List of active policies

Name	Type	User consent
GDPR	Privacy policy	All users

GDPR

Summary

This privacy notice (“Privacy Notice”) has been adopted to inform you on how we process your personal data in a legal, suitable and safe manner. In this Privacy Notice, we describe how and why we collect, use, disclose and store your personal data as well as the rights you have as a data subject of Höganäs. This Privacy Notice is addressed to all users of Höganäs Academy accessible at https://hoganas.sparkfore.com/ (our “Site”).

Full policy

Privacy Notice

Effective as from: 2022-11-06
Last update: 2022-11-06

1: Introduction

Your integrity and digital security are of importance to us at Höganäs. Höganäs comprises of Höganäs AB (a public limited liability company incorporated in Sweden, registration number 556005-0121) and its subsidiary undertakings (referred to collectively as “Höganäs”, “we” or “our”).

Below under each headline, you can read more about our processing of your personal data.

Höganäs is the controller for the processing of personal data, and you can contact us at any time to ask questions related to the processing of your personal data (see section 12 below).

2: Definitions

In this Privacy Notice, the term "personal data" means any information relating to an identified or identifiable person, such as name, email address and telephone number (and in the US, Personal Identifiable Information (PII)).

In this Privacy Notice, we describe how we process your personal data. "Processing" means any operation or set of operations which is performed by us on your personal data or on sets of personal data, such as collecting, recording, organizing, structuring, storing, adapting, retrieving, consultation, using, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction as described in this Privacy Notice.

3: The information we process

We collect data from you and through our Site. Which data we collect depends on the context of your interactions with us and the choices you make. The following categories of data may be processed.

User data

User data is personal data about you that you may enclose directly when you interact with us. It includes information to create an account and to complete your profile, such as:

· Name

· Telephone number

· E-mail address

· Address

· Job title / role

· Line / reporting manager

· City – location

· Company / entity

· Photograph

· Personal interests

· ID number

· Credit card information

System data

We will automatically collect information from you each time you visit our Site, i.e. System data. It includes the following information:

· IP address

· Web-browser identification

· Referring webpage

· User account ID

· User account password

· System user group membership

· Höganäs Academy system access rights

· System user activity

· Course grades and scores

· Language settings

You have choices when it comes to the technology you use and the data you share. When you are asked to provide personal data, you can choose to decline. In cases where you choose not to provide necessary information to access our service, you might not be able to use the specific service or otherwise interact with Höganäs.

4: Purpose and legal basis

Höganäs processes your personal data in a manner that is consistent with this Privacy Notice as follows:

Provision of our Site: We need to process your personal data as specified in section 3 above in order to provide you with our services through the Site. These services may include providing access to our online courses, administration of your account and notifying you of changes to our service or your account. For this processing, we have based our processing on your consent.

Legal Compliance: Some of the personal data that Höganäs collects might be processed to comply with legal obligations, as required by laws or judgments or governmental decisions, or due to our legitimate interest in seeking to meet our global legal obligations, to reduce compliance risks and to carry out business. Such requirements may for example exist in the applicable data protection laws, laws connected to book-keeping and money laundering and in different export control and sanctions regulations.

We may also use your personal data to comply with law or legal process, to protect, enforce or defend our legal rights, safety or property, to protect against fraud and other unlawful activity or for risk management purposes. The legal basis for these purposes is to comply with legal obligations and our legitimate interest in protecting our business interests and property.

Marketing: Your personal data may be processed for direct marketing purposes, however only in respect to products and services that Höganäs markets. This allows us to provide you and the company/organization that you work for, with offers or other direct marketing, by mail, e-mail, or by phone. The legal basis for processing your personal data for direct marketing purposes, is our legitimate business interests. For this processing, we have conducted a balancing of interests where we have, inter alia, taken into account that the processing does not include any sensitive personal data and that we have a clear commercial interest in being able to provide our services to the company or organization you work for or on behalf of in an efficient manner. You may at any time decline any direct marketing by following the opt-out link in the message sent to you.

5: How long is your personal data processed?

Unless a longer retention period is required or permitted by local law to which Höganäs is subject, your personal data will only be stored as long as Höganäs deems it necessary to fulfill the purposes for which the personal data was collected in accordance with this Privacy Notice. Your personal data will be deleted or anonymized as soon as the personal data is no longer relevant for the purpose.

Furthermore, we never process your personal data longer than what is allowed according to applicable laws, regulations, practices, or authority decisions.

If you have given your consent to the processing of your personal data, we process your personal data for the specific purpose, until you withdraw your consent. You can withdraw your consent at any time by contacting us and objecting to this and/or by deleting your profile at the Site.

Personal data which is processed in order to inform about our products/services, is stored for as long as we have a business relationship with you, your employer or the company or organization you represent. If you do not wish for us to keep personal data for marketing purposes during this time, please contact us or follow the opt-out link in the message sent to you.

In order to enable Höganäs to comply with the legal obligations arising from law (bookkeeping, product safety, money laundering, etc.) or to take charge of Höganäs’ legal interests (if a legal process is in progress or might be initiated), Höganäs may save personal data for longer. However, personal data will be saved only as long as is necessary and/or stated for the purpose.

