Privacy Policy for website visitors
1. Introduction
Dermicus AB and its affiliates (“We”) are committed to protecting and respecting your privacy. This privacy policy explains how we collect and use information about you when you visit our website, www.dermicus.com, and when you contact us.
2. Who is responsible for the processing of your data?
Dermicus AB, Swedish company reg.no 556979-2822 (“we”, “our”, “us”) is responsible (data controller) for the processing of your personal data described herein under the applicable data protection laws such as the EU General Data Protection Regulation 2016/679, the Swedish data protection law Patiendatalag (2008:355) and the UK DATA Protection Act 2018.
Dermicus AB has appointed a Privacy Officer who will be your point of contact for any questions or requests regarding the processing of your personal data. The contact details of the Privacy Officer can be found in Section 13 of this Privacy Policy.
Please do not hesitate to contact us if you have any questions regarding your personal data.
3. How do we collect your data?
We may collect and process the following data:
Personal data we collect about you. We use cookies and similar technologies on our website, e.g. to collect certain information about your device, to review and keep statistics about the use of the site, etc. Even though we do not normally use this data to identify individuals, sometimes individuals can be recognized from it. You can read more about how we use cookies in section 4.1 below.
Personal data you give to us. Normally, we do not collect any other personal data about you unless you choose to share your information with us. For example, you may share personal data when you email us, submit your data through any of the web forms on our website.
4. What types of personal data do we process?
We may collect and process the following categories of personal data about you:
- Contact details, eg. your name, email address, postal address, phone number and other information that would allow us to contact you. Contact information may identify you personally.
- Browser and device data, eg. when you visit our website, we collect certain information about your device (e.g. information about your web browser, IP address, time zone) and some of the cookies that are installed on your device. When you browse our website, we will also collect information about the individual web pages that you view, what websites or search terms referred you to our website, and information about how you interact with our website. Browser and device data does not identify you personally, but when associated with other information, it may.
- Web forms, eg. web forms on our website where you can submit your information. For example, you can submit your contact details and ask that we contact you.
- Messages and communications, eg. sharing of personal data when you contact us, e.g. contact details, employer, job title, etc. We will also collect relevant information about your interactions with us, e.g. the date, time, method of contact and subject of the conversation. Since email communications are not always secure, we encourage you not to include any sensitive data in your emails.
4.1 Cookies
Like most companies, we use cookies and similar technologies on our website. They are used by us to provide better services and experiences to our visitors. Below you can see what cookies we store on your device and what purpose they serve. You are also able to control which cookies are stored on your device.
Name | Service | Purpose | Cookie type and duration |
languageChosen
| Website presentation | Store user preference regarding language | At the end of a session |
pll_language | Website presentation
| Store user preference regarding language | A year from the last visit |
viewed_cookie_policy | Cookie policy | Store whether the user has viewed the cookie policy or not | A year from the last visit |
cookieawinf-checkbox-advertisement | Cookie policy | Store whether the user has accepted storing cookies for advertisement purposes | A year from the last visit |
cookieawinf-checkbox-performance | Cookie policy | Store whether the user has accepted storing cookies for performance auditing of our website | A year from the last visit |
cookieawinf-checkbox-analytics | Cookie policy | Store whether the user has accepted storing cookies for analytics | A year from the last visit |
cookieawinf-checkbox-necessary | Cookie policy | Store whether the user has accepted storing cookies for general functionality of the website | A year from the last visit |
cookieawinf-checkbox-functional | Cookie policy | Store whether the user has accepted storing cookies for general functionality of the website | A year from the last visit |
CookieLawInfoConsent | Cookie policy | Store wether the user has given his/her overall consent | A year from the last visit |
_ga | Google Analytics | Google search and website performance | Two years from the last visit |
_gid | Google Analytics | Google search and website performance | 24 hours |
4.2 Links to other websites
Our website may contain links to other websites. Even though we aim to only link to reliable websites, we do not control the content or information practices on them. We encourage you to review the privacy statements of any such other websites.
5. How do we use your Personal Data?
We will only use your personal data when the law allows us to. Most commonly, we may process your personal data in the following circumstances:
- To communicate with you. When you contact us, we will process your contact details and messages to communicate with you and answer the incoming correspondence we receive. When we talk on the phone or in person, we might take notes to help us remember and follow up on the matters we discussed.
- To promote our services (direct marketing). With your consent, we will use your name and email address to send you periodic newsletters, information about our services and invitations to events. You have the right to withdraw your consent at any time.
- To improve and optimise our website. We will process your browser and device data for our legitimate interest in improving and optimising our website (e.g. by generating analytics about how you and others browse and interact with the site). For this purpose, we will not analyse your data on an individual level, all processing will be done on anonymised or pseudonymised data.
