This is how we process your personal data
Promeister Solutions, organization number 559034–6929, with address Box 9217, 200 39 Malmö is responsible for personal data for the handling of your data within our course and training programs. If you have questions regarding our handling of your personal data or if you want to exercise any of your rights related to the handling of your personal data, you are welcome to contact our data protection representative: gdpr@mekonomengroup.com
What personal data we process about you
We process personal information provided by you in connection with you registering an account with Promeister or when you register for one of our courses. We also process personal data generated during the completion of training such as information on completed / not completed training and information on test results in completed tests.
Personal information that you provide to us or that we generate about you:
- Name: first and last name
- Contact information: address, e-mail address, telephone number.
- Login details: username, password
- Vehicle information: car registration number, car model.
- Information about your vehicle: distance traveled (meter reading), status of the car’s components and functions.
- Education history: completed educations, information about attendance.
- Order information: order history, information about ordered goods.
- Invoice reference for invoicing: name, participant presence.
- Information about your purchases and information about service performed: purchased items and services, amount, place of purchase, date and method of payment, discounts, information about repair and service performed.
- Social security number: (only for certification)
- Company code
- Test result
- Allergies
- Title
In addition to the information that you have provided to us or that we have collected from you, we do not collect any information from third parties.
How and why we use your personal information
We process information about you, for example because you have chosen to register a user account with us or because you have chosen to register for one of our courses. The personal data we collect about you is processed for the purposes and legal basis described in in the PDF page 2: Open ProMeister Privacy Policy 2020.
Processing of sensitive personal data and social security numbers
Some personal data are by nature particularly sensitive and are therefore covered by stronger protection. Of the information we process about you, social security numbers, allergies and information about your health are considered extra sensitive. We only process sensitive data for specific reasons below.
We process your social security number for the following reasons:
- To be able to carry out valid certifications via certification bodies.
We process information about your allergies for the following reasons:
- To provide a specially adapted diet at our training sessions to you who specify specific allergies.
Objection to treatment based on legitimate interest
You have the right to object to the processing of your personal data based on a legitimate interest. Continued processing of your personal data in such a case presupposes that we can show compelling legitimate reasons that outweigh your interests, rights and freedoms or whether it is for the determination, exercise or defense of legal claims.
* To be able to administer your user account and to be able to communicate with you before and during one of our trainings, we collect information about your name, contact information, your login information and information regarding our communication. The processing is necessary to satisfy our legitimate interest in having access to our education system and to help you if you have questions regarding education or problems when using our education system, which outweighs your interest in the protection of your personal data.
** In order to provide training, we collect information about your name, contact information, your social security number (only for certified training), information about any allergies, and your training history. The processing is necessary to satisfy our legitimate interest in providing training to you, which outweighs your interest in the protection of your personal data.
*** We always strive to be as relevant as possible in our communication to you. In order to send relevant offers to you regarding our courses and educations, we need to process your name, your contact information and your education history. We have made the assessment that there is a mutual need for relevant information and assess that the mutual need outweighs any risks for you as a registered person.
Who can we share your personal information with?
Personal Data Assistants
In cases where it is necessary for us to be able to offer our services, we share your personal information with companies that are personal data assistants for us. A personal data assistant is a company that processes personal data on our behalf and based on instructions from us. We have written agreements with all personal data assistants to ensure a correct and secure processing of the personal data they undertake to process. Our personal data assistants help us with:
- IT services (companies that handle operation, technical support and maintenance of our IT solutions)
- External training providers (subcontractors who provide training)
- Marketing (social media, print and distribution, reminder management for booking service)
- Public personal and vehicle registers (shares registration numbers to obtain vehicle information)
- Debt collection companies (companies that handle debt collection)
Companies that are independently responsible for personal data
We also share personal data with companies that are independently responsible for personal data. This means that we do not control the information provided to the company. Independent personal data controllers with whom we share personal data are:
Where your data is processed
Our goal is to process your personal data within the EU / EEA as far as possible. However, in certain situations, your personal data may be transferred to, and processed by recipients in, countries outside the EU / EEA. In these cases, we will take all reasonable legal, technical and organizational measures required to ensure that your personal data is handled securely and with an adequate level of protection comparable to and at the same level as the protection offered within the EU / EEA. Examples of appropriate protection measures are an approved code of conduct in the recipient country, standard contract clauses, binding internal company rules or the Privacy Shield. If you want a copy of the protection measures we have taken or information about where these have been made available, you can get this by contacting us as below.
