Privacy policy

This privacy policy was established by Stratsys on 2023/03/21

Information about Stratsys personal data processing

When we at Stratsys AB ("Stratsys", "we", and "us") work together, we are careful to protect your privacy so that our collaboration can be as easy, secure, and smooth as possible.

On this page, you can read about how we process your personal data, such as the legal basis we have for processing your personal data and how long we store your personal data. We also describe your rights in relation to our processing of your personal data.

In the list on the right, you can read more about how we process your personal data in different situations. Click on the heading that applies to you to get more information.

When we refer to "your organization" in this privacy policy, we refer to your employer or the company, organization, or public body that you represent. In these cases, we will only process personal data about you in your professional capacity.

Our processing of your personl data in brief

In summary, we process your personal data as follows:

  • When the organization you represent is a customer, potential customer, supplier, or partner of ours, we process your personal data to administer our relationship and enter into and fulfill contracts;
  • If we have contact via email, for example, without having a business relationship, we process your personal data to communicate with you and answer your questions;
  • If you visit our social media, we process your personal data to communicate with you;
  • If you use our products, we process your personal data to assist with any customer service and support issues and analyze the use of our products;
  • If you visit our website, we process your personal data to analyze how our website is used and to show you relevant marketing from us, provided that you have consented to this;
  • If you receive marketing from us, such as newsletters, we process your personal data to send relevant information about our products targeted to the organization you represent; and
  • If you participate in our events, such as webinars and trade shows, we process your personal data to administer your participation and evaluate our events.
  • When we document and analyze customer and sales meetings, we process personal data to ensure quality customer experiences and improve our services.

Who is responsible for your personal data

Stratsys AB with organization number 556586–9848 is responsible for the processing of your personal data (data controller).

In cases where you use Stratsys products, we are only responsible for the processing of your personal data in certain cases, such as when we provide you with support. Your organization is the data controller for the information which is stored when using Stratsys products.

If you have any questions about our processing of your personal data or if you want to exercise any of your rights, you can contact us at our email address info@stratsys.com or call us at +46 (0) 10-129 29 09.

Your rights in relation to your personal data in brief

In accordance with GDPR, you have certain rights in relation to our processing of your personal data. You have the right to:

  • withdraw your consent;
  • receive confirmation as to whether or not we are processing your personal data and if we are processing your personal data, you also have the right to receive information on how we process it and a copy of your personal data;
  • have incorrect personal data corrected and incomplete personal data completed;
  • have your personal data erased;
  • restrict the processing of your personal data;
  • object to our processing of your personal data;
  • receive your personal data in a structured, commonly used, and machine-readable format from us. You also have the right to have your personal data transferred to another data controller when technically feasible; and
  • file a complaint with a competent supervisory authority. The competent supervisory authority in Sweden is Integritetsskyddsmyndigheten, which you can find here.

If you want more detailed information regarding these rights, you can click on the list to the right.

If you have any questions about the rights or want to exercise any of your rights, you are welcome to contact us. Our contact information is listed above.

Sharing and transfer

Your personal information is primarily processed by us at Stratsys, and we do not sell your personal information. This means that your personal information will be handled by our employees, but only staff who need access to your personal information to perform their work.

In order for us to provide our products and services in the best way possible and run our business, we need to collaborate with suppliers and partners who will process your personal information. We are responsible when we share your personal information with our suppliers and partners, and ensure that they are treated securely when we share them.

As a general rule, we and our suppliers and partners who we share your personal information with only process your personal information within the EU/EEA. We have taken all commercially feasible measures to ensure that as much of the processing of personal information as possible takes place within the EU/EEA.

In some cases, your personal information may be transferred outside the EU/EEA by our partners and suppliers, which may mean that you may have more limited protection for your personal information when it has been transferred outside the EU/EEA.

By clicking on the headline you encounter in the list to the right, you can read more about how we share your personal information in different situations and where your personal information is processed.

This privacy policy was established by Stratsys (2023-03-21).

When you get in touch with us

Below you can read more about how Stratsys AB ("Stratsys", "we" and "us") processes your personal data when you communicate with us for various reasons. Below you will find information on how we process your personal data when you contact us via the form on our website or otherwise contact us without a customer relationship, as well as how we process your personal data in any discussions, claims or disputes. At Stratsys, we always strive to maintain a good relationship with you and your organization and answer any questions you or your organization may have.

When we process your personal data, you have certain rights. This means that you have the right to receive confirmation as to whether we are processing your personal data and further information if so (the right of access), the right to request that we erase your personal data, the right to have your personal data corrected, the right to object to our processing, and the right to lodge a complaint with the supervisory authority (the competent supervisory authority in Sweden is Integritetsskyddsmyndigheten). You can read more about your rights here.

If you have any questions about how we process your personal data or want to exercise any of your rights, you are welcome to contact us. Our contact information is provided here .

Where we get your personal information from

We process personal data that we receive directly from you or that we receive from the organization you represent.

Detailed description of the processing of personal data

Purpose: To communicate with you

Processing activities performed

  • Communicate with you via email or phone
  • Assist you if you contact us through the form on our website and send you the information you requested
  • Answer the questions you ask

Personal data processed

  • Name
  • Contact information such as email address and phone number
  • Information you provide to us in email or through our contact form

If you contact us through our form:

  • Information about the sector you work in
  • Possible job title and information about the organization you work for

Legal basis for the processing

Legitimate interest (Article 6.1 f in GDPR)

The processing is justified by our legitimate interest in being able to communicate with you as someone who contacts us.

In our balancing of interests, we have assessed that our legitimate interest in carrying out the processing outweighs your interest and fundamental rights not to have your personal data processed.

If you want to know more about how we have made this assessment or object to it, you are welcome to contact us at the contact details provided here.

Storage time: We regularly delete your personal information and never store personal data that we no longer need.

We also regularly clear our email. Therefore, individual emails are only saved as long as there is a purpose for us to keep the email. This assessment is made on a case-by-case basis depending on the type of question we receive.

If you have requested certain information from us through our contact form, we will save your personal information until we have answered your question and sent you the requested information, as well as for twelve months thereafter to follow up on our contact.

However, we will stop storing your personal information if we become aware that you no longer represent the organization.

 

Purpose: To handle any discussions, claims or disputes

Processing activities performed

  • Handle any discussions, claims or disputes.

Personal data processed

  • Name
  • Contact information, such as your email address and/or phone number
  • Information from our communication with you, especially communication related to the discussion or claim.

