Privacy policy
Milab Microphones AB a limited liability company incorporated under the laws of Sweden with corporate identification number 556460–6605 and address Gevärsgatan 20, 254 66 Helsingborg (“we”, “us”, “Milab”) is the Controller and is responsible for the personal data that is processed about you in accordance with this Privacy Policy.
If you have any questions regarding how we, according to this information, process your personal data, please contact us by emailing GDPR@milabmic.com.
For us at Milab our customers’ trust is of the outmost importance. This trust forms the basis of our business. You should always be able to feel secure when entrusting your personal data to us. We have established this Privacy Policy to inform you about how we process your personal data. The Privacy Policy is based on current legislation and clarifies how we work to safeguard your rights and your integrity.
Milab collects information you provide directly to us when you visit our website, visit our office premises, apply for a job with us, request a quote, enter into an agreement with us, buy our products, use our services or otherwise shares in communication with us, for example via our newsletters or through our social channels, via our customer service and in support cases such as in the case of complaints and warranty cases (e.g. for returns) and through information collected from third parties. Milab may collect information about you from third parties who can legally collect and share the information further, e.g. for a credit check before your purchase from us. Third parties may vary from time to time.
We are constantly working to improve our business, therefore the Privacy Policy may change from time to time. We may update the Privacy Policy as a result of changes in the legal, technical or business developments. You can see when it was last updated by checking the date at the bottom of this Privacy Policy.
The purpose of the Privacy Policy is for you to know how we process your personal data, what we use it for, who may access it and under what conditions, and how you can exercise your rights. We strive to be transparent with how we use your personal data.
Milab will process the personal data only for as long as is necessary to fulfill the purposes of the processing or to fulfill our legal obligations. Under the subheadings below, you can read more about which storage times apply for each purpose.
This Privacy Policy applies to information that Milab processes about you. Certain pages on our website may contain links to third party websites that we do not control, for example when you visit the websites of our retailors to which we refer on our website. These websites have their own Privacy Policies, and Milab is not responsible for their operations, information practices and regulatory compliance. We therefore recommend that you read their own Privacy Policies when visiting their websites, for their processing of your personal data.
This Privacy Policy is structured as follows:
- Personal data that is processed when you visit our website
- Personal data that is processed when you visit our office premises
- Personal data that is processed when you apply for a job with us
- Personal data that is processed when you are the contact person when we enter into business with the company you are employed at
- Personal data that is processed when you request a quote, enter into an agreement with us, buy our products or use our services
- Personal data that we process after you have entered into an agreement with us
- Personal data processed for direct marketing
- Personal data processed due to legal obligation or to safeguard legal claims
- To whom do we share your personal data
- Transfers outside the EU/EEA
- How do we protect your personal data
- Your rights
The supervisory authority for the processing of personal data is the Swedish Authority for Privacy Protection (IMY). If you wish to submit a complaint to the Privacy Protection Authority regarding our processing of your personal data, you have the right to do so. Please visit www.imy.se for more information on how to proceed.
