, entail requirements for new routines to provide secure handling. If an organisation does not adhere to the law, it can result in extensive fines.

GDPR in Sweden

In Sweden, GDPR is only a part of all laws that protect the privacy of individuals. As such, it is further strengthened by several laws, regulations and additional acts. The most important addition is the Data Regulation ACT “SFS2018:18”. It contains adaptations to Swedish law, and also additions, such as, that even governmental institutions can be fined if they do not adhere to the law.

In short, GDPR revolves around 6 principles  that among other things, clearly state that we as data controllers must have support in the Data Protection Ordinance in order to process personal data.

How does RECILIO work with GDPR?

At Recilio – GDPR is a cornerstone in everything that we do. We are very aware of the amount of trust that is placed in our service and are more than prepared to go out our way to ensure that you feel safe entrusting us with your data.

Regularly and systematically, we use this checklist to oversee our internal routines and thereby strive to ensure that the collection and handling of our customers ‘personal data follows our customers’ instructions and thus necessary legislation.

We have a well-thought-out security work, with a clear information and security policy, and have designed all our services and internal routines with privacy in focus (so-called “Privacy by Default and Design”).

In addition, we want to make it easy for you to find all the information you need:

  • In our Privacy Policy, we ensure the privacy of each individual user as well as the right to their own data, the right to extract, correction and deletion. Erasure can be done via this form.
  • In our DPA you can read about how we handle your data. We always ensure that the transfer and storage of data is encrypted and that data is stored securely in our data center within the EU, as well as with non-EU assistants outside the EU/ESS with full protection in accordance with the Data Protection Ordinance. We protect our servers with, among other things, firewalls and strict access control with traceability and assurance of high availability.
  • Finally, in our Terms of Use, you will find how you can use the materials provided on the website.

In short we:

  1. may only collect personal data for specific, specifically stated and legitimate purposes
  2. shall not process more personal data than is necessary for the purposes
  3. shall ensure that the personal data is correct
  4. shall delete the personal data when no longer needed
  5. shall protect personal data, for example so that unauthorized persons do not have access to them and so that they are not lost or destroyed
  6. should be able to show that you live up to the Data Protection Ordinance and how we do it.