 

Legal basis for the processing

Legitimate interest (Article 6.1 f of GDPR)

The processing is motivated by our legitimate interest in being able to communicate with the organization you represent and to resolve a situation as well as possible, and if necessary, to act in a possible dispute, including being able to defend ourselves against a possible legal claim.

In our balancing of interests, we have assessed that our legitimate interest in performing the processing outweighs your interest and your fundamental rights to not have your personal data processed.

If you want to know more about how we have made this assessment or object to it, you are welcome to contact us using the contact information provided here.

Storage time: The information is stored from when the claim is initiated and as long as the process concerning the claim is ongoing.

However, we will stop storing your personal data if we become aware that you no longer represent the organization that the claim concerns and the information is no longer necessary for the process.

 

Purpose: To document and analyze customer meetings

We process personal data collected during customer and sales meetings to document meeting information, ensure quality customer experiences, and analyze insights that help us improve our services.

Processing activities performed:

  • Documentation of meeting information, including notes, questions, and customer needs.
  • Storage and organization of meeting information for follow-up and customer relationship development.
  • Recording of video meetings to ensure accurate representation of discussions and for internal staff training.
  • Analysis of insights and trends:
    - During the first 12 months, data is analyzed in its original format.
    - After 12 months, data is pseudonymized for continued analysis at an aggregated level.

Personal data processed:

  • Contact details: First name, last name, address, phone number, email address, and country.
  • Professional information: Your position and the organization you represent.
  • Interaction data: Clicks, URLs, meeting categories, mouse movements, engagement, and browser behavior.
  • Meeting information: Notes, questions, and discussions from meetings, including specific customer needs.
  • Recordings: Video and audio recordings of meetings, including voice and image.

Legal basis for processing:

Legitimate interest (Article 6.1(f) GDPR).

The processing is based on our legitimate interest in documenting and analyzing customer meetings to strengthen customer relationships and improve our services.

In our balancing test, we have assessed that our legitimate interest in documenting and analyzing customer meetings to strengthen customer relationships and improve our services outweighs your interest and fundamental rights not to have your personal data processed.

If you would like more information on how we have made this assessment or wish to object to it, you are welcome to contact us using the contact details provided here.

Storage time: Meeting notes and video recordings are retained for up to 12 months. After this period, meeting notes are pseudonymized and used for analysis at an aggregated level for an additional 12 months, while recordings are deleted entirely.

Who has access to your personal data and why

We will share your personal data with our data processors who only process your personal data on our behalf. This means that we are responsible for the processing of personal data that our data processors carry out. We share your personal data with the following categories of data processors:

  • other companies within the same group as Stratsys AB to enable us to operate our business in the most efficient way; and
  • Our IT service providers, e.g., for specific functions, hosting, and management of meeting information. This includes providers offering tools for documentation and analysis of customer meetings, such as Meetric, which process personal data under our instructions and on our behalf. We only share your personal data with our IT providers if it is necessary for them to fulfill their obligations to us under the agreement we have with them.

If you have any questions about how we share your personal data, please contact us at the contact details provided here.

Where your personal data is processed

As a main rule, we and our suppliers and partners with whom we share your personal data only process your personal data within the EU/EEA. We have taken all commercially possible measures to ensure that personal data processing takes place within the EU/EEA where possible.

Some of our IT providers are based outside the EU/EEA. This also applies to providers used for managing and analyzing meeting information, such as Meetric. However, we have sought to protect your personal data and minimize the risk of it being transferred outside the EU/EEA by ensuring it is processed only on the provider's servers within the EU/EEA. In exceptional cases, there is still a risk that your personal data may be transferred to the country where our providers are based.

In the above situations, such transfers are conducted only in accordance with applicable data protection legislation. This means that we will transfer your personal data outside the EU/EEA only when we can ensure an appropriate level of protection for your personal data. We will transfer your personal data in accordance with the Standard Contractual Clauses (Article 46.2(c) GDPR), Module 2 (controller to processor), along with any necessary supplementary measures to ensure the processing is safe and secure. You can find the standard contractual clauses here.

If you want to know more about the safeguards we implement for transfers of personal data, you are always welcome to contact us at the contact details provided here.

When you visit our social media

Below you can read more about how Stratsys AB ("Stratsys", "we" and "us") handle your personal information when you visit our social media page or otherwise contact us via our social media (such as Facebook and LinkedIn). We also recommend that you read the information provided by the social media platform itself.

When we process your personal information, you have certain rights. This means that you have the right to receive confirmation as to whether we are processing your personal information and further information if that is the case (the right of access), the right to request that we delete your personal information, the right to have your personal information corrected, the right to object to our processing of your personal information, the right to restriction of processing of personal information and the right to lodge a complaint with a supervisory authority (the competent supervisory authority in Sweden is Integritetsskyddsmyndigheten). You can read more about your rights here.

If you have any questions about how we process your personal information or want to exercise any of your rights, you are welcome to contact us. Our contact information is provided here.

Where we get your personal information from

We process personal information about you that we either receive directly from you or from the social media platform you use.

 

Detailed description of personal information processing

Purpose: To communicate through and administer our social media channels.

Processing activities performed

  • Communicate with you through our social media channels (such as Facebook and LinkedIn)
  • Administer how you interact with others through our social media, e.g. if you share a post we have made

 

Personal data processed

  • Name
  • Contact details if you provide them to us, e.g. if your email address is linked to your account.
  • Username on social media.
  • Other information you share with us, e.g. through comments.

 

Legal basis for the processing

Legitimate interest (Article 6.1 f of the GDPR)

The processing is motivated by our legitimate interest in being able to administer and communicate with you via our social media channels.

In our balancing of interests, we have determined that our legitimate interest in carrying out the processing outweighs your interests and fundamental rights of not having your personal data processed.

If you want to know more about how we have made this assessment or object to it, please contact us using the contact information provided here.

 

Storage time: We continuously delete your personal information. Any comments or posts you make can be deleted at any time. We will remove posts or comments that violate the law or the rules of the platform where they were posted.

At Stratsys, we always strive to maintain a good relationship with you and answer any questions you may have. If you have any complaints or claims, we will process your personal data in connection with handling such complaints or claims. You can read more about how we handle your personal data in these cases here.

