GDPR General Data Protection Regulation

General Data Protection Regulation GDPR

Privacy Policy

At GNS, we have long been committed to the secure handling of our customers’ personal data and welcome the new and stringent data protection regulation, GDPR, which will apply across the EU from May 25. The regulation aims to impose stricter requirements on companies regarding the handling of personal data and to provide increased transparency to employees and customers. As a customer of GNS, you can request information about the data we process and have your information corrected by emailing dataskyddsombud@gns.se.

How We Handle Customer Data and Who Has Access

At GNS, we store our customers’ personal data to invoice for the services contracted. Typically, customers provide their personal data via email or an order form on our website. These emails are not deleted immediately but are kept for one year for the security of both the customer and GNS. The personal data we collect includes company name, organization number, billing address, email address, and contact details of a reference person. We do not routinely store customer phone numbers, but they may be included.

Employees at GNS, as well as handlers at Svea Ekonomi, e-conomic, Fortnox, and Crescendo Revisorer & Konsulter, have access to customer personal data. The data is stored on secure servers within Sweden. Data is deleted when the termination period ends and the service is closed.

Newsletters

At GNS, we also send newsletters upon customer request. Customers have the right to opt-out of further mailings at any time. When this happens, the customer’s email is deleted from the system, and no further communications will be sent.

IP Addresses

GNS stores visitor IP addresses for website traffic statistics and security purposes. This data is stored on secure servers within Sweden.

Cookies

GNS’s website uses session cookies. This type of cookie is deleted when the browser is closed and is not stored persistently.

For Your Security

At GNS, we prioritize high security in handling customer personal data and have long established clear procedures for handling any incidents. In the event of an incident, an incident report is published on our website, gns.se, and a detailed report is sent via email to affected customers.

We have also incorporated privacy by design into our systems, which means we have built-in mechanisms to protect personal privacy. GNS supports data portability, meaning customers have the right to receive their data to transfer it to another service.

Sharing Personal Data

GNS does not sell our customers’ personal data. However, if registered individuals, the Data Protection Authority, or other third parties request information from GNS regarding personal data processing, the parties will cooperate and exchange information to the necessary extent. No party may disclose personal data or information about data processing without prior consent from the other party, except where required by a legal mandate or decision from a relevant authority, or where mandated by mandatory legislation.

Consent

By becoming a customer of GNS, you consent to GNS storing personal data, as outlined in our general terms and conditions. You can withdraw your consent at any time, which means GNS will stop processing your personal data or update previously provided information. To withdraw consent, please email dataskyddsombud@gns.se.

Other

At GNS SWEDEN AB, it is important that our customers are aware they can contact us or the Data Protection Authority in case of incidents, problems, or complaints. Linnea Grcic is the Data Protection Officer at GNS, and GNS is the data controller.