Apis Training AB including its business area Astream (below called “Apis”) is a European corporation with its head office located in Stockholm. Apis is subject to European privacy legislation, including the General Data Protection Regulation (GDPR). This policy details the measures that we take to preserve and safeguard your privacy when you visit our website, use our services and/or communicate with our personnel.
Personal data is information that can identify you as a person, such as name, an email address, or phone number etc. Processing your personal data is necessary for us to serve and fulfil our obligations towards our customers and also for administration in connection with our services, as well as obligations which follow from law.
Please note that there is no obligation to provide us with personal data. However, if we do not receive certain personal data, we will not be able to perform our services.
What personal data do we process?
When you visit our homepage (including Astream’s homepage)
When you visit our website, we automatically collect certain information about your device, including information about your web browser, IP address, time zone and some of the cookies that are installed on your device. Additionally, as you browse the site, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the site, and information about how you interact with the site. We refer to this automatically-collected information as “Device Information”.
We collect Device Information using the following technologies:
- “Log files” track actions occurring on the website, and collect data including your IP address, browser type, internet service provider, referring/exit pages, and date/time stamps.
- “Web beacons”, “tags”, and “pixels” are electronic files used to record information about how you browse the site.
In addition, those who choose to submit a request through our contact form will provide us with more personal data such as name, phone number and email address.
If you are a representative of a current or potential customer to Apis/Astream or a representative of a supplier to us or any other external parties
We primarily collect or obtain personal data directly from the contact person concerned, however we sometimes receive information about individuals involved, without the information being provided directly from them but from private and public records and sources.
We process personal information about you that you give us by filling in forms on this site, registering or by corresponding with us by phone, email or otherwise. This information may include your full name, job title and contact details including your email address and telephone number. We also collect the personal data provided to us in connection with performing our services or that are otherwise processed during the preparation or administration of a service, as well as invoicing information.
If you are a participant in our courses or a customer regarding video productions
We primarily collect personal data directly from the individuals concerned, however we sometimes receive information about individuals involved, for example individuals who will participate in our classroom courses and/or online learning courses/virtual classroom, without the information being provided directly from them but from their employers and similar. We may also supplement the personal data provided by obtaining information from private and public records and sources.
The personal data we process may consist of contact details (e.g. name, title, work address, telephone number and email address).
If you are using our services regarding video production and/or livestreaming, please note that Apis/Astream in such cases also process photos and videos of you.
Apis/Astream also process written questions and comments, that participants in our virtual classroom courses and/or a customer led webinar may write while using the chat or Q&A function in the livestreaming platform that we use.
If you are using the learning management system Learnifier®
If you register for the learning management system Learnifier® you will submit your name and email address which we need in order to administrate your access to the system.
What are the purposes of our processing of personal data?
We process personal data provided or obtained in connection with our services so we can provide our services and fulfil our obligations towards our customers, and also for administration in connection with our services, as well as obligations which follow from law such as accounting legislation.
In addition, we also process personal data so that we can manage and administrate our relationships with suppliers and other external parties.
We may also use personal data as a basis for our market and client analyses, business and methodology development, as well as for statistical and marketing purposes.
If we communicate with you for marketing purposes and/or newsletters, we use your personal information to provide you with targeted advertisements, information or marketing communications we believe may be of interest to you. You can ask us to stop sending you marketing messages at any time – you just need to contact us, or use the opt-out/unsubscribe links on any marketing message sent to you.
What is the legal basis for our processing?
In relation to customers’ representatives, participants in our educations, business partners and consultants etc., our processing of personal data is based on performance of the contract, administrating the relationship and on a balancing of interests.
As regards the legal basis balancing of interests, we consider it necessary to process the personal data for the purposes that concern our legitimate interests and that these outweigh any opposing interests or fundamental rights and freedoms. We have a legitimate interest to study how customers use our services, to develop them, to grow our business and to promote our services.
Processing of personal data relating to suppliers or their representatives and other external parties is based on our legitimate interest in administrating the relationship and performing our contractual obligations.
We may have additional grounds for the processing in connection with the various services we have accepted to provide.
Who has access to the personal data that we process?
We have taken appropriate technical and organisational security measures to help protect the personal data we process from loss and to guard against, inter alia, access from unauthorised persons.
Apis will not disclose personal data to any third party, except where
- it has been agreed between us and the person whose personal data we process;
- it is necessary within the scope of a given assignment;
- it is necessary so we can fulfil a statutory obligation, comply with a decision of a public authority or a court of law;
- if we engage an external service provider or business partner who performs services on our behalf. Such service providers and business partners may only process personal data in accordance with our instructions, and may not use personal data for their own purposes; or
- it is otherwise permitted by law.
We have business partners who are third party processors which assists us in for example storing your data safely and ensure the security while interacting with our website. These third parties are carefully screened so we can ensure that there are adequate controls in place and, where relevant, that such third parties are GDPR compliant.
Transferring your personal information outside the EU/EEA
Some of our external third parties are based outside the European Union (EU) and the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EU/EEA.
Whenever we transfer your personal data out of the EU/EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
- We may transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
- Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
- Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US.
How long will we keep personal data?
We will only retain your personal data for as long as necessary for the stated purpose, while also taking into account our need to comply with legal requirements under applicable laws. This means that Apis may retain your personal data for a reasonable period after your and our customer’s last interaction with us. When the personal data that we collected is no longer required we erase it.
What are your rights?
Apis Training AB, Reg. No. 556488-5670, is the controller of the personal data processing as described above. This means that we are responsible for ensuring that the personal data are processed correctly and in accordance with applicable data protection laws.
You have the right to know what personal data we process about you. You have also the right to request that we rectify or erase inaccurate or incomplete personal data about you (e.g. if the personal data are no longer needed for the purpose). You are also entitled to object to specific processing of personal data and request that processing of personal data be restricted. Finally, you have the right to receive personal data provided by you in machine-readable format and have the data transferred to another party responsible for data processing. If you wish to exercise your right of access, then you may make a subject access request by contacting us as per the below.
Please note that some of these rights may be limited where we have an overriding interest or legal obligation to continue to process the data.
Anyone who is dissatisfied with how we process their personal data is entitled to report this to the Swedish Data Inspection Board (Sw. Datainspektionen), which is the supervisory authority for our processing of personal data.
If you have any questions or complaints about how we process your personal data or wish to exercise any of your rights set out above, you are welcome to contact us by email at firstname.lastname@example.org or by mail to the address below:
Apis Training AB, Reg. No. 556488-5670
118 63 Stockholm, Sweden