Who has access to your personal data and why

In order for us to conduct our business efficiently, we may share your personal data with other companies within the same group as Stratsys AB. We are responsible when we share your personal data and ensure that they are processed in a secure manner. In this case, the other companies within the same group as Stratsys AB will only process your personal data on our behalf.

The social media platforms you use to communicate with us will process personal data about you as a user. These social media platforms are responsible for certain processing of your personal data themselves.

If you have any questions regarding how we share your personal data, please contact us using the contact details we have provided here.

Where your personal data is processed

When you use social media to communicate with us (such as Facebook and LinkedIn), your personal data may be transferred to the USA because most of the social media we use are based there. Such transfers will only take place in accordance with applicable data protection legislation, which means that we will transfer your personal data outside the EU/EEA when we can ensure an appropriate level of protection for your personal data. We will transfer your personal data in accordance with the standard contractual clauses (Article 46.2 (c) GDPR), Module 1 (controller to controller) and Module 2 (controller to processor), together with supplementary measures. You can find the standard contractual clauses here.

If you want to know more about the protective measures we implement for transfers of personal data, you are always welcome to contact us using the contact details we have provided here.

When you visit our website

Below you can read more about how we at Stratsys AB ("Stratsys", "we", and "us") process your personal data when you visit our website. We will only use cookies for analysis and marketing as described below if you have consented to it when you visit our website. How we use cookies and similar technology and what you can do to change your cookie settings is described in our cookie information, which you can find here L. If you use the form on the website to contact us, we process your personal data as described here.

When we process your personal data, you have certain rights. This means that you have the right to confirm whether we process your personal data and additional information if that is the case (the right of access), the right to request that we delete your personal data, the right to have your personal data corrected, the right to withdraw your consent or object to our processing, the right to restriction of processing, the right to data portability, and the right to lodge a complaint with the supervisory authority (the competent supervisory authority in Sweden is Integritetsskyddsmyndigheten). You can read more about your rights here.

If you have any questions about how we process your personal data or want to use any of your rights, please contact us. Our contact details are provided here.

Where we get your personal data:

We process personal data that we collect directly from the device you use when you visit our website. If you consent, Google, Hotjar, Meta, LinkedIn, and Microsoft may also use some of the personal data they have previously collected.

Detailed description of personal data processing.

Purpose: To provide a functioning website.

Processing activities performed

  • Ensure that the website works in a satisfactory and secure manner. To do this, we use, among other things, Cloudflare, which collects information about your IP address. We do not use your IP address to actually identify you.
  • Adapt the website according to your use of it.
  • Provide our consent functionality using the Cookiebot service.

 

Personal data processed

  • IP address
  • Information about how you use the website
  • Information about your consent

 

Legal basis for the processing

Balancing of interests (Article 6.1 f of GDPR)

The processing is justified by our legitimate interest in being able to provide a well-functioning website.

In our balancing of interests, we have assessed that our legitimate interest in performing the processing outweighs your interests and fundamental rights not to have your personal data processed.

If you want to know more about how we have made this assessment or object to it, you are welcome to contact us using the contact information provided here.

 

Storage time: The personal data collected through cookies will be stored for three months after your visit to our website.

Purpose: To improve, customize, and analyze your use of our website.

Processing activities performed

  • Analyze how you use our website using cookies. We do this to improve functionality, customize the website to fit our visitors, and draw conclusions about our visitors.
  • To do this, we use an analytics service from Google Analytics, which uses a random ID to distinguish your device from other visitors and to confirm patterns in how our website is used. However, we do not know who you are.
  • For the same reason, we use Hotjar's analytics service, which records or films your activity on the website and creates heatmaps to show patterns in how the website is used. However, we do not know who you are.

 

Personal data processed

  • An encrypted version of your IP address that we at Stratsys cannot link to you as an individual.
  • Information about how you use the website, such as what you click on.

 

In addition, Google Analytics uses information about:

  • Which region in the country you are using our website from.
  • How many times you have visited the website, which gives us a basis for counting the total number of visitors to the website.
  • Your device/browser, such as your screen resolution.
  • Other information that Google has about you, such as information about which website you found us from.

 

Legal basis for the processing

Consent (Article 6.1a in GDPR)

For the personal data we process for analysis of your use of our website, we obtain your consent when you visit our website.

You have the right to withdraw your consent at any time. Your withdrawal of consent does not affect the lawfulness of processing before the consent is withdrawn.

You can avoid Google Analytics by downloading and installing this browser add-on.

Here you can read about how to avoid Hotjar tracking your activity.

 

Storage time: The personal data collected through cookies will be stored for six months and anonymized thereafter.

Google and Hotjar will continue to process your personal data as independent data controllers. You can read more about how long Google stores your personal data here and how long Hotjar processes your personal data here.

Purpose: To display customized marketing targeted to the company you work for.

Processing activities performed

  • To market our products by displaying offers and new products we believe would be of interest to you. We display personalized marketing to you on other websites and social media that you visit.
  • We may display offers using marketing services from Google, Meta (Facebook and Instagram), LinkedIn, and/or Microsoft (Bing). We do this based on analysis of our website by placing cookies or similar technology, as well as information that these parties have about you from previous interactions.

Personal data processed

  • IP address and other technical information about your device.
  • The region of the country from which you are accessing our website.
  • Information about how many times you have visited the website, which gives us an idea of the total number of visitors to the website.
  • Information about how you use the website, such as what you click on.

 

Legal basis for the processing

Consent (Article 6.1a of GDPR)

For the personal data we process for marketing purposes, we obtain your consent when you visit our website.

You have the right to withdraw your consent at any time. Your withdrawal of consent does not affect the lawfulness of processing prior to the withdrawal.

Here you can make choices about the advertising you see from Google, here you can find more information about your choices on Instagram, and here on Facebook under the "Ad Preferences" section, you can choose which advertising you want to see on Facebook. Here you can make choices about the advertising you see on LinkedIn.

Storage time: You will see marketing from us for six months from your visit to our website.

The marketing services we use will continue to process your personal data as independent data controllers. You can read about how long Google, Meta, LinkedIn, and Microsoft store your personal data in their respective privacy policies.

Profiling: We use automated decision-making, known as profiling, to show you the offers that best suit your organization and to provide customized marketing to your organization. The purpose is never to obtain information about you as a person or make decisions that affect you as an individual. Profiling is done so that we could not show or send offers and marketing that are not relevant to your organization. Profiling means that you do not receive offers and marketing that are not relevant to you or your organization. You have the right to object to profiling. You can read more about your right to object in the detailed description of your rights.