1. Personal data that is processed when you visit our website
| Personal data being processed | Purpose | Legal basis | Storage time |
|---|---|---|---|
| We do not process your IP address as such, but your IP address is anonymized into an ID number. When you enter the address of a website in your browser, a call is created that is sent out on the Internet. The call passes through our routers on its way to our website. | We need to process your anonymized IP address in order for you to be able to visit our website. | We have a legitimate interest in you and other people interested in our products being able to visit our website in order to take part in them. | The ID number is only processed during your visit to our website. We therefore do not store any IP addresses. |
| Milab uses Google’s statistics tool Google Analytics GA4. The tool places its own cookies to function and your usage and IP address will be sent to and stored on Google’s servers. Note, however, that IP anonymization takes place to make the IP address more anonymous before it is sent to Google. | Milab uses Google’s statistical tool GA4 in order to measure what visitors do (click) when they visit our website. This information is used only for the purpose of evaluating how the website is used. | The processing is based on your consent. | Your anonymized IP address is stored by Google for fourteen (14) months. |
2. Personal data that is processed when you visit our office premises
| Personal data being processed | Purpose | Legal basis | Storage time |
|---|---|---|---|
| Film recording (without sound) via camera surveillance. | We monitor our office premises with cameras in order to prevent and detect crime. | We have a legitimate interest in ensuring that our office premises are not exposed to crime such as burglary and theft. | We will process this personal data for a period of fourteen (14) days from the recording, after which it will be deleted. |
| Name, workplace (employer or equivalent), nationality, purpose of the visit, recipient of the visit, date and time of the visit. | We keep visitor records for our visitors in our office premises for security purposes. | We have a legitimate interest in keeping track of who is visiting our office premises for security purposes, in order to deal with security incidents. | We will process this personal data for a period of one (1) year from the date of the visit, or the period required to be able to investigate and handle a possible security incident. |
3. Personal data that is processed when you apply for a job with us
| Personal data being processed | Purpose | Legal basis | Storage time |
|---|---|---|---|
| Name, social security number, address, e-mail address, phone number and other information the applicant provides when applying for a job. | We need to process this information to keep in touch with you and to assess your application based on the position you have applied for. We use your personal data to administer and process your application for employment, review CVs, personal letters, references, grades, and certificates as well as to communicate with you and for storage purposes. | We have a legitimate interest in carrying out the necessary processing of the personal data in order to be able to evaluate your merits, personal characteristics, and personal background, and enable selection in connection with decisions for recruitment/employment. | We will process this personal data until the position is filled. |
| Name, social security number, address, e-mail address, phone number and other information the applicant provides when applying for a job. | We need to process this information for future recruitment and to enable us to contact you early if necessary if a vacancy arises for which you are suitable and interesting. | We have a legitimate interest in saving your application for a time after the position has been filled in case a vacancy or a need for a similar position arises for which you are suitable and interesting. | We will process this personal data for a period of one (1) year from the time when the advertised position was filled. |
| Name, social security number, address, e-mail address, phone number and other information the applicant provides when applying for a job. | We need to process this information to be able to defend any claims that may arise in connection with a recruitment process, to prove that discrimination has not occurred when filling the position. | The processing is based on legal obligation. The statute of limitations for filing a lawsuit is two (2) years in accordance with the Discrimination Act. | We will process this personal data for a period of two (2) years from the time when the advertised position was filled. |
| Name, social security number, address, e-mail address, phone number and other information the applicant provides when the applicant submits a spontaneous application to us. | We need to process this information for future recruitment and to enable us to contact you early if necessary. | Both you and we have a legitimate interest in being able to keep your application for some time after it has been received in case a vacancy or a need for a suitable position arises. | We will process this personal data for a period of one (1) year after the spontaneous application was received. |
4. Personal data that is processed when you are the contact person when we enter into business with the company you are employed at
| Personal data being processed | Purpose | Legal basis | Storage time |
|---|---|---|---|
| Name, title and workplace, address, e-mail address, phone number. | We need to process this information in order to enter into a contractual relationship with you. We may use your personal data as the contact person for the company we enter into business with. | We have a legitimate interest in being able to enter into an agreement with the company you are employed at. | We will process this personal data for a period of three (3) years from the date of purchase. |
5. Personal data that is processed when you request a quote, enter into an agreement with us, buy our products or use our services
| Personal data being processed | Purpose | Legal basis | Storage time |
|---|---|---|---|
| Name, address for contact, e-mail address for contact. | We need to process this information to be able to respond to your quote request. | We have a legitimate interest in being able to enter into an agreement with the company you are employed at. | The quote’s validity period is normally thirty (30) days unless otherwise stated in the quote. Quotations are stored for a period of one (1) year from the quotation date, after which they are deleted. |
| Name, addresses: address for contact, address for invoice and delivery address, e-mail address for contact, possibly or alternatively e-mail address for invoice, bank details, phