Privacy
Policy

Why and for whom?

At AIKE AB, organization number 556658-5054, ("AIKE", "we", "us", "our"), we care about personal privacy. This means that we respect and protect your privacy and the right to control and transparency in the processing of your Personal Data.

This Privacy Policy ("Policy") applies to the processing for which AIKE is the Data Controller. The Policy describes in general terms for what purposes we need your Personal Data, what legal basis we rely on, and what measures we take to protect personal data. We also inform you about how you can exercise the rights you have in connection with our processing of your Personal Data.

The Policy informs about our handling of Personal Data in cases where you communicate with us, use the Service, or visit our website www.aikemedia.com (together "Features").

Definitions

"Processing"

of Personal Data means everything that can be done with Personal Data, e.g., storage, modification, reading, transfer, etc.

"Applicable law"

means the legislation applicable to the processing of Personal Data including the General Data Protection Regulation (GDPR), supplementary national legislation, as well as case law, guidance, and recommendations issued by a national or European supervisory authority.

"Personal Data"

means all kinds of information that can be linked to an identifiable, living person.

"Data Controller"

means the company/organization that determines for what purposes and in what way Personal Data should be processed and thus also responsible for ensuring that Personal Data is processed in accordance with Applicable Law.

"Data Processor"

means the company/organization that processes Personal Data on behalf of the Data Controller and may therefore only process Personal Data in accordance with the Data Controller's instructions and Applicable Law.

"Data Subject"

means the living, physical person whose Personal Data is processed.

"Service"

means a website with information about AIKE and its subsidiaries.

AIKE's data controller responsibility

The information in this Policy covers the Processing of Personal Data for which AIKE is the Data Controller, i.e., the Processing for which we determine the purpose (why processing is done) and means (in what way, which personal data, how long, etc.). The Policy does not describe how we process personal data in the role of Data Processor - that is, when we process personal data on behalf of our customers.

We provide information about AIKE as a company and as a group. The information is of a descriptive nature as well as financial, regulatory, and news information. For the best possible experience, our website uses so-called cookies, which the user/visitor can choose to accept or not. We offer the user/visitor to register to receive news and information from AIKE. Personal data that the user/visitor provides themselves is used solely for the purpose of enabling the information provision that the user/visitor has requested to receive.

AIKE's processing of personal data

We have a responsibility to describe and show how we meet the requirements placed on us when we process your Personal Data. This section aims to give you an understanding of what types of personal data we process about you and for what purposes.

Data subjects and retention period

The intended recipients of this Policy are the following groups, whose personal data we store in accordance with the criteria below.

• Users of the Service
  Users' personal data will be stored for the time they use the Service and to fulfill legal obligations such as handling alleged errors in the Service.

Processing and purposes

The main purpose of the personal data processing we perform is to provide, perform, and improve our services to you. There are several different reasons why we may need to collect, handle, and save your data.

We mainly process personal data for the following purposes:

• Contact and identification information to confirm your identity, verify your information, and be able to communicate with you

How do we get access to your personal data?

We collect your personal data in several different ways. We mainly get access to your personal data:

• When you provide it to us directly, for example when you register for our services or contact us
• When you use our website and services
• From third parties when permitted by law

Legal basis

For us to be able to process your personal data, we need to have a so-called legal basis for each processing. In our operations, we mainly process your personal data on the following grounds:

Consent – AIKE processes your Personal Data after we have received your consent to Processing. Information about the processing is always provided in connection with us asking for consent.

If you want additional information about which legal basis(s) we process your personal data for, you always have the right to request a so-called register extract. Read more under "How you use your rights" below.

Your rights

You are the one who decides over your Personal Data. We always strive to ensure that you can exercise your rights as effectively and smoothly as possible.

• Access – You always have the right to receive information about the Personal Data processing that concerns you in a so-called register extract. The register extract shows, among other things, which of your personal data we have stored and for what purposes and on what legal basis. We only provide information if we have been able to verify that it is actually you asking for the information.
• Correction – If you discover that the Personal Data we process about you is incorrect, contact us and we'll fix it!
• Deletion – Want us to forget you completely? You have the right to request deletion of your Personal Data when they are no longer necessary for the purpose for which they were collected. If we are obliged to retain your data according to law or an agreement we have entered into with you, we will ensure that they are only processed for the specific purpose stated in the law or agreement. Thereafter, we ensure that the data is deleted as soon as possible.
• Objection – Don't agree with us that our interest in processing your Personal Data outweighs your interest in protecting personal privacy? No problem – in that case, we review our interest assessment and check that it still holds. We of course take your objection into account when we make a new assessment to evaluate whether we can still justify our Processing of your Personal Data. If you object to direct marketing, we will remove your Personal Data immediately without reviewing our assessment.
• Restriction – You can also ask us to restrict our Processing of your data during the time we handle a request from you for any of your other rights, or if you, instead of requesting deletion, want us to mark that the data should not be processed for a certain purpose.
• Data portability – We can give you the data you have provided to us yourself or that we have received from you in connection with us entering into an agreement with you. You get your data in a commonly used and machine-readable format that you can then take with you to another Data Controller.
• Withdraw consent – If you have consented to one or more specific processing(s) of your Personal Data, you have the right at any time to withdraw your consent and thereby ask us to cease Processing immediately. Note that you can only withdraw your consent for future Processing(s) of Personal Data and not for any Processing that has already taken place.

How you use your rights

By contacting us at info@aikemedia.com, you can get information about what you have consented to and delete your personal data.

Transfer of Personal Data

To conduct our business, we get help from others who process Personal Data on our behalf, so-called Data Processors. We process all personal data within the EU/EEA.

We have entered into data processing agreements (DPA) with all our Data Processors. The DPA regulates how the Data Processor may process Personal Data and what security measures are required for personal data processing.

We may also need to provide your Personal Data to certain designated authorities to fulfill obligations under law or authority decisions.

Our categories of Data Processors

Below are categories of recipients with whom we may share your data.

• IT providers for, for example, business systems and case management. To be able to carry out our assignments and services, we store your data in our business systems (a system that administers our customers and contacts).

Security

AIKE has implemented technical and organizational measures to ensure that your personal data is processed securely and that it is protected from loss, misuse, and unauthorized or unauthorized access.

Our security measures

Organizational security measures are measures implemented in working methods and routines within the organization. Our organizational security measures are:

• Internal governing documents (policies/instructions)
• Login and password management
• Information security policy

Technical security measures are measures implemented through technical solutions. Our technical security measures are:

• Encryption
• Firewall
• Backup

If we don't keep our promises

If you experience that we process your Personal Data incorrectly, even after you have drawn our attention to this, you always have the right to submit your complaint to the Swedish Authority for Privacy Protection.

More information about our obligations and your rights can be found on the Swedish Authority for Privacy Protection's website (https://www.imy.se/). You can also contact the authority at imy@imy.se.

Changes to this policy

We reserve the right to make changes to this Policy. In cases where the change affects our obligations or your rights, we will inform about the changes in advance so that you are given the opportunity to take a position on the updated policy.

Contact

Contact us if you have questions about your rights or if you have any other questions about how we process your personal data:
info@aikemedia.com