At Stratsys, we always strive to maintain a good relationship with you and answer any questions you may have. If you have any questions, complaints, or claims, we will handle your personal information in connection with handling such a complaint or claim. You can read more about how we process your personal information in these cases here.

Who has access to your personal information and why

We will share your personal information with our data processors who only process your personal information on our behalf. This means that we are responsible for the processing of personal data performed by our data processors. We share your personal information with the following categories of data processors:

  • other companies within the same group as Stratsys AB to be able to conduct our business in the most efficient way possible; and
  • our IT service providers, e.g., for specific functions and hosting, as well as the services we use to provide a functioning website. They process personal information on our behalf and on our instructions to ensure good and secure IT operations. We only share your personal information with our IT providers if it is necessary for them to fulfill their obligations to us under the agreement we have with them.

We also share your information with other cooperation partners who are our data processors for parts of the personal data processing but also responsible for certain processing of your personal information. Other cooperation partners are:

  • Google and Hotjar: If you visit our website and have consented to us analyzing your use of our website to improve its functionality and our offering; and
  • Google, LinkedIn, Facebook, and Microsoft: If you have consented to seeing relevant marketing on other sites that you visit.

If you have any questions regarding how we share your personal information, please feel free to contact us using the contact details provided here.

Where your personal information is processed

We and our suppliers and partners with whom we share your personal information generally only process your personal information within the EU/EEA. We have taken all commercially reasonable steps to ensure that personal data processing, where possible, takes place within the EU/EEA.

Your personal information will be transferred outside the EU/EEA in the following cases:

  • If our IT providers are based outside the EU/EEA, your personal information may be transferred to the country where the IT provider is based. However, we have attempted to protect your personal information and reduce the risk of it being transferred outside the EU/EEA by only storing your personal information on the IT provider's servers within the EU/EEA.
  • If you use our website and have consented to us using analytical services from Google Analytics and Hotjar, your personal information may be transferred to the United States because these companies or their subcontractors are based there. We have anonymized your personal information as much as possible to avoid your personal information being transferred outside the EU/EEA.
  • If you use our website and have consented to us using marketing tools from Google, LinkedIn, Facebook, and Microsoft, your personal data may be transferred to the USA because these companies are based there. We have anonymized your personal data as much as possible to avoid your personal data being transferred outside the EU/EEA.

In the above situations, such transfers only occur in accordance with applicable data protection legislation, which means that we will transfer your personal data outside the EU/EEA when we can ensure an appropriate level of protection for your personal data. We will transfer your personal data according to the standard contractual clauses (Article 46.2 (c) GDPR), Module 1 (controller to controller) and Module 2 (controller to processor), together with supplementary measures. You can find the standard contractual clauses here.

If you want to know more about the supplementary measures we implement for transfers of personal data, you are always welcome to contact us using the contact information we have provided here.

When you participate in any of our events

Below you can read more about how we at Stratsys AB ("Stratsys", "we", and "us") process your personal data when you participate or have participated in any of our events.

When we process your personal data, you have certain rights. This means that you have the right to receive confirmation as to whether or not we are processing your personal data and further information if so (the right of access), the right to request that we delete your personal data, the right to have your personal data corrected, the right to object to our processing, the right to restriction of processing, the right to withdraw your consent, the right to data portability, and the right to lodge a complaint with a supervisory authority (the competent supervisory authority in Sweden is Integritetsskyddsmyndigheten). You can read more about your rights here.

If you have any questions about how we process your personal data or wish to exercise any of your rights, you are welcome to contact us. Our contact information is provided here.

Where we obtain your personal data

We process personal data about you that we either receive directly from you or from the company you represent.

 

Detailed description of the processing of personal data

Purpose: To be able to organize various types of digital and physical events as well as evaluate our events.

Processing activities performed

  • Organizing events
  • Communication with you as a visitor or speaker before and during the event

Personal data processed

  • Name
  • Email address
  • Phone number
  • Position and information about the organization you work for
  • Information about your dietary preferences if you have provided it

 

Legal basis for the processing

Legitimate interest (Article 6.1 f of GDPR)

The processing is justified by our legitimate interest to be able to organize events.

Consent (Article 6.1 a of GDPR)

If we process sensitive personal data about you, we obtain your consent.

You have the right to withdraw your consent at any time. Your withdrawal of consent does not affect the lawfulness of processing before consent was withdrawn.

 

Processing activities performed

  • Send requests to participate in evaluations, e.g. after you have met us at one of our events or participated in one of our webinars
  • Manage the responses you provide in the evaluation
  • Compile statistics on the results of our evaluations

 

Personal data processed

  • Name
  • Email address
  • Information you provide in the evaluation

 

Legal basis for the processing

Legitimate interest (Article 6.1 f of GDPR)

The processing is justified by our legitimate interest to be able to contact you for evaluation of the events that we organize.

 

Storage time: We store your personal data until the event is completed. However, a participant list containing your name and contact information will be saved for twelve months after the event for the purpose of following up on your participation in the event and for organizing similar events in the future.

In cases where we have sent you an evaluation after an event and you have responded to it, we will store the result of the evaluation for twelve months after you have answered it. We will stop sending evaluations if you object to receiving them.

We at Stratsys always strive to maintain a good relationship with you and answer any questions you may have. If you have any complaints or claims, we will process your personal data in connection with handling such a complaint or claim. You can read more about how we process your personal data in these cases here.

Who has access to your personal data and why

We will share your personal data with our data processors who only process your personal data on our behalf. This means that we are responsible for the processing of personal data that our data processors perform. We share your personal data with the following categories of data processors:

 

  • Other companies within the same group as Stratsys AB to be able to conduct our business in the most efficient way; and
  • Our IT service providers, for specific functions and hosting, which will process the personal data on our behalf and on our instructions to ensure good and secure IT operations. We only share your personal data with our IT providers if it is necessary for them to fulfill their obligations to us under the agreement we have with them.

 

If we arrange events in collaboration with a partner, we also share your information with the partner for the event, which is our data processor for parts of the data processing but also responsible for certain processing of your personal data.

If you have any questions regarding how we share your personal data, please contact us at the contact information we have provided here.

Where your personal data is processed

As a general rule, we and our vendors and partners who we share your personal data with process your personal data only within the EU/EEA. We have taken all commercially reasonable measures to ensure that personal data processing takes place within the EU/EEA whenever possible.

