Integrity policy for Medicinsk Bildteknik
1. Purpose of the policy
Medicinsk Bildteknik Sverige AB (MBT) cares about your integrity. We want to make sure that you, as a co-worker, supplier our customer, feel safe and secure when sharing your personal data to us.
We will be processing your personal data mainly to fulfil commitments made to you and to fulfil obligations according to law and regulation.
Our starting point is to not treat more data than is necessary and we are striving to always minimize the data we save both regarding content and time.
We need your personal data in order to provide a good service regarding e.g. information, follow up and in some cases marketing. We treat all personal data lawfully. The basis always being an agreement, an obligation to comply with law or given consent.
In cases where we use a contractor we ensure, through written agreement, that they also abide by the rules of the GDPR.
2. Application area
For whom does the policy apply?
This integrity policy is applicable to individuals in their capacity as employees, customers, suppliers and other stakeholders.
What does the policy regulate?
This integrity policy regulates how MBT collects and processes personal data for the various services we provide in relation to image management within hospitals. The policy also regulates processing of data in connection with the parties that MBT has a business-relation with, such as suppliers and customers. Finally it regulates how we process the personal data of our employees.
3. Processing of personal data
What personal data do we process and why?
For you as an employee we process the following data:
• E-mail address
• Social security number
• Telephone number
• Bank account number
• Salary details including pension and health insurance
• Contact person including his/hers telephone number
• Competency profile
• Performance reviews
• Predictive index profile
• Employment contracts
We need this to be able to fulfil our duties as your employer.
Customers and suppliers/potential customers and suppliers
For you as a customer or a supplier we process the following data:
• E-mail address
• Telephone number
• IP-address (if you have visited our web page)
• Company name
• Company address
We need this to fulfil our commitment as your customer or supplier.
4. How do we access your personal data?
We access your personal data in different ways:
Data that you supply to us (co-workers, potential co-workers, customers, suppliers)
When you order products and services, when we install products and perform tasks for you, when you contact us through e-mail, when you contact us through our website, when you call us, when you apply for or request that we send you newsletters, if you are participating in usability studies and product surveys, when you apply for a job and when you give us your details through meetings, exhibitions etc.
Data that we receive from public registers and platforms (potential co-workers, customers and suppliers)
For example addresses for marketing, lists of health care employees within certain fields. Information through LinkedIn etc.
5. Storage of personal data
How long do we keep different kinds of personal data?
When you as an employee leave the Company we keep your employment contract and your name, address and information about you salary for seven (7) years and your competency profile and minutes from personal reviews up to one (1) year after your last day as an employee. Your Predictive index profile will be erased maximum 180 days after your employment has ended.
The Predictive index profile will be erased after 180 days. All other information linked to the recruitment-process is stored during the current year and one (1) year after.
Customers and suppliers
Personal data linked to customer and supplier agreements and information regarding business events are stored for seven (7) years after the event or cancellation of agreements.
6. Personal data for marketing
Personal data obtained at exhibitions and conferences are stored for three (3) months.
We collect consent from potential customers and suppliers and this enables us to perform targeted marketing activities and market research.
Personal data where consent has been obtained is saved for three (3) years. After this period a new consent has to be collected.
You have the right to withdraw your consent at any time.
We also store e-mails, where similar data might be present, if included in the sender’s correspondence. Mails are normally stored for a maximum of three (3) years unless legal or special circumstances require otherwise.
8. The Bildteknik website
When you visit our website your IP-address will be stored by our Processor (GNS Sweden AB).
When you visit our website and state that you want to be contacted by us your name, your e-mail, your phone number and the company that you represent will be stored (if you have given us these details). You will also be asked to give your consent for storage of the data and for newsletters to be sent to you. In every newsletter you will have the possibility to opt out of the newsletter.
Cookies are small pieces of information that are stored by your browser on your computer’s hard drive. They are often used as a mechanism for websites to remember useful information, such as your login details, and can contribute to ease of use when navigating a website. Our cookies cannot identify you personally.
What type of cookies do we use?
Analytical/performance cookies: These cookies allow us to recognize and count the number of visitors to our website and to see how visitors move around when they are using it. This helps us to improve the way our website works, for example, by ensuring that users find what they are looking for easily.
Functionality cookies: These cookies are used to recognize you when you return to our website. This enables us to personalize our content for you, such as e.g. remembering your preferences. It also allows for live chat support during your browsing experience.
Targeting cookies: These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the information displayed on it more relevant to your interests.
9. Protection/security of personal data
We focus on your integrity and the starting point is that only co-workers within our organization who need the data to perform their duties will have access to the data.
We have IT-systems, routines and technology that enables the processing of your data in a safe way and thereby protect the data against abuse, unauthorized access, modification, loss and destruction. To ensure that the personal data is processed and stored in a safe and confidential manner we use data networks that are protected from intrusion by fire walls and password protection according to industry standards.
Our most important systems are also risk validated within the scope of MBT’s certification within ISO 13485.
Employees of MBT are bound by confidentiality agreements and are obliged to follow the group’s rules for Information and IT security as well as this Integrity policy.
10. Sharing personal data
We do not share any personal data outside our group.
Medicinsk Bildteknik Sverige AB, org.nr 559213-3119
12. Your rights as an individual
•You have the right to, without charge, once a year, after a written and signed application to MBT on the address above get access to the data we have stored about you. The data will be given to you without unnecessary delay and in a structured form.
•You have the right to immediate correction of any errors in the data.
•You have the right to have your data erased or minimized, with the exception of the data we have to store to be able to fulfil legal obligations or agreements.
13. Changes in this policy
MBT reserves the right to make changes to this policy. The date for the last change will be given at the end of the policy. Any amendments to the policy will be published on the website. You are therefore recommended to read this integrity policy regularly. If we amend the policy in a way that will make it significantly different than from when you gave your consent we will notify you of the changes and if necessary ask you for a new consent.
14. Contact us
If you have any questions regarding this policy or our use of your personal data please contact us at: firstname.lastname@example.org