GDPR

Scope and update

We provide this policy with the guidelines to inform you how we handle personal data. The policy is for the protection of the rights and integrity required of us as a company and is based on the GDPR regulation (General Data Protection Regulation). This policy covers Brookhaven Instruments AB and only applies to external parties, there is a separate policy for employees.

What personal data is processed / stored and why

We process personal data when we have a legitimate interest or an otherwise legal basis for processing personal data. This is so that we can conduct our business and fulfill our obligations according to law and agreements to customers, suppliers, and other parties. We process personal data to maintain the business relationship, ensure guarantees, good service, follow-up, and information as well as marketing and customer analysis. We store contact information for newsletters and other similar mailings in accordance with the recipient’s approval.

Our starting point is not to process more personal data than is necessary and we always strive to use the least privacy-sensitive data. As the company does business with other companies, B2B, we have a very small need for personal information towards customers and suppliers. Sensitive personal data such as race, ethnic origin, political opinion, sexual orientation, religious or philosophical beliefs are never stored. Contact and personal information for people at our suppliers is small, but those available are mainly used to communicate purchases, price inquiries and technical issues.

Examples of the personal data that we process and store are: names, address, e-mail address, telephone number, function / title, contract-related correspondence. As companies are run as sole proprietorships, we also process social security numbers. Everyone has the right to oppose our use of personal data for direct marketing. When we collect personal data on an ongoing basis, we provide information about this and how to unregister. Photos of people, for example on marketing materials, social media or on the website are only published in cases where it has been reconciled and approved by the person in question. We do not store personal data for longer than we need based on legal requirements and / or legitimate interest. Deletion takes place when Brookhaven Instruments AB becomes aware that the information is no longer relevant for the purpose, or at the direct request of the contact persons.

Where and how personal data is stored

We store personal data in the business system, the CRM system, on computers and servers. Through the matrices and the mapping we have done, we consider ourselves to have good control and can thus show what data we have and where they are stored. This survey will form the basis for the data subject’s rights when requesting extracts from our registers or the right to be “forgotten”.

Rights of the data subject

When we collect or receive personal information in other ways than through a direct business relationship, we will inform about why and what it will be used for. For example, we can receive information in the following ways:

  • Information that people provide to us directly
  • Information that is registered via visits to our websites
  • Information that is registered upon request to our employees
  • Information via registration for our courses or seminars
  • Information via subscription to newsletters and other mailings
  • Information via telemarketing companies that have been approved by the customer to forward these.

Our starting point is not to disclose personal data to third parties unless there is consent to so or if it is not necessary to fulfill our obligations under agreement or law. Brookhaven may, for example, provide your personal information to third parties such as freight forwarders of our products.

You can unsubscribe at any time from newsletters or similar information sent to you. You can do this according to information in the mailing or at any time via e-mail to info@brookhaven.se. You have the right to revoke a given consent to the processing of personal data at any time. If your personal data is processed in violation of the Personal Data Act, you have the right to request that the personal data be corrected, blocked, or deleted. Once a year, you have the right to be informed of which personal data is processed about you, regardless of how it is collected. If you want such information, you must submit a written request to us. According to the Personal Data Act, the request must be sent in signed by you by post and can therefore not be sent by e-mail.

For service forms: When you contact us at BIA via forms on the website, and click on “Send”, you automatically give your approval (consent) for us to store your information. Remember that you have the right to request that the information about you be deleted, supplemented, or corrected.