Your personal data will be transferred outside the EU/EEA if our IT vendors are based outside the EU/EEA. However, we have tried to protect your personal data and reduce the risk of it being transferred outside the EU/EEA by only storing your personal data on the IT vendor's servers within the EU/EEA.

In the above situations, such transfer occurs only in accordance with applicable data protection laws, which means that we will transfer your personal data outside the EU/EEA when we can ensure an appropriate level of protection for your personal data. We will transfer your personal data according to the standard contractual clauses (Article 46.2(c) GDPR), Module 2 (data controller to data processor), along with supplementary measures. You can find the standard contractual clauses here.

If you want to know more about the supplementary measures we implement for transfers of personal data, you are always welcome to contact us at the contact details provided here.

 

Legitimate interest

As stated above, we process some of your personal data based on legitimate interest as the legal basis for processing. In our balancing of interests, we have assessed that our legitimate interest in carrying out the processing outweighs your interest and basic rights not to have your personal data processed. What constitutes our legitimate interest is shown in the table above.

If you want to know more about how we have made this assessment or object to it, you are welcome to contact us at the contact details provided here.

When using Stratsys' products and/or receiving customer service

Below you can read more about how we at Stratsys AB ("Stratsys", "we" and "us") process your personal data when you use our products and/or receive customer service from us. The information that is stored, for example, when using Stratsys products, is the organization you represent, such as your employer, responsible for personal data.

When we process your personal data, you have certain rights. This means that you have the right to receive confirmation as to whether we process your personal data and further information if this is the case (the right of access), the right to request that we delete your personal data, the right to have your personal data corrected, the right to object to our processing, the right to restriction of processing and the right to lodge a complaint with a supervisory authority (the competent supervisory authority in Sweden is Integritetsskyddsmyndigheten). You can read more about your rights here.

If you have any questions about how we process your personal data or wish to exercise any of your rights, you are welcome to contact us. Our contact details are provided here.

Where we obtain your personal data from

We process personal data about you that we either receive directly from you or from the organization you represent.

 

Detailed description of the processing of personal data

Purpose: To provide customer service and support and follow up on the same

Processing activities performed

  • Answer and manage customer service cases, such as handling complaints or error reports.
  • Respond to and manage support cases via our chat function.
  • Follow up on customer service cases and send out surveys to evaluate your satisfaction with the support.
  • Send out messages, such as via email, regarding service disruptions


Personal data processed

  • Customer number
  • Contact information such as email address and phone number
  • Information you provide to us


Legal basis for the processing

Legitimate interest (Article 6.1 f in GDPR)

The processing is motivated by our legitimate interest in being able to maintain and improve our customer service towards our customers.

In our balancing of interests, we have assessed that our legitimate interest in carrying out the processing outweighs your interests and fundamental rights not to have your personal data processed.

If you want to know more about how we have made this assessment or object to it, you are welcome to contact us using the contact information provided here.

 

Storage time: The information associated with a specific case is stored during the contract period. We have a procedure to ensure that our staff only access personal data when it is absolutely necessary. Additionally, we make sure to regularly delete any sensitive personal data that you may have provided to us.

We keep your personal data to send out surveys and evaluate your satisfaction with the support until we have sent out the survey and compiled the results. The survey is sent out after your support case has been closed. The results of the survey are then stored in aggregated form for 24 months.

However, we will stop storing your personal data if we become aware that you no longer represent the organization.

 

Purpose: To improve our products and onboarding process, and follow up on the same

Processing activities performed

  • Analyze how your and other devices use the product to improve our products
  • Analyze how your and other devices use the product to provide you with helpful information.
  • Follow up on our onboarding training sessions and send out surveys to evaluate your satisfaction with our onboarding


Personal data processed

  • Name
  • User ID
  • Your device activity when using the product
  • E-mail address


Legal basis for the processing

Legitimate interest (Article 6.1 f of GDPR)

The processing is justified by our legitimate interest in being able to develop our products and onboarding, as well as providing you with helpful information regarding the use of our products.

In our balancing of interests, we have assessed that our legitimate interest in carrying out the processing outweighs your interest and fundamental rights not to have your personal data processed.

If you want to know more about how we have made this assessment or object to it, please contact us using the contact details provided here.


Storage time: To develop and improve our products, personal data is stored in pseudonymized form for twelve months. After that, the personal data is stored at an aggregated level.

We store your personal data to send out surveys and evaluate your satisfaction with our onboarding until we have sent the survey and compiled the results. The survey is sent after the onboarding is completed. The survey results are then stored at an aggregated level for 24 months.


We at Stratsys always strive to maintain a good relationship with you and your organization and to answer any questions you or your organization may have. If you or your organization have any complaints or claims, we will process your personal data in connection with handling such complaints or claims. You can read more about how we process your personal data in these cases here.

Who has access to your personal data and why

We will share your personal data with our data processors who only process your personal data on our behalf. This means that we are responsible for the processing of personal data carried out by our data processors. We share your personal data with the following categories of data processors:

  • Other companies within the same group as Stratsys AB in order to conduct our business in the most efficient way;
  • Our IT service providers, for example for specific functions and hosting, who will process the personal data on our behalf and according to our instructions to ensure good and secure IT operations. We only share your personal data with our IT providers if it is necessary for them to fulfill their obligations towards us under the agreement we have with them;
  • We analyze how our products are used with the help of an analytics service that provides us with overall information on how devices use the products to improve their functionality and to provide you with helpful user information; and
  • HubSpot, which provides our support service.


If you have any questions regarding how we share your personal data, please contact us using the contact information provided here.

Where your personal data is processed

As a general rule, we and our vendors and partners with whom we share your personal data process your data within the EU/EEA. We have taken all commercially reasonable measures to ensure that, whenever possible, the processing of personal data takes place within the EU/EEA.

 

Your personal data may be transferred outside the EU/EEA in the following cases:

  • If our IT providers are based outside the EU/EEA. However, we have tried to protect your personal data and minimize the risk of it being transferred outside the EU/EEA by only storing your personal data on the IT provider's servers within the EU/EEA.
  • When we analyze how our products are used with the help of an analytics service, your personal data may be transferred to the USA because our provider is based there. However, we have tried to protect your personal data and minimize the risk of it being transferred outside the EU/EEA by only storing your personal data on the provider's servers within the EU/EEA.
  • If you use our support, your personal data may be transferred to the USA because HubSpot is based there.

