People Heart Business 2023
1. INTRODUCTION
We are under an obligation to protect the confidentiality, integrity and accessibility of our customers’, suppliers’, partners’, and employees’ data, including personal data. Your privacy is very important for us at People Heart Business AB (“People Heart Business”). We take your privacy and personal data protection seriously and our aim is for you to feel safe with our processing of your personal data.
Protecting personal data is essential to us, and we are continuously working on ensuring compliance with applicable data protection legislation, including the General Data Protection Regulation (GDPR).
By way of this Privacy Policy, we want to inform you about how we ensure that your personal data is processed in accordance with applicable law. This Privacy Policy describes which personal data we collect, how your personal data is processed and for what purposes we collect and use the personal data. This Privacy Policy also describes your rights and how you can invoke them.
2. COLLECTED PERSONAL DATA
Personal data is all information which, directly or indirectly, can be referred to you as an individual. We do not collect more data than necessary to fulfil our purpose in accordance with our legal ground. Personal data shall be accurate, relevant, and collected for specified, explicit and legitimate purposes.
When using tools from a third party to collect data with the purpose of fulfilling and delivering the service agreed upon, e.g., IT-services, survey tools or assessment tools, we ensure that the third party is handling your data in line with applicable laws and regulations.
When participating in an anonymous survey conducted by People Heart Business, we do not collect any personal data.
3. OUR USE OF YOUR PERSONAL DATA
We use your personal data, where processing is necessary, with legitimate interest, your consent or to fulfil a contractual obligation. We do not use your data for other purposes than the specified, explicit and legitimate purposes.
Detailed information about our processing activities, including purposes of data processing, is described below in section 7. Processing activities.
4. OUR SHARING OF YOUR PERSONAL DATA
Your personal data is only shared within People Heart Business and with the client responsible for the service you, your manager or your organization has ordered with the purpose of fulfilling and delivering the service agreed upon. Personal data may also be shared with subcontractors who are directly involved in the customer project and service agreed upon.
We do not share or sell your personal data to any other third party.
When participating in an anonymous survey conducted by People Heart Business, we do not collect any personal data. Survey data is only collected, processed, and shared with the responsible client on group level with your anonymity strictly maintained.
5. FOR HOW LONG WILL WE PROCESS YOUR PERSONAL DATA?
We only keep your personal data for as long as it is necessary to fulfil the purpose for which it was collected in accordance with this Privacy Policy. Detailed information about our processing activities, including purposes of data processing, is described below in section 7. Processing activities. When we no longer need your personal data to fulfil the purpose described, we remove the data from our systems, databases, and backups.
6. YOUR RIGHTS
You have the right to receive information regarding which personal data we process about you and what we do with that data. You also have the right to a certain degree of control over your personal data. Therefore, in certain cases you have the right to receive a copy of your personal data, to have inaccurate data rectified or erased and request restriction of our processing. Furthermore, you have the right to withdraw your consent according to article 13 (2)(c) of GDPR.
If you consider that we process your personal data in an unlawful manner, you are always entitled to lodge a complaint with the supervisory authority.
7. PROCESSING ACTIVITIES
Customer and contract management
Purpose
Management of customer relations, including financial and contract administration.
Data subjects
Clients and customers, including their employees.
Categories of personal data
Non-sensitive personal data, i.e. name, position and contact details.
Legal basis
Processing is necessary in order for People Heart Business to pursue its legitimate interests in being able to manage contracts, invoice and evaluate the customer relationship, administer and manage our systems, statistics and business development, of GDPR, Article 6(1)(f).
Data subjects
The data subjects.
General consulting services, including coaching, team development, assessments, organizational development, leadership development
Purpose
To fulfil our project agreement with customers.
Data subject(s)
Clients and customers, including their employees, management, end customers, end users or suppliers.
Categories of personal data
Non-sensitive personal data, i.e. name, position and contact details.
Special categories of personal data, e.g. assessment reports of your abilities and performance and interview responses, will only be processed when needed to fulfil our project agreement with customers and will be based on consent.
