PRIVACY POLICY

This Privacy Policy refers to external partners which include:

you who is an employee of a company that has bought a product or service offered by one of the companies belonging to the LEAX Group;
you who is an employee of a company that can be a potential customer to us and have been in contact with one of the companies belonging to the LEAX Group;
you who is an employee of a company that has sold or rented a product or service to one of the companies belonging to the LEAX Group;
you who is an employee of a company that can be a potential supplier to us and have been in contact with one of the companies belonging to the LEAX Group.

For more about our General Website Policy, please scroll down.

At LEAX Group we protect your privacy and always strive for a high level of data protection. We value the trust that you place in us by providing us your personal data. We will always use your personal information in a way that is fair and worthy of that trust.

We shall always be transparent with you about what information we collect, what we do with it, with whom we share it and who you should contact if you have any concerns. This privacy policy explains everything you need to know, meaning how we collect, manage and use your personal information. It also describes your rights and how you can act in case you have questions.

It is important that you understand and read this privacy policy so that you can feel safe in our ways to manage your personal data. You are always welcome to contact us for any questions.

What is GDPR?

The General Data Protection Regulation (GDPR), a European privacy law approved by the European Commission in 2016 replaces a prior European Union privacy directive known as Directive 95/46/EC, which has been the basis of European data protection law since 1995.

A regulation such as the GDPR is a biding act, which must be followed in its entirely throughout the EU. The GDPR is an attempt to strengthen, harmonize, and modernize EU data protection law and enhance individual rights and freedoms, consistent with the European understanding of privacy as a fundamental human right. The GDPR regulates, among other things, how companies and organizations may obtain, use, store, and eliminate personal data.

What is considered “personal data”?

Per the GDPR, personal data is any information relating to an identified or identifiable individual; meaning, information that could be used, on its own or in conjunction with other data, to identify an individual. Personal data includes not only data that is commonly considered to be personal in nature (e.g. social security numbers, names, physical addresses, email addresses), but also data such as IP addresses, behavioral data, location data, biometric data, financial information, and much more. Even personal data that has been “pseudonymized” can be considered personal data if the pseudonym can be linked to any particular individual.

Sensitive personal data, such as health information, sexual orientation, religion or information that reveals a person’s racial or ethnic origin, requires even greater protection. At LEAX Group, we do not store data of this nature from our external partners and contacts.

What does it mean to “process” data?

Per the GDPR, processing is “any operational or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction”. In other words, by collecting, managing, using or storing any personal data of EU citizens, it is considered that we are processing EU personal data within the meaning prescribed by the GDPR.

Who is responsible for the personal information we collect?

LEAX Group AB (“LEAX”), organizational number 556658-4479, located at Nya Hamnvägen 4, 731 36, Köping, Sweden, is responsible for personal data processing of the Group.

What categories of personal data do we process? What are the legal basis to process them?

LEAX Group will process all or part of the following categories of personal data:

Supplier and customer representative contact data, such as name, workplace address, e-mail address, telephone number.
Organizational data, such as company name, job position, place of work, country.
Contractual data, such as purchase orders, contracts and other agreements.

Legal basis and purposes of the processing:

Legitimate interests. Example, LEAX’s legitimate interests include the interest to manage its daily operations according to lawful and fair business practices, including managing its relationships with its current and potential customers and suppliers in order to perform contract(s) to which you or your employer is a party and/or to take steps necessary prior to entering into a contract with you or your employer.
Contractual obligation. Example, LEAX may be required to process your personal data to fulfill the terms and agreements of an order or a service contract entered into by you.
Legal obligation. Example, LEAX may be obliged by law to report transactions to a tax authority requiring LEAX to process your personal data.

In some cases, LEAX may ask separately for your consent to process your personal data for the following purposes. If consent is collected, you are always entitled to withdraw your consent, which will not affect the lawfulness of the processing based on consent before its withdrawal:

Promotional communications and marketing purposes, such as the sending of our periodic newsletter.
Customer surveys purposes, such as online customer satisfaction surveys.

From which sources do we collect your personal information?

We collect information that yourself or your employer provide to us. It can be through e.g. email, business cards, meetings, conferences and exhibitions, telephone conversation, newsletter subscribing; but also, information gathered from your purchase orders, business contracts and other agreements.

How will we share your personal data? Will it be transferred outside EU/EEA?

LEAX will normally not share your personal data with anyone outside of the Group, unless required by law or regulation. However, LEAX may, if necessary to fulfill the purpose for processing the personal data, share your personal data with other LEAX Group company, including our companies within and outside EU/EEA.

LEAX Group will secure that appropriate safeguards are in place which provide adequate levels of protection of your personal data as required by applicable data protection laws. This also means that LEAX makes sure that all our system providers sustain adequate levels of protection of your data.

What happens if you do not provide us with any personal data?

Some personal data is necessary in order for LEAX to interact with its customers and suppliers for business purposes. Not providing personal data will inhibit the handling and delivering of the products and services that you or your employer might expect from us.