 

In the above situations, such transfers will only occur in accordance with applicable data protection legislation, which means that we will transfer your personal data outside the EU/EEA when we can ensure an adequate level of protection for your personal data. We will transfer your personal data in accordance with the standard contractual clauses (Article 46.2(c) GDPR), Module 2 (Controller-to-processor), together with supplementary measures. You can find the standard contractual clauses here.

If you want to know more about the supplementary measures we implement for transfers of personal data, you are always welcome to contact us at the contact details provided here.

When receiving newsletters and other marketing from us

Below you can read about how we at Stratsys AB ("Stratsys", "we" and "us") process your personal data to send newsletters and market ourselves to you. We will use cookies that analyze how you open our newsletters and what you click on. How we use cookies and similar technologies and what you can do to change your cookie settings is described in our cookie information which you can find here.

When we process your personal data, you have certain rights. This means that you have the right to receive confirmation as to whether or not we process your personal data and further information if we do (right of access), the right to request that we erase your personal data, the right to have your personal data corrected, the right to withdraw your consent or object to our processing, the right to restrict the processing of your personal data, the right to data portability and the right to lodge a complaint with a supervisory authority (the competent supervisory authority in Sweden is Integritetsskyddsmyndigheten). You can read more about your rights here.

If you have any questions about how we process your personal data or want to exercise any of your rights, you are welcome to contact us. Our contact information is provided here.

Where we get your personal data from

We process personal data about you that we either receive directly from you or from the organization you represent. To obtain updated information about who represents a company or organization we are interested in working with, we use information from sources such as the Bolagsverket, your organization's website, and LinkedIn.

 

Detailed description of the processing of personal data.

Purpose: Send newsletters and other marketing materials

Marketing to customers

Processing activities performed

  • Sending newsletters with relevant marketing and information to you who work for an organization that is our customer, for example, if you use our products.

Personal data processed

  • Name
  • Email address
  • Position and information about the organization you work for


Legal basis for the processing

Legitimate interest (Article 6.1 f of GDPR)

The processing is motivated by our legitimate interest to send you relevant marketing and information.

 

Marketing to potential customers

Processing activities performed

  • Contact and market ourselves to the organization you represent through email, LinkedIn, and calls, including sending newsletters and information to you as an employee of a potential customer organization (i.e., a lead).

Personal data processed

  • Name
  • Position and information about the organization you work for
  • Email address
  • Information from e.g. Bolagsverket, your organization's website and LinkedIn
  • Information you provide to us during our conversations, emails, etc.


Legal basis for the processing

Legitimate Interest (Article 6.1 f in GDPR)

The processing is motivated by our legitimate interest to send you relevant marketing and information.


If you have booked a demo

Processing activities performed

  • Send newsletters, information, and provide a demo to you who have booked a demo through our website
  • Call you who have booked a demo.

Personal data processed

  • Name
  • Email address
  • Phone number


Legal basis for the processing

Legitimate Interest (Article 6.1 f in GDPR)

The processing is motivated by our legitimate interest to send you relevant marketing.

 

If you have chosen to subscribe to our newsletter:

Processing activities performed

Send newsletters to you when you have chosen to subscribe to news via our website

 

Personal data processed

  • Email address

 

Legal basis for the processing

Consent (Article 6.1a in GDPR)

We obtain your consent to send marketing and newsletters to you with offers and information that you have indicated that you want.

You can withdraw your consent at any time. Your withdrawal of consent does not affect the lawfulness of processing before the consent is withdrawn.

 

Analysis of all our newsletters

Processing activities performed

  • Analyze how you open our newsletters and what you click on in them in order to improve and develop our marketing and newsletters.


Personal data processed

  • Information about how you open our newsletters
  • IP address
  • Email address

Legal basis for the processing

Legitimate Interest (Article 6.1 f in GDPR)

The processing is justified by our legitimate interest in being able to improve our newsletters and marketing.

Consent (Article 6.1 a in GDPR)

If you have chosen to subscribe to our news, we obtain your consent to analyze how you open our newsletters and what you click on in order to improve and develop them.

You can revoke your consent at any time. Your revocation of consent does not affect the lawfulness of processing prior to the revocation.

 

Storage time: We use your personal data to market to your organization for twelve months from our last contact or from the time your organization ceased to be our customer. In exceptional cases, the following applies:

  • Marketing to potential customers without prior contact with us: We will keep your personal data for three months from the date we collect it unless we have any further contact with you.
  • If you have chosen to subscribe to our newsletter: You will receive newsletters from us until you choose to unsubscribe.

You can decline marketing from us at any time. If you decline, your personal data will be stored in our "unsubscribe register" until further notice.

Profiling: We use automated decision-making, also known as profiling, to provide personalized marketing and information. Profiling is done because we would not otherwise be able to show or send relevant information and marketing specifically for you. You have the right to object to profiling. You can read more about your right to object to our processing of your personal data in the section that deals with your rights.

 

Purpose: Stop sending marketing

Processing activities performed

  • If you have indicated that you do not wish to receive our marketing, we will store a note of it in an "unsubscribe register" to ensure that we do not market to you.


Personal data processed

  • Email address

Legal basis for the processing

Legal obligation (Article 6.1.c in GDPR)

We have an obligation under the Marketing Act to ensure that you do not receive mailings that you have requested not to receive.

You must provide us with these personal data. If you do not, we cannot unsubscribe you from our marketing mailings.

Storage time: You will be listed in our ”unsubsrcribe register” indefinitely.

At Stratsys, we always strive to maintain a good relationship with you and your organization and respond to any questions you or your organization may have. If you or your organization have any questions, complaints, or claims, we will process your personal data in connection with handling such a complaint or claim. You can read more about how we process your personal data in these cases here.

Who has access to your personal data and why

We will share your personal data with our data processors who only process your personal data on our behalf. This means that we are responsible for the processing of personal data that our data processors carry out. We share your personal data with the following categories of data processors:

  • Other companies within the same group as Stratsys AB in order to conduct our business in the most efficient way;
  • Our IT vendors, e.g. for specific functions and hosting, who will process the personal data on our behalf and according to our instructions to ensure good and secure IT operations. We only share your personal data with our IT vendors if it is necessary for them to fulfill their obligations to us under the agreement we have with them; and
  • To HubSpot which provides our CRM system for managing our relationship and for sending newsletters.

 

If you have any questions regarding how we share your personal data, please contact us using the contact information provided here.

