PROCESSING OF PERSONAL DATA:
Privacy by Design
TFS Gateway AB complies with the EU General Data Protection Regulations, GDPR. TFS Gateway AB is not in the business of collecting or selling personal data, nor profiling private citizens’ lives. We sell security products and services. That’s what we do.
What personal information do we store?
When you create a user account with us, we store what you tell us to store. Otherwise we cannot provide account services. Product information that you tie to the account, e.g. license information, is also stored. When you purchase products or services, relevant billing and shipment information is kept on file. This is required by law. If you enable error and statistics reporting in your products, we will store those. They help us find and fix problems. Any logs, screenshots, dumps that you send to our support staff will only be kept until your problem is resolved.
What personal information do we share?
TFS Gateway AB has partners that provide parts of our services. Relevant data will be shared with such partners. You will be notified of this when using such products or services. Personal data will be provided to the relevant GDPR Authority only where required by law or authority decision.
You opt in or out of additional sharing in the section below.
Examples of details generally stored, if you provide them:
- E-mail addresses
- Company/organization affiliation
- Postal addresses
- Telephone numbers
- Purchase data
- Data about how you use our digital services
TFS Gateway AB Consent Level Options:
- Consent option #1 : Keep the basic data in your user account for internal use in providing TFS Gateway Services to you.
- Consent option #2 : Notify you about the latest software updates that are available and high-severity product alerts.
- Consent option #3 : On occasion send you e-mail about product developments and performance functions related to marketing, namely:
- Connections Details
- Email Sends
- Email Events
- Web Form Submissions
- Subscription Preferences
- Profile Management
- Social media
A user of TFS Gateway Services must select at least consent level option #1, otherwise TFS Gateway AB cannot keep your user account active.
TFS Gateway AB will never willingly use personal details for purposes of marketing with other companies.
You can change your selected consent option at any time without charge, either in your user account profile or by request to the TFS Gateway AB GPDR contact services at +46(0) 706 67 24 77.
Your rights under GDPR
This is a short summary of how to exercise your GDPR rights with TFS Gateway AB.
Right to be Informed
TFS Gateway AB carries the obligation to inform individuals or representatives of an organization in writing, if unlawful access has occurred to personal details of theirs, where those details may have been taken or leaked from TFS Gateway AB data storage systems. In order to avoid any form of unlawful access, TFS Gateway AB takes every precaution advised by the GDPR regulations and constantly reviews those measures for aspects of weakness and with intentions for improvement.
Please note that TFS Gateway AB’s Data Protection Policy is to store only those personal details that are necessary for providing a service to users. The handling of personal details will be in accordance with the level of consent chosen by the user.
Right of Reporting (Right of Access)
Any individual or representative of an organization can request a report on what details are stored in the TFS Gateway AB’s databases. Any case where a report is requested, the customer will need to make contact with TFS Gateway AB’s Data Protection Officer by a voice call to +46 (0) 706 67 24 77 . The person requesting the report will be verified as authorized to request and receive the report, by sending an email from the email address to which the report will be sent. This process of verification is necessary to maintain the confidence of all personal information held in TFS Gateway AB’s Databases, and ensure that no information is reported to unauthorized channels.
Right of Rectification
All users are entitled to request correction of any data that is incorrect or needs to be updated.
Right of Erasure
Any individual or representative of an organization that has received a report of personal details held on TFS Gateway AB’s databases, is able to request TFS Gateway AB to delete the existing records from the databases and cease to store their details in the future. If there is a legal need to store personal details, then the request will need to be denied, and no data erasure will take place. Legal requirements override the rights of personal preference not to retain personal information. When TFS Gateway AB has complied with the request for erasure, the person requesting the erasure will receive a “null report” showing that automated search of the TFS Gateway AB’s databases returns zero result and that person’s consent flag is nullified.
Right to Restrict Processing
All users of TFS Gateway Services are entitled to change their level of consent granted to TFS Gateway AB, and thereby restrict the processing of their personal data by TFS Gateway AB. They will do so by selecting a reduced level of consent option from their user account, or by request to the C´TFS Gateway DPO via the GDPR contact number. If restriction of processing is required below the first level of consent, option #1, then data erasure needs to be requested, where the individual user account will be removed from the systems.
Right to Data Portability
All users are entitled to request transfer of their data stored in TFS Gateway Services to another service provider. The person requesting this data transfer will need to specify the extraction format that will be acceptable by the recipient organization.
Right to Object
If any individual or representative of an organization that has made a GDPR request and been denied the request, then that user has the right to object. The objection should first be raised with TFS Gateway AB, to provide a reasonable explanation and then subsequently with the Swedish local authority for GDPR enforcement, Datainspektionen, Box 8114, 104 20 Stockholm.