On 25 May 2018, the Swedish Personal Data Act (PUL) was replaced by the EU's General Data Protection Regulation (GDPR). The regulation applies to all types of personal registers and all companies that process personal data.
To comply with GDPR, each company's responsibility is to map its personal data processing, determine what data they collect, why it is collected, and how long it is stored. To meet the new regulations, we have updated our privacy policy and clarified how Exsens AB uses the personal information that you have shared with us. More information on how to use the Timeplan service to meet the GDPR can be found here.
Parties and responsibility for the processing of your data
Exsens AB, 556706-5288, Fürstenbergsgatan 4 Gothenburg, (from now on referred to as "Timeplan") is a program provider of web-based programs such as includes personnel planning, time reporting, and salary base calculation, which is from now on referred to as the "Service." Timeplan is a personal data assistant for processing your data in the Service and is then responsible for the organizational and technical security measures described in the article GDPR, paragraph "Security and data intrusion." The person responsible for processing your data in the Service is the "Customer" who is the registered organization with Timeplan. You who are a user and have your login information for the Service are referred to below as the "User." The Service has the role of "TP-Superuser," who is the customer's representative in the Service with responsibility for uploading users and other system administrators, assigning rights, and giving instructions to the Timeplan regarding the processing of data, incl. Personal data in the Service. Customers have people whose contact information is registered with Timeplan so that we can contact you; they are called "Contact persons" below.
Timeplan is responsible for the processing of the personal data that you share with us when:
- you order the Service
- you receive login information and become a user of the Service
- you agree with Timeplan
- you are registered as TP-Manager with Timeplan for your organization
- you sign up for one of our courses
- you have a question and/or contact us
- you visit our website and accept cookies
What personal data do we process about you?
The personal data that is processed varies depending on the type of company you have. When you order the Service, we collect contact information about you as a contact person and company information about you as a customer. All users have registered contact information, login information, and online identifications with us to use the Service. When registering for our courses, we need the participant's contact information and company information and processing information about the course you have taken. If you have a question or contact us regarding any other matter, the amount of personal information and what it is can vary depending on which communication channel is used. Categories of personal information are usually contact information, login name, company information, and the case itself as unstructured material, containing the personal information you have chosen to share with us. A detailed list of which personal data occurs within the different categories, on which occasions, and on which legal basis the processing is based, can be found below in the section "Storage of personal data by category."
Why do we process your data?
Timeplan collects this personal information about you as a user and customer to provide the Service and give you the best possible experience of both the Service, our website, and our help center. We must be able to identify you, administer your account, for statistical purposes, and direct information about updates in the Service. The personal information that is collected when ordering is needed to handle the order, invoice, and send login information to you and contact you. All users' data is needed to be able to give you access to the Service, for you to be able to use the Service, be able to create a processing history for you as a customer, be able to identify yourself and know which users and customers use the Service. Company information about you as a business partner is needed to fulfill the agreement and contact information about you as a contact person to contact you. Company information, contact information is also needed, as well as information about which course you are a participant in is needed to be able to provide training services such as handling your registration and invoicing you. We also process the data to send evaluations and carry out a follow-up. When you contact us via one of Timeplan's communication channels, the information about you is used to be able to handle the case, to be able to contact you, for educational purposes and contributes to improving our Service by saving the case for recurring questions from you or other questioners with the same question.
Who do we share personal information with?
Timeplan applies strictly confidential handling of all information that we have access to. We never store, copy, or disclose information, whether about the customer or the customer's employees internally at the company or to third parties without the customer's or employee's express consent.
We use Zendesk (USA, Privacy Shield ) for logging support contacts via email and phone.
How long do we store your personal information?
Schedule saves personal information about you as a customer as long as there is a customer relationship or is necessary to achieve the purposes described in this policy. Upon termination of the agreement, Timeplan will delete or anonymize your information within a reasonable time after termination, unless other Swedish or European law, court, or authority says otherwise. Your information can be saved based on a balance of interests if there are security or financial reasons. How long your data as a user is stored with us varies depending on the purpose for which it was collected. Tasks in the Service delete the system administrator, but in cases where there is no technical function for deletion, your system administrator needs to contact us. Personal data that is processed for invoicing education is stored for as long as required as a basis for accounting. After completing the training, the information is saved until the follow-up is completed. A new follow-up period starts after each completed training course. Information collected when you contact us is stored as long as you are a customer to fulfill our commitment. At the end of the customer relationship, we can store it based on balancing interests as evidence in case of problems. The storage is then limited to a system and with controlled authorization control.
What rights do you have?
You who are registered with Timeplan have several rights that you should be aware of. You have the right to request a register extract of what information is registered about you free of charge once a year, provided you have legitimate reasons. In some cases, you also have the right to data portability of the personal data. You have the right to have your personal data corrected if it is incorrect, incomplete, or misleading and the right to limit the processing of personal data until they are changed. You have the right to be forgotten, but deletion of personal data can not occur if it is required to fulfill the agreement or if other Swedish or European law, court or authority decisions say otherwise, and if it is based on balancing interests. Should you think that there are no justifiable reasons or that the balance of interests is incorrect, you can object to the treatment. You also can withdraw consent, submit complaints about the processing to the Swedish Data Inspectorate, oppose automatic decision-making, profiling, and object to direct marketing.
If you want to know more
If you have questions about this policy and your data processing, want to delete or change incorrect data, you can contact us, either to our support department (see timeplan.se) or to ekonomi@timeplan.se.
Storage of personal data by category
Tables can't be imported directly. Please insert an image of your table which can be found here.
When
Category of data
Personal information
Legal reason
Order of Service
Company information
Organization number
Company name
Address
ZIP code
City
Fulfill our contractual obligations to you
Contact information
First name
Surname
Email
Fulfill our contractual obligations to you
Users
Kontaktuppgifter
First name
Surname
Email
Fulfill our contractual obligations to you
Login information
username
Fulfill our contractual obligations to you
Online identification
IP-address
Fulfill our contractual obligations to you
App information
Pictures
Fulfill our contractual obligations to you
Registration for education
Contact information
First name
Surname
Email
Phone
Fulfilling our contractual commitments to you and consent
Company Information
Organization number
Company name
Address
ZIP code
City
Fulfilling our contractual commitments to you and consent
Course assignments
Date
Time
City
Premises
Price
Fulfilling our contractual commitments to you and consent
Conversion thru webpage
Contact information
Name
Email
Phone
Fulfilling our contractual commitments to you and consent
Company Information
Company name
Fulfilling our contractual commitments to you and consent
Case information
Message in free text (optional)
Fulfilling our contractual commitments to you and consent
Conversion thru email
Contact information
Name
Surname
Email
Fulfilling our contractual commitments to you and consent
Company Information
Company name
Fulfilling our contractual commitments to you and consent
Case information
Message in running text
Fulfilling our contractual commitments to you and consent
Contact thru phone
Contact information
Name
Surname
Fulfilling our contractual commitments to you and consent
Company Information
Company name
Fulfilling our contractual commitments to you and consent
Case information
Message in running text written down by support staff.
Fulfilling our contractual commitments to you and consent