Where your personal data is processed

As a general rule, we and our suppliers and partners with whom we share your personal information only process your personal data within the EU/EEA. We have taken all commercially reasonable measures to ensure that data processing, when possible, takes place within the EU/EEA.

Your personal data may be transferred outside the EU/EEA in the following cases:

  • When we have a relationship with you, such as a customer or potential customer, data transfer may be made to the USA because HubSpot is based there.

  • If you receive newsletters, data transfer may be made to the USA when we use HubSpot because they are based there.

 

In the above situations, such transfer only takes place in accordance with applicable data protection legislation, which means that we will transfer your personal data outside the EU/EEA when we can ensure an appropriate level of protection for your personal data. We will transfer your personal data in accordance with the standard contractual clauses (Article 46.2(c) GDPR), Module Two, together with supplementary measures. You can find the standard contractual clauses here.

If you want to know more about the supplementary measures we implement for transfers of personal data, you are always welcome to contact us using the contact information provided here.

 

Legitimate interest

As stated above, we process some of your personal data on the basis of a legitimate interest as the legal basis for processing. In our balancing of interests, we have assessed that our legitimate interest in carrying out the processing outweighs your interest and fundamental rights in not having your personal data processed. What our legitimate interest is can be found in the table above.

If you want to know more about how we made this assessment or object to it, you are welcome to contact us using the contact information provided here.

When we contact you as a representative of our customer, potential customer, supplier or partner

Below you can read how we at Stratsys AB ("Stratsys", "we" and "us") process your personal data to administer our relationship with you or the organization you represent as a customer or potential customer, supplier or partner, for example, to enter into agreements.

We send information about our services and products to customers and potential customers. Read more about our information and marketing here.

When we process your personal data, you have certain rights. This means that you have the right to receive confirmation as to whether or not we process your personal data and further information about it (the right of access), the right to request that we erase your personal data, the right to have your personal data corrected, the right to object to our processing, the right to restrict the processing of your personal data, and the right to file a complaint with the supervisory authority (the competent supervisory authority in Sweden is Integritetsskyddsmyndighen). You can read more about your rights here.

If you have any questions about how we process your personal data or want to exercise any of your rights, please contact us. Our contact information is provided here.

Where we obtain your personal data

We process personal data about you that we either receive directly from you or from the organization you represent. To obtain updated information about who represents a company or organization that we are interested in working with, we use information from sources such as the Bolagverket, your organization's website and from LinkedIn.

 

Detailed description of the processing of personal data

Purpose: To communicate with you as a potential customer

Processing activities performed

  • Communicate with you as a representative of a potential customer.
  • Retrieve information about contact persons from potential customers, for example, fromBolagverket, your organization's website, or LinkedIn.

We send newsletters to certain contact persons at our potential customers. Learn more about our newsletters and marketing here.


Personal data processed

  • Name
  • Position and information about the organization you work for.
  • Contact information, such as your email address and/or phone number.
  • Information from sources such as the Bolagsverket, your organization's website, or LinkedIn.
  • Information that you provide to us during our conversations, email messages, etc.

Legal basis for the processing

Legitimate interest (Article 6.1 f of GDPR).

The processing is motivated by our legitimate interest in being able to communicate with potential customers.

In our balancing of interests, we have assessed that our legitimate interest in carrying out the processing outweighs your interest and fundamental rights not to have your personal data processed.

If you want to know more about how we have made this assessment or object to it, you are welcome to contact us using the contact information provided here.

 

Storage time: We will stop contacting you and no longer keep your personal information if you have been inactive for:

  • Twelve months, or
  • Three months if we have collected your personal information without any prior contact with you or the organization you represent.


If the organization you represent becomes a customer of ours, we will keep your personal information for a longer period, as stated in the retention periods below. However, we will always stop storing your personal information if we become a,ware that you no longer represent the organization.

 

Purpose: To communicate with you and fulfill our agreements

Processing activities performed

  • Discuss/negotiate, enter into, and fulfill agreements with the organization you represent.

We send newsletters to certain contact persons at our customers. Learn more about our newsletters and marketing here.


Personal data processed

  • Name
  • Position and information about the organization you work for.
  • Contact information, such as your email address and/or phone number.
  • Information that you provide to us during our conversations, email messages, etc.

Legal basis for the processing

Legitimate interest (Article 6.1 f of GDPR).

The processing is justified by our legitimate interest in being able to enter into, negotiate, and fulfill our agreements, as well as to communicate with you as a representative of your organization.

In our balancing of interests, we have assessed that our legitimate interest in carrying out the processing outweighs your interest and basic rights of not having your personal data processed.

If you want to know more about how we have made this assessment or want to object to it, you are welcome to contact us at the contact information provided here.

 

Storage time: We will keep your personal information until the agreement with the organization you represent has ceased and the obligations under the agreement are otherwise fulfilled. However, we will stop storing your personal information if we become aware that you no longer represent the organization. Some of your personal information is also stored for a longer period to comply with requirements in accounting law. See this storage period below.

 

Purpose: To comply with the rules of the accounting act

Processing activities performed

  • To comply with accounting legislation


Personal data processed

  • Name, payment history, transactions, and other documents that constitute accounting material.

Legal basis for the processing

Legal obligation (Article 6.1c in GDPR)

The processing is necessary to comply with a legal obligation, i.e. the Accounting ActS.


Storage time: The data is stored for seven years from the end of the financial year in accordance with the Accounting Act.

We at Stratsys always strive to maintain a good relationship with you and your organization and answer any questions you or your organization may have. If you or your organization have any complaints or claims, we will process your personal data in connection with handling such complaints or claims. You can read more about how we process your personal data in these cases here.

Who has access to your personal data and why

We will share your personal data with our data processors who only process your personal data on our behalf. This means that we are responsible for the processing of personal data that our data processors carry out. We share your personal data with the following categories of data processors:

  • other companies within the same group as Stratsys AB in order to conduct our business in the most efficient way;
  • our IT service providers, for example, for specific functions and hosting, who will process the personal data on our behalf and according to our instructions to ensure good and secure IT operations. We only share your personal data with our IT service providers if it is necessary for them to fulfill their obligations to us according to the agreement we have with them; and
  • HubSpot, which provides our CRM system to manage our relationship.

 

If you have any questions about how we share your personal data, please contact us using the contact details we have provided here.

Where your personal data is processed

As a general rule, we and our suppliers and partners with whom we share your personal data only process your personal data within the EU/EEA. We have taken all commercially reasonable steps to ensure that personal data processing takes place within the EU/EEA whenever possible.