- To protect our legitimate interests. We will process your personal data when necessary to protect or exercise our rights or business interests, e.g. to defend us against claims from you or third parties.
- To meet legal requirements. We will process your personal data when necessary to comply with our legal obligations under laws, court rulings or other appropriate legal mechanisms, e.g. to respond to lawful requests by public authorities.
6. Who can access your data/disclosure of your information?
We will never sell your data. You specifically authorize the engagement of Dermicus AB’s Affiliates and any other third parties as Subprocessors.
However, sometimes we share your information with trusted parties. For example, your personal data will be shared with:
- Our employees and consultants. We share your personal data with our employees and consultants on a need-to-know basis.
- Service providers. We will share your personal data with our service providers who help us provide our website to you or supply other IT services to us which require the processing of personal data. Most of our service providers act as our data processors and may only process your personal data in accordance with our instructions, or to fulfil their legal obligations.
- Public authorities. Legal obligations may require us to share information about you, e.g. to respond to lawful requests from law enforcement agencies, regulatory agencies, and other public and government authorities. Public authorities are responsible (data controllers) for their processing of your personal data.
- Legal process. We may disclose personal data about you to courts, legal advisors and other parties when needed in connection with a legal process, e.g. to enforce our terms and conditions and to protect our rights.
7. How long do we keep your personal data?
How long we need to keep your data depends on the purposes for which it was collected and cannot in all cases be specified in advance. When we no longer need your data, we will either delete or anonymise it. We regularly review our need to keep your data, considering the applicable legislation.
- Contact details and messages. Normally, we will process your contact details and messages for as long as motivated by the context, to respond to and handle your messages.
- Browser and device data. We keep browser and device data up to 30 days after collection.
- Direct marketing. We will process your contact details (e.g. name and email address) for marketing purposes until you unsubscribe from our mailings.
We may keep your personal data longer where necessary to comply with our legal obligations. We may also keep certain personal data during relevant liability periods.
8. Where do we store you data?
All information you provide to us is stored on secured servers that may only be accessed by a limited number of persons holding special access rights and with respect to the nature of the data.Despite these measures, due care should be taken when storing and/or sharing your personal data and login, particularly when connecting via unsecure or public networks.
We take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.
We always strive to store your personal data within the EU/EEA. However, your personal data will in certain situations be transferred to and processed outside of the EU/EEA.
Please note that privacy laws in countries outside of the EU/EEA may not be the same as, and in some cases may be less protective than, privacy laws in your country. However, we will always ensure that your personal data is processed safely and that adequate safeguards (e.g. EU standard Model Clauses) are in place to protect your personal data. You can always contact us for more information about the applicable safeguards.
9. How do we protect your personal data?
We want you to feel confident about always providing us with your personal data. We have taken appropriate privacy measures to protect your personal data against unauthorized access, alteration, and erasure. Should a privacy breach occur that may materially impact you or your personal data (e.g. risk of fraud or identity theft), we will contact you to explain what action you can take to mitigate any potential adverse effects of the breach.
10. What are your rights?
Under certain circumstances, you have the following rights under data protection laws in respect of our processing of your personal data:
- Right to object. You have the right to object to processing based on legitimate interest. You can contact us for more information on the balance test that we have made. You also have an absolute right to object to direct marketing.
- Right to access and transfer your data (data portability). You have the right to ask us for copies of the personal data we process about you together with the additional information on how the data has been collected, processed, shared etc…There are some exemptions, which means you may not always receive all the information we process. You may in certain circumstances also have the right to transfer your information to another data controller.
- Right to rectification. You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
- Right to erasure (‘right to be forgotten’). You have the right to ask us to erase personal information about you in certain circumstances. Normally, we will honor your request unless deleting the information prevents us from carrying out necessary business functions.
- Right to restriction. You have the right to request that the processing of your personal data should be limited until inaccurate or incomplete information about you has been corrected, or until an objection from you has been handled.
- Right to withdraw your consent. You may at any time withdraw any consent you have given us. However, please note that it will not affect any processing that has already taken place.
Want to exercise your rights? Please contact us on privacy@dermicus.com
11. Complaints
Should you feel that we have not complied with our obligations regarding your personal data, please contact us on support@dermicus.com.
You may also raise your concern with IMY (Swedish Authority for Privacy Protection) or with the supervisory authority in the country where you live or work.
12. Changes to Our Privacy Policy
Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail.
13. Contact
Questions, comments, and requests regarding this privacy policy are welcomed and should be addressed to:
Privacy Officer
Dermicus AB
Kungsgatan 4
411 19 Gothenburg
SWEDEN