Policy for processing personal data.

SURG, org. number 802416-8380

Purpose

The SURG User Association handles a number of personal data and the purpose of this policy is to clarify how SURG processes your personal data in order for you to feel confident that the association is protecting your privacy.

The policy also allows you to know what personal information we have, how we treat them and why we have them, and under what conditions you can take advantage of your rights.

The starting point of any processing of personal data is not to process more personal data than is necessary for the purpose and not, except where strictly necessary, to use privacy-sensitive data.

You have the right to be informed about what information SURG has about you and provided that there is no legal basis for the association to save the information, you also have the right to have the data deleted.

What personal data do we treat?

SURG treats personal data only when there is a legal basis, i.e. when the association needs the personal information to fulfill the obligations of law or contract, or if there is an explicit need to be able to reach you as a union member.

Here are examples of the personal data the association treats:

  • Name

  • Email address

  • Telephone number

  • Information that you register and voluntarily provide

  • Photos and videos during events

We photograph and sometimes we also film during our events to use as news, marketing material or similar, in printed format, electronically or on websites and social media. By joining our events, you also agree that we may take photos and possibly filming for these purposes. The material will only be used by SURG. Would you like us not to take a photo or film you, please contact us at hej@surgnordic.se

How do we access your personal information?

Your membership in SURG is the basis for the personal Data The association treats. You as a member have the right to be able to come into contact with SURGs Board and the staff at the office, as well as the board and the staff at the office need to be able to reach you with information. Therefore, SURG collects information about email addresses and phone numbers as well as addresses.

You can revoke SURG processing your personal data at any time, which means that SURG must delete the personal data. However, deletion of personal data requires that SURG is not required to process them in order to comply with a statutory or contractual obligation.

What information do we provide to you?

As a member of SURG you always have the right to get an extract from the member register and can thus easily see what information the Association has registered. You may also take part in this policy and you will also receive information about how you can contact us if you have questions or need to submit a request or enquiry regarding your personal information.

Your personal data is processed in a satisfactory manner. SURG has developed procedures and ways of working to ensure that your personal data is handled in a secure manner.

When do we disclose your personal information?

SURGs starting point is not to disclose your personal information to third parties unless you have consented to it or if it is not necessary to comply with SURGs Statutory or contractual obligations. In the event that we disclose personal data to third parties, this is done in agreement with established guidelines, which ensure that the personal data are processed in a satisfactory manner.

Responsibility

SURG is a data controller, which means that SURG is responsible for how your personal data is processed and that your rights are considered.

Stockholm, May 2018