Your personal data will be transferred outside the EU/EEA in the following cases:

  • If our IT suppliers are based outside the EU/EEA. However, we have attempted to protect your personal data and reduce the risk of it being transferred outside the EU/EEA by only storing your personal data on the IT supplier's servers within the EU/EEA.
  • When we have a relationship with you, such as a customer or potential customer, transfers may be made to the USA because HubSpot is based there.

 

In the above situations, such transfer will only take place in accordance with applicable data protection laws, which means that we will transfer your personal data outside the EU/EEA when we can ensure an appropriate level of protection for your personal data. We will transfer your personal data in accordance with the standard contractual clauses (Article 46.2(c) of the GDPR), Module 2 (controller-to-processor), together with supplementary measures. You can find the standard contractual clauses here.

If you want to know more about the supplementary measures we implement for transfers of personal data, you are always welcome to contact us at the contact information we have provided here.

Detailed description of your rights

You have certain rights regarding the processing of your personal data by Stratsys AB ("Stratsys", "we" and "us"). Below you will find a more detailed description of your various rights.

To exercise your rights, please contact us at the contact details provided in this privacy policy.

Right to lodge a complaint with the supervisory authority (Article 77 of the GDPR)

You have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data is in breach of the GDPR. In Sweden, the supervisory authority is Integritetsskyddsmyndigheten.

In detail. Your right to lodge a complaint applies in the event that it does not affect any other administrative or legal remedy. Such a complaint is preferably submitted to the authority in the Member State where you have your habitual residence, where you work or where an alleged infringement of applicable data protection laws and regulations has occurred.

The supervisory authority has a duty to inform you of the progress and outcome of the complaint, including informing you of the possibility of seeking judicial remedy.

Right to withdraw consent (Article 7.3 of GDPR)

You have the right to withdraw your consent at any time by contacting us.

In detail, your withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

Right of access (Article 15 of GDPR)

You have the right to obtain confirmation as to whether or not we process your personal data. You can make a request by contacting us. If we process your personal data, you also have the right to obtain a copy of the personal data we process, as well as information about the processing.

In detail, the information we provide you with access to includes:

  • the purposes of the processing
  • the categories of personal data concerned
  • the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations
  • where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period
  • the existence of the right to request from us rectification or erasure of personal data or restriction of processing of personal data concerning you or to object to such processing
  • the right to lodge a complaint with a supervisory authority
  • where the personal data are not collected from you, any available information as to their source
  • the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) of GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing
  • if the personal data are transferred to a third country or to an international organization, you have the right to be informed of the appropriate safeguards pursuant to Article 46 of GDPR relating to the transfer.

You have the right to receive a copy of the personal data being processed by us. For any additional copies requested by you, we may charge a reasonable fee based on our administrative costs. If you have requested the information electronically, you will receive it in a commonly used electronic format unless you request otherwise.

Your right to request copies as described above shall not adversely affect the rights and freedoms of others.

A request can be made by contacting us at our contact information which can be found here.

Right to object (Article 21 of GDPR)

You have the right to object to the processing of your personal data at any time.

In detail. Your right to object applies as follows:

  • You have the right to object, on grounds relating to your particular situation, to the processing of your personal data based on Article 6.1(e) or 6.1(f) of the GDPR, including profiling based on those provisions. If you object, we will no longer process your personal data, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms or for the establishment, exercise, or defense of legal claims.
  • If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing. If you object to processing for direct marketing purposes, you have an unconditional right to have your personal data processed for such purposes ceased.

Right to erasure ("right to be forgotten") (Article 17 of GDPR)

You have the right to have your personal data erased by us without undue delay.

In detail. We have an obligation to erase personal data without undue delay where one of the following grounds applies:

  • the personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed;
  • you withdraw your consent on which the processing is based, and there is no other legal ground for the processing;
  • you object to the processing pursuant to Article 21.1 of the GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Article 21.2 of the GDPR;
  • the personal data has been unlawfully processed;
  • the personal data must be erased for compliance with a legal obligation in Union or Member State law to which we are subject; or
  • the personal data has been collected in relation to the offer of information society services referred to in Article 8.1 of the GDPR.

 

Where we have made the personal data public and are obliged pursuant to the above to erase the personal data, we, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform other controllers processing the personal data that you have requested erasure by such controllers of any links to, or copy or replication of, those personal data.

We will notify each recipient to whom the personal data has been disclosed of any erasure of personal data as described above, unless this proves impossible or involves disproportionate effort. If you would like information about these recipients, please contact us.

Note that our obligation to erase as described above does not apply to the extent that processing is necessary for the following reasons:

  • for exercising the right of freedom of expression and information;
  • for compliance with a legal obligation which requires processing by Union or Member State law to which we are subject; or

for the establishment, exercise, or defense of legal claims.

Right to rectification (Article 16 of GDPR)

You have the right to have inaccurate personal data concerning you rectified without undue delay.

In detail: Taking into account the purposes of the processing of your personal data, you also have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

We shall communicate any rectification of personal data to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort. If you want to know about these recipients, please contact us.

Right to restriction of processing (Article 18 of GDPR)

You have the right to obtain restriction of the processing of your personal data.

In detail. Your right applies if:

  • you contest the accuracy of the personal data (for a period enabling us to verify the accuracy),
  • you have objected to processing pursuant to Article 21(1) of the GDPR pending the verification whether the legitimate grounds of the controller override those of the data subject,
  • the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead, or
  • you need the personal data for the establishment, exercise or defence of legal claims even though we no longer need the personal data for the purposes of the processing.

If processing has been restricted in accordance with the above, such personal data, apart from storage, may only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State. We shall inform you before the restriction of processing is lifted.

We shall communicate any restriction of processing to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort. If you want to know about these recipients, please contact us.

Right to data portability (Article 20 of GDPR)

You have the right to receive your personal data in a structured, commonly used and machine-readable format from us. You also have the right to have your personal data transmitted directly from us to another controller, where technically feasible ("data portability").

In detail: The right to data portability applies to personal data you have provided to us in a structured, commonly used and machine-readable format where:

  • the processing is based on consent or on a contract, and
  • the processing is carried out by automated means.

Your right to data portability does not affect your right to erasure pursuant to Article 17 of GDPR. Your right to data portability shall not adversely affect the rights and freedoms of others.