How we protect your personal information
We take the legal, technical and organizational security measures required to ensure that your personal data is not tampered with, lost or destroyed or that unauthorized persons gain access to it. Our safety routines are updated as technology develops and improves.
Your rights
We want to be open and transparent about how we process your information. If you want to gain insight into the personal data processing that we do in relation to you, you have the right to request access to information about the processing.
If we receive a request for access, we may ask for additional information to ensure that we disclose the information to the right person and what information you want to receive.
You have the right to:
- get confirmation from us if we process personal data about you and in that case get access to the personal data we process about you (register extract) free of charge. However, in the case of manifestly unfounded or unreasonable register requests (especially because the requests are repeated), an administrative fee may be charged or the request denied.
- obtain correction of incorrect or incomplete personal data.
- get your information deleted in certain cases, e.g. if your personal data are no longer necessary for the purposes for which they were collected.
- have a restriction on the processing of your personal data in certain cases – e.g. if you have objected to the processing of your personal data which is done after balancing of interests – while checking whether our reasons outweigh your interests, rights and freedoms.
- obtain and transfer personal data to another person responsible for personal data in certain cases (data portability). The right to data portability only covers information that you have provided to us and that we process on the basis of certain legal grounds, such as an agreement with you.
Objection to processing for direct marketing purposes
You have the opportunity to object to your personal data being processed for direct marketing. If you object to direct marketing, we will discontinue the processing of your personal data for that purpose as well as discontinue all types of direct marketing measures.
Of course, you have the opportunity to say no to mailings and personal offers in some channels, for example, you can choose to only receive offers from us via e-mail, but not text messages.
Withdrawal of consent
You have the right to withdraw your consent to the processing of personal data at any time. In that case, we will discontinue the processing for the purposes based on your consent. If there is no other legal basis that gives us the right to save the data, we will delete it.
What are cookies?
Cookies are small text files consisting of letters and numbers. These are sent from Mekonomen’s or our partners’ web servers and saved on your device as below. We use different cookies:
- Session cookies are a temporary cookie that expires when you close your browser or app.
- Permanent cookies are cookies that remain on your computer until you delete them or they expire.
- First-party cookies are cookies set by the website you visit.
- Third-party cookies are cookies set by a third-party site.
- Web beacons are small transparent graphic images that can be found in emails we send to you.
- Similar technologies are technologies that store information in your browser or device in a way similar to cookies and web beacons.
Why do we use cookies?
The cookies we use normally improve the services we offer you. In general, we categorize our cookies and their use as follows:
Necessary cookies are absolutely necessary to be able to offer our basic services, e.g. our payment options or our customer portal. Our services would not work without these cookies.
Analysis Cookies provides comprehensive analytical information regarding your use of our services.
Function cookies allow us to save settings such as language selection or whether we should pre-fill your information or not.
Without these types of cookies, we would not be able to tailor our services to your wishes.
Security cookies make our services and your data safe and secure, by helping us detect fraud and protect your data. As this is an essential part of our services, these cookies are necessary.
Advertising cookies enable us to target relevant marketing to you.
How can you control our use of cookies
Your browser or device usually allows you to change the settings for the use and scope of cookies. Go to the settings of your browser or device to learn more about how to adjust the settings for cookies. For example, you can choose to block all cookies, only accept first-party cookies, or delete cookies when you close your browser.
Keep in mind that some of our services may not work if you block or delete cookies.
Complaints to the supervisory authority
If you believe that we handle your personal information incorrectly, you can contact us in the manner set out below. You also have the right to file a complaint with the regulator.
How to contact us
If you have any questions regarding our handling of your personal data or if you wish to exercise any of your rights related to the handling of your personal data, you are welcome to contact our data protection officer: gdpr@mekonomengroup.com