8: Your rights as a data subject

In some regions, such as the European Economic Area (“EEA”), California, Brazil etc. you have certain rights in relation to the personal data we hold about you.

You are entitled to obtain information from us, confirming whether or not personal data concerning you is being processed. You are in most cases also entitled to receive a copy of the personal data that we process about you. Furthermore, you may ask us to update, correct or remove personal data we hold about you, or object to or ask us to restrict our processing of your personal data. Contact information can be found at the end of this Privacy Notice. In order to ensure your identity in connection with your request, we may ask for further information from you. We will not unlawfully discriminate against you if you exercise your privacy rights.

Any request should be submitted in writing to us with clarification as to what information you wish to receive. We will respond to your request as soon as we can. If we cannot meet your request regarding access to the information your request concerns, we will provide reasons for this. Any copy of your personal data requested will be sent to your registered address unless otherwise agreed in writing.

If we have collected your personal data based on your consent, you have the right to withdraw your consent at any time. You may exercise this right by manage your account at the Site or by contacting us using the contact details provided below. You can at any time log in and update your created profile. Please note however, that withdrawing your consent will not affect the lawfulness of the processing before the withdrawal, nor will it affect the processing of your personal data conducted in reliance on another legal basis than your consent.

If you believe we are unlawfully processing your personal data, you have the right to lodge a complaint with a supervisory authority. For information on supervisory authority contacts, see the Contacts section below.

9: Sharing information

Only those who need to process personal data for the purposes for which they are processed have access to the personal data. We might share your personal data with trusted recipients. Personal data is shared with the following parties:

· IT-providers that performs services on our behalf, so called processors. For example, we use cloud service providers and software providers who will get access to your personal data under section 3. Such business partners will only process personal data in accordance with our instructions and may not use personal data for their own purpose. We have entered into data processing agreements with our processors inferring, for instance, they are required to process the information in a safe, accurate and confidential manner.

· Third parties when required by law, legal process or authority decision. Such disclosure may, for example, be done to the police or the tax office or to other governmental authorities and to law enforcement agencies and authorities in order to protect, enforce or defend our legal rights, privacy, safety, or property, to protect against fraud and other unlawful activity or for risk management purposes.

· Other professionals. We may also disclose your personal data to our professional advisers, including legal service providers and accountants in the context of taking professional advice and protecting our rights.

Höganäs does not transfer your personal data by selling or trading your personal data or make your personal data available to third parties in any other way without your consent.

10: To which countries do we transfer your personal data?

Other than as expressly stated below, we only process your personal data within the EU/EEA.

Some of Höganäs IT-suppliers for the services related to Höganäs Academy are located outside the EU/EEA, i.e. the US. Höganäs may also share your personal data with another Höganäs company, if necessary to perform business with the company that you represent, to market and sell relevant Höganäs products and services to you and otherwise respond to any requests put forward by you.

Where personal data is shared with these suppliers and/or another Höganäs company, Höganäs has ensured that personal data remains protected by taking on the necessary actions to legally transfer the personal data to non-EEA countries in accordance with applicable data protection laws. If the country is not considered by the European Commission to provide an adequate level of data protection, we have put in place adequate measures, such as standard contractual clauses adopted by the European Commission, to protect your personal data.

To obtain a copy of our safeguards for such transfers, please communicate your request using the information shown below under section Contacts.

11: Safety

To protect your privacy, detect, prevent and limit the risk of hacker attacks, etc., Höganäs undertakes technical and organizational security measures. These measures are taken to protect your personal data against unauthorized access, abuse, disclosure, changes and disruption.

12: Changes to the Privacy Notice

Höganäs reserves the right to unilaterally amend this Privacy Notice when it is necessary due to compliance with applicable laws. Such changes are mainly called for in the event of any legislative changes, due to statements from the supervisory authority or other bodies issuing opinions on the basis of applicable data protection laws. In addition, this Privacy Notice will be updated as needed as a result of changes in our products/services.

When this Privacy Notice is updated, the date for update will be shown at the top of this Privacy Notice. If Höganäs makes major changes to this Privacy Notice or changes regarding how we process your personal data, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this Privacy Notice frequently to be informed of how we are protecting your personal data.

13: Contact information for our Group DPO and supervisory authorities

If you have questions regarding this Privacy Notice or the processing of your personal data, or if you wish to make a request in accordance with the Privacy Notice or to report a violation of this Privacy Notice, please contact our Data Protection Officer (DPO) at dpo@hoganas.com or you may write to:

Höganäs AB (publ)

Attn: Group DPO

SE - 263 83 Höganäs

Sweden

Or call +46 42 33 80 00 and ask to be connected to the Data Protection Officer.

We will respond to your questions and complaints about our processing of your personal data. If you are not satisfied with our response, depending on where you are located, you can contact a supervisory authority or your state’s attorney general.

A list of supervisory authorities in the European Union, including our lead supervisory authority in Sweden, Integritetsskyddsmyndigheten / Swedish Authority for Privacy Protection, can be accessed here.

If you are a resident in Switzerland, the contact details for the data protection authorities are available here.