For how long do we keep your personal data?

LEAX will keep your personal data as long as required to fulfill its legal or contractual obligations taking into account for example the contractual period, warranty and product liability requirements, and no longer than is required for us to fulfill the purposes for which the personal data was collected.

Your data protection rights.

EU citizens have several rights under the GDPR, including:

Right of access: we are always transparent about the sort of personal data we process. If you desire, you have the right to know what data about you is being processed and how.

Note that the information you seek may be found in this privacy policy. Please, have in mind that if we receive a request for access, we may ask for additional information to ensure that we provide the data to the correct person.

Right to rectification: you may have personal data concerning you that is inaccurate, you can thus request that incomplete data be completed or that incorrect data be corrected.

Right to be forgotten: when certain conditions are met, we are obliged to delete personal data relating to you per your request. We may delete your data if,
- the data is no longer necessary for the purpose for which they have been collected;
- you oppose to our legitimate interest of processing it and your reason weights more than our legitimate interest;
- your personal data is being processed illegally;
- personal data must be deleted to comply with a legal obligation we are subjected to;

Please have in mind that we may have the right to deny your request if there are legal obligations that prevent us from immediately delete certain personal data. Should we be prevented from meeting your request to be forgotten, we will instead block personal data from being used for purposes other than the purpose that prevents the requested deletion.

Right to restriction of processing: when certain conditions are met, we are obligated to restrict the processing of personal data relating to you per your request.

Right to data portability: if you have provided us with personal data yourself, and wish for us to transfer it to another data controller, we will do so if the legal ground for processing that personal data is your consent or because the personal data was needed for entering into a contract with you.

In addition, you also have the right to lodge a complaint with a supervisory authority in case you feel that we are managing your personal data incorrectly.

How do you contact us in case you have questions about data protection?

Because we take data protection very seriously, we have created an email address so that you can easily reach us in case you have questions. You contact us via moc.xael@noitcetorpatad .

This Privacy Policy may suffer changes and updates from time to time. The latest version of this policy will be always available here on our website: www.leaxdobrasil.com.br.

_________________________________________________________________________________________________________

General Website Policy

This policy refers to all visitors to www.leax.com

You can use the LEAX Group website without disclosing your identity. Details of the information that we gather as standard when you access the website is described below. If you engage in our website via any form, we secure that your data is protected with SSL certificate.

What categories of personal data will LEAX process, for which purpose and based on what legal basis?

When you access any LEAX website/subsite, your web browser is technically configured to automatically transmit the following data (“log data”) to our web server, which we then capture in log files via Google Analytics: country, time of visit, pages visited, time spent on each page, referring site details, type of web browser, type of operating system, network locations and IP addresses.

This is exclusively information which does not allow you to be identified. This information is necessary for technical purposes in order to correctly deliver the content requested by you and its collection is an unavoidable aspect of using websites. The log data is analyzed purely for statistical purposes in order to improve our website and its underlying functionality. LEAX will process your personal data based on the legal basis legitimate interest. LEAX’s legitimate interests include the interest to manage its websites according to fair business practices and to maintain availability and functionality of the websites.

Forms

Personal data is only collected when you, spontaneously, share your information via one of our forms. Forms such as subscription to newsletter and spontaneous job application will collect the data you provide. Your data, however, is protected by the installed SSL certificate on our website.

LEAX will only process your data for the purpose to which you shared your information, i.e. to receive our newsletter, or so that you can participate in our hiring processes.

LEAX will keep your personal data as long as required to fulfill the purposes of which the personal data was collected. By submitting your data, you give LEAX consent to process your data. You are; however, always entitled to withdraw consent.

Cookies

LEAX websites uses Google Analytics, a web analytics service provided by Google. Google Analytics uses “cookies”, which are text files places on your computer, to help the website analyze how users use the site. The information gathered by the cookie about your use of website (including your IP address) will be transmitted to and stored by Google on their servers. The gathering of this usage data and the creation of usage profile is carried out on an anonymized basis using a cookie ID. We create and store these usage profiles solely in anonymized form and do not combine them with your name or with any other information such as your email address which may reveal your identity.

Cookies cannot be used to run programs or deliver viruses to your computer. With the information contained in cookies, we can simplify navigation and facilitate the correct display of our websites.

You may refuse the use of cookies by selecting the appropriate settings on your browser. However, please note that if you do this, you may not be able to use the full functionality of this website. Furthermore, you can prevent Google’s collection and use of data (cookies and IP address) by downloading and installing the browser plug-in available under

Links to other websites

Our websites may contain links to other websites. We have no influence on the compliance or non-compliance of the operators of these sites with the data protection provisions.

How do you contact us in case you have questions about data protection?

Because we take data protection very seriously, we have created an email address so that you can easily reach us in case you have questions. You contact us via contact page.

This Website Policy may suffer changes and updates from time to time. The latest version of this policy will be always available here on our website: www.leaxdobrasil.com.br