GDPR-policy
Biomid AB is committed to complying with the General Data Protection Regulation (GDPR) and protecting the privacy and rights of individuals whose personal data we process in the course of our business activities. This GDPR policy outlines our commitment to GDPR compliance and the measures we undertake to ensure the protection of personal data.
This policy applies to all employees, contractors, and third parties who process personal data on behalf of Biomid AB.
Biomid AB adheres to the following principles of data protection as outlined in the GDPR: Lawfulness, fairness, and transparency in data processing. Limitation of processing to specified, explicit, and legitimate purposes. Minimization of data collection and processing to what is necessary for the intended purposes. Accuracy of data and ensuring it is kept up to date. Limitation of storage duration to what is necessary for the intended purposes. Integrity and confidentiality of data through appropriate security measures.
Biomid AB processes personal data for the following purposes: Employee management. Customer relationship management. Marketing and communication. Product development and improvement. Compliance with legal and regulatory requirements.
Biomid AB respects the rights of data subjects as outlined in the GDPR, including but not limited to: Right to access personal data. Right to rectification of inaccurate or incomplete data. Right to erasure (‘right to be forgotten’). Right to restriction of processing. Right to data portability. Right to object to processing. Right not to be subject to automated decision-making.
Biomid AB implements appropriate technical and organizational measures to ensure the security of personal data, including: Access controls to limit access to personal data to authorized personnel only. Encryption of personal data where appropriate. Regular security assessments and audits. Training and awareness programs for employees on data protection practices.
In the event of a data breach involving personal data, Biomid AB will: Immediately assess the severity and impact of the breach. Take necessary steps to mitigate the breach and prevent further unauthorized access. Notify the relevant supervisory authority and affected data subjects as required by the GDPR.
Biomid AB has appointed a Data Protection Officer (DPO) responsible for overseeing GDPR compliance and serving as a point of contact for data subjects and supervisory authorities.
Biomid AB regularly monitors and reviews its data processing activities to ensure compliance with the GDPR and updates this policy as necessary.
Biomid AB provides regular training and awareness programs to employees and contractors to ensure they understand their responsibilities regarding data protection and GDPR compliance.
For inquiries or concerns regarding data protection and GDPR compliance at Biomid AB, please contact: David Hedlund info@biomid.se
This GDPR policy is subject to periodic review and updates. The revision history will be maintained to document any changes made to the policy. [Version Number 1, Date of Last Revision 2024 02 26]