We are committed to protecting your privacy in accordance with the highest level of privacy regulation. As such, we follow the obligations under:
Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) and the applicable provincial legislations
the EU’s General Protection Data Regulation (GDPR)
Brazil’s Data Protection Legislation (LGPD)
California’s Consumer Protection Act (CCPA) and California Online Privacy Protection Act (CalOPPA)
This policy applies to the IT Quality Nordic Institute AB websites and domains.
Personal Data We Collect
Data you provide
When you make a purchase, or attempt to make a purchase, we collect personal data as part of your order information.
This data includes:
Account information such as your name, email address, and password
Payment information such as your billing address, phone number, credit card, debit card or other payment method
If you provide us, or our service providers, with any Personal Data relating to other individuals, you represent that you have the authority to do so and acknowledge that it will be used in accordance with this Privacy Statement. If you believe that your Personal Data has been provided to us improperly, or to otherwise exercise your rights relating to your Personal Data, please reach out on the Contact Us page.
Device and Usage Data
When you visit a IT Quality Nordic Institute AB website, we automatically collect and store information about your visit using browser cookies (files which are sent by us to your computer), or similar technology. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. The Help Feature on most browsers will provide information on how to accept cookies, disable cookies or to notify you when receiving a new cookie. If you do not accept cookies, you may not be able to use some features of our Service and we recommend that you leave them turned on.
Data we collect from third parties
We may receive your personal data from third parties such as companies subscribing to IT Quality Nordic Institute AB, partners and other sources. This information is not collected by us but by a third party and is subject to the relevant third party’s own separate privacy and data collection policies. We do not have any control or input on how your personal data is handled by third parties. As always, you have the right to review and rectify this information. If you have any questions you should first contact the relevant third party for further information about your personal data. Where that third party is unresponsive to your rights, you may contact the Data Protection Officer at IT Quality Nordic Institute AB and we can assist you.
Our websites and services may contain links to other websites, applications and services maintained by third parties. The information practices of such other services, or of social media networks that host our branded social media pages, are governed by third parties’ privacy statements, which you should review to better understand those third parties’ privacy practices.
Purpose and Legal Basis for the Processing of Personal Data
We collect and use personal data about you with your consent to provide, maintain, and develop our products and services and understand how to improve them.
These purposes include:
- To deliver your product or service
- To fulfil orders including electronic and non-electronic shipment
- Building a Safe and Secure Environment
- To Verify or authenticate your identity; and
- Investigate and prevent security incidents such as breaches, attacks and hacks.
Where we process your personal data to provide a product or service, we do so because it is necessary to perform contractual obligations. All of the above processing is necessary in our legitimate interests to provide products and services and to maintain our relationship with you and to protect our business for example against fraud. Consent will be required to initiate services with you. New consent will be required If any changes are made to the type of data collected. Within our contract, if you fail to provide consent, some services may not be available to you.
Sharing and Disclosure
We will share your personal data with third parties only in the ways set out in this Policy or set out at the point when the personal data is collected.
We may use or disclose your personal data in order to comply with a legal obligation, in connection with a request from a public or government authority, or in connection with court or tribunal proceedings, to prevent loss of life or injury, or to protect our rights or property. Where possible and practical to do so, we will tell you in advance of such disclosure.
Service Providers and Other Third Parties
We may use a third party service provider, independent contractors, agencies, or consultants to deliver and help us improve our products and services. Service providers may be within or located outside the EEA. We may share your personal data with marketing agencies, database service providers, backup and disaster recovery service providers, email service providers and others but only to maintain and improve our products and services. For further information on the recipients of your Personal Data, please contact us by using the Contact page.
What are cookies?
A cookie is a small file with information that your browser stores on your device. Information in this file is typically shared with the owner of the site in addition to potential partners and third parties to that business. The collection of this information may be used in the function of the site and/or to improve your experience.
To give you the best experience possible, we use the following types of cookies:
Some cookies are used to personalize content and present you with a tailored experience. For example, location could be used to give you services and offers in your area.
We collect analytics about the types of people who visit our site to improve our service and product.
Retention & Deletion
We will only retain your personal data for as long as necessary for the purpose for which that data was collected and to the extent required by applicable law. When we no longer need personal data, we will remove it from our systems and / or take steps to anonymize it.
We will not knowingly collect personal data from children under the age of 13 Years.
Your Rights to Your Personal Data
Depending on your geographical location and citizenship, your rights are subject to local data privacy regulations. These rights may include:
Right to Access (PIPEDA, GDPR Article 15, CCPA, LGPD)
You have the right to request a copy of the personal data we are processing about you.
Right to Rectification (PIPEDA, GDPR Article 16, LGPD)
You have the right to have incomplete or inaccurate personal data that we process about you rectified.
Right to be Forgotten (right to erasure) (GDPR Article 17, CCPA, LGPD)
You have the right to request that we delete personal data that we process about you, except we are not obliged to do so if we need to retain such data in order to comply with a legal obligation or to establish, exercise or defend legal claims.
Right to Restriction of Processing (GDPR Article 18, LGPD)
You have the right to restrict our processing of your personal data where you believe such data to be inaccurate; our processing is unlawful; or if we no longer need to process such data for a particular purpose unless we are not able to delete the data due to a legal or other obligation or because you do not wish us to delete it.
Right to Portability (PIPEDA, GDPR Article 20, LGPD)
You have the right to obtain personal data we hold about you, in a structured, electronic format, and to transmit such data to another data controller, where this is (a) personal data which you have provided to us, and (b) if we are processing that data on the basis of your consent or to perform a contract with you or the third party that subscribes to Enzuzo Data Privacy services.
Right to Objection (GDPR Article 21, LGPD)
Where the legal justification for our processing of your personal data is our legitimate interest, you have the right to object to such processing on grounds relating to your particular situation. We will abide by your request unless we have compelling legitimate grounds for processing which override your interests and rights, or if we need to continue to process the data for the establishment, exercise or defense of a legal claim.
Right Not to Be Discriminated (CCPA)
You have the right not to be denied service or have an altered experience based on having executed any of your CCPA rights.
If you have consented to our processing of your personal data, you have the right to withdraw your consent at any time, free of charge, such as where you wish to unsubscribe from marketing messages that you receive from us. If you wish to withdraw your consent, please contact us using the information found at the bottom of this page.
How to Exercise Your Rights
You can make a request to exercise any of these rights in relation to your personal data by sending the request to our privacy team by using the form below.
For your own privacy and security, at our discretion, we may require you to prove your identity before providing the requested information.
If you have a complaint about this Policy or any element of your personal information that we hold then please contact us below. If you are not satisfied, then you have the right to lodge a complaint with the local data protection authority.
If you are based in the EEA, please visit this website (http://ec.europa.eu/newsroom/article29/document.cfm?action=display&doc_id=50061) for a list of local data protection authorities.