Like most websites, we use cookies. We use them to make sure you get the best possible experience of the site, read more here. By selecting “Accept Cookies” below, you are giving your consent to receive cookies from CEVT AB. You can change your cookie settings whenever you want - but doing so may stop the website working properly.

Your privacy at CEVT

We value your privacy

Under the General Data Protection Regulation (GDPR) the rights and freedoms of the individuals are strengthen, and anyone using personal data is obligated to comply with, and act in accordance to, provisions and principles provided for in the regulation. You, the data subject, have a right to know about how and why we use your personal data.

In this statement we provide information about the general conditions under which we will process your personal data. You may read this statement in its stand-alone form, or as part of a more specific set of information having been provided to you by CEVT.

Who’s in charge?

CEVT is responsible for making sure that your personal data is kept secure and only used in the right way. As a Data Controller of your personal data, it is CEVT who will determine what data needs to be collected, and how it will be used, or as GDPR puts it; processed. Depending on the circumstances, we may need to process your data to support our business objectives, to enable the internal functions of the company, or to comply with regulatory requirements.

How we treat your data at CEVT

GDPR allows us to use your data for various legitimate purposes. However, when doing so we will treat your data in accordance with a series of principles designed to protect and respect your personal integrity.

Fairness and lawfulness

CEVT will use your data in a fair and lawful manner, limited to activities within the scope of our business. We strive to treat you and your data fairly, meaning that we are open about the ways in which your data will be processed, and strive to limit that processing as much as possible. We will never try to hide our processing activities or try to circumvent our obligations under GDPR. Whenever we need to use your data, we make sure that we have a legal basis for that use, e.g. that we are required by law or contract to process your data, or where the processing of your data is necessitated by other legitimate business interests.

Proportionality

We strive to limit our processing of your data as much as possible. This means that we only collect, use, and store data for as long as needed to achieve whatever purpose we are pursuing. When informing about these purposes, we strive to be specific and unambiguous, making sure that you can understand the reasons for why your data is needed.

Transparency

At CEVT we believe in transparency. Whenever we process your data we will inform you about this in accordance with GDPR. This information is provided in different ways depending on the circumstances. If you are an employee, consultant, supplier, or other key data subject category of CEVT, you will be provided with an extensive Privacy Notice at the beginning of your relationship with CEVT. Moreover, you may be provided additional information on a regular basis containing details about specific processing purposes. Our ambition is that you at any point should be able to understand why and how we are using your data.

Security and integrity

Personal data can be sensitive. At CEVT we implement both technical and organizational safeguards designed to make sure that your data is only shared with authorized parties, that it is factually correct, and that it is protected against unauthorized or unlawful disclosure. This may include only using sufficiently secure tools for storage and transfer of data, encrypting data when needed, or adopting and implementing procedures and practices regarding the collection, use, and distribution of data within our organization.

Why we need your data

Personal data is everywhere and is a necessity to do most things nowadays. Therefore, your data may be used for varying purposes depending of the circumstances. If you are working for CEVT in any capacity, we usually need to use your data to administer your employment and/or assignment, to comply with various regulatory requirements, or otherwise to facilitate the internal functions of CEVT as a company. Whenever you start your employment and/or assignment you are provided with detailed information about these different purposes. If you’re an external party we may need your data to facilitate communication and collaboration, or to deliver products and services. Specific information regarding these cases will be provided from time to time as well.

When we can use your data

In order to process your data, we must first make sure that we have the legal right to do so. GDPR defines the criteria for allowing this.

If you have a contract with CEVT, we may use whatever data is necessary for the performance of that contract, i.e., if you are employed by CEVT we may rely on the contract in order to manage data related to your employment.

We may also process data necessary for CEVT to comply with various legal obligations, i.e. health and safety regulations.

Furthermore, we may process data necessary to pursue the legitimate interests of CEVT as a company, e.g. to enable various internal administrative or business-related functions. When relying on these interests we always assess the privacy impact of using your data. This means that we only process your data insofar as your rights and freedoms don’t override our interests.

In some cases, we may ask for you explicit consent to use your data. Whenever doing so, we make sure that you can give your consent in an informed and independent way. If you have consented to anything, you always have the right to revoke that consent at a later stage, meaning that we may no longer use your data based on that consent.

The data we collect

The types of data we use differs widely depending on the circumstances. Most commonly, we use contact details such as names, emails, and similar information necessary to enable identification and communication. If you are working for CEVT, we process additional types of necessary data such as data relating to salaries and compensation, work performance, and IT asset use. Sometimes you provide the data yourself, other times CEVT receives the data from other sources. More specific information about the types of data collected are provided to you from time to time.

Sharing your data

Sometimes we need to share your data with other parties than CEVT, e.g. to a supplier of ours if this is required for them to deliver their service, to another GEELY Group company, or to public authorities whenever required by law. We only share your data when so is needed, and when required we make sure that the receiving party is obligated to treat your data with the same care as we do.

International data sharing

We may at times need to transfer data outside the EU/EEA. This could be because CEVT has suppliers or other partners established outside the EU/EEA, or where CEVT, as a GEELY Group company, need to share information with other members of the company group.

We will only transfer your data to countries which the EU has deemed having an adequate level of data protection, or where the transferred data can be otherwise protected using appropriate safeguards. Most commonly, these safeguards will consist of using the EU commission’s Standard Contractual Clauses (“SCC”).

Retention of data

We will only store your data for as long as is needed to achieve whatever purpose we’re pursuing. We strive to define retention periods for all data and implement procedures for making sure that data is not stored for unnecessarily long periods of time. Other times, our retention of your data will be determined on a case-by-case basis, taking into considerations the principle of data minimization.

Your rights

GDPR gives you, the data subject, several rights regarding your data. These include, as applicable, the right to access your personal data processed by us, the right to have incorrect data corrected, the right to have certain data deleted, the right to restrict the processing of data in certain circumstances, the right to object to the processing of data, as well as the right to data portability. If you wish to submit any such request, please use the contact form found at the bottom of this page.

Questions or complaints

If you have any questions or concerns regarding the way we process your personal data, please contact us using the contact form at the bottom of this page. If you feel we somehow have misused your data, you may contact the Swedish data protection authority (Datainspektionen) to file a complaint. Visit their website for more information.

Download our privacy notices or contact us using the form below to send us your inquiry. To answer your question or handle your request we need to process your personal data.

Downloads
  • GDPR Privacy Notice Camera Surveillance (pdf) Download
  • GDPR Privacy Notice Consultant (pdf) Download
  • GDPR Privacy Notice Customer (pdf) Download
  • GDPR Privacy Notice Employee (pdf) Download
  • GDPR Privacy Notice Job Applicant (pdf) Download
I would like to:

Ask a question related to personal data processed by CEVT

I would like CEVT to contact me by:
Email
Phone
Post

Exercise any of my rights related to personal data processed by CEVT

We will send you a request form by post that you will have to fill out in order to complete the request. To protect your integrity and personal data you will be required to show identification when picking up or receiving the envelope.

Other

I would like CEVT to contact me by:
Email
Phone
Post
Ask a question related to personal data processed by CEVT
Exercise any of my rights related to personal data processed by CEVT
Other
If you want to reach us by other means you can also visit our office in Gothenburg or contact us by post. You can find the contact details here. If you wish to send us something by post please mark the envelope with ”CEVT Data Protection Officer” and do not forget to provide your own contact details so that we can reach you with an answer. If you are not happy with the information or answer we provide you can file a complaint with the supervisory authority (Datainspektionen).