Legal basis
Processing is necessary in order for People Heart Business to pursue its legitimate interests in being able to deliver consultancy services to its customers, to developing our business and services, of GDPR, Article 6(1)(f).
Data subjects
The data subjects.
Marketing and customer relationship management
Purpose
Marketing activities, including customer relationship management (CRM) system.
Data subject(s)
Customers and potential customers, including their employees.
Categories of personal data
Non-sensitive personal data, i.e. name, position and contact details., employer, relation to People Heart Business employees, participation in events and involvement in previous projects.
Legal basis
Processing is necessary in order for People Heart Business to pursue its legitimate interests in being able to manage and strengthen customer relations, developing our business and services, of GDPR, Article 6(1)(f).
People Heart Business can contact data subjects based on their consent for direct marketing. Data subjects have the right to object to personal data processing if we process the personal data based on legitimate interest for direct marketing purposes, of Article 21(2) of the GDPR.
Source
Customers, including customers’ employees, People Heart Business employees, and public sources such as linkedin.com.
Market research and industry surveys and interviews
Purpose
Gaining knowledge in a specific industry or business area for marketing and business development purposes.
Data subject(s)
Survey respondents, interviewees, e.g. experts or professionals within a specific industry.
Categories of personal data
Contact information, survey replies, interview replies.
Legal basis
Processing is necessary in order for People Heart Business to pursue its legitimate interests to strengthening our industry knowledge and developing our business and services, of GDPR, Article 6(1)(f).
Source
The data subjects
Management of suppliers and business partners
Purpose
Management of suppliers and business partners.
Data subject(s)
Suppliers and business partners, including their employees.
Categories of personal data
Non-sensitive personal data, i.e. name, position and contact details.
Special categories of personal data, e.g. assessment reports of your abilities, will only be processed when needed to fulfil our supplier or partner agreement and will be based on consent.
Legal basis
Processing is necessary in order for People Heart Business to pursue its legitimate interests in being able to evaluate the business relationships, of GDPR, Article 6(1)(f).
When the suppliers or business partner is a natural person, processing of personal data is necessary for the performance of contracts with the supplier or business partner, of GDPR, Article 6(1)(b).
Source
The data subjects
Event activities
Purpose
Administration of events, recruitment and marketing if relevant.
Data subject(s)
Applicants for events and participants in events.
Categories of personal data
Non-sensitive personal data, i.e. name, position and contact details., employer, relation to People Heart Business employees, participation in events and involvement in previous projects.
For recruitment purposes, read section Recruitment.
Legal basis
Processing is necessary in order for People Heart Business to pursue its legitimate interests in being able to evaluate the event, manage and strengthen customer relations, developing our business, of GDPR, Article 6(1)(f).
Source
The data subjects
Evaluation and service development
Purpose
Evaluation of the quality and efficiency of our services.
Data subject(s)
Clients and customers, including their employees, management, end customers, end users or suppliers.
Categories of personal data
Non-sensitive personal data, i.e. name, position and contact details.
Legal basis
Processing is necessary in order for People Heart Business to pursue its legitimate interests in being able to deliver consultancy services to its customers, to developing our business and services, of GDPR, Article 6(1)(f).
Source
The data subjects
Recruitment
Purpose
Administration of recruitment process for People Heart Business, identifying and evaluating candidates for potential employment as well as for future roles.
Data subject(s)
Job applicants and potential candidates for employment or partnership.
Categories of personal data
Non-sensitive personal data, i.e. name, position and contact details.
Sensitive data regarding personal abilities and performance, CV, interview replies.
Legal basis
Processing is necessary in order for People Heart Business to pursue its legitimate interests to recruit applicants to open positions at People Heart Business, of GDPR, Article 6(1)(f).
Source
The data subjects
8. Contact information
If you have any questions or need further information about our processing of your personal data or this data protection policy, do not hesitate to contact us:
privacy@peopleheartbusiness.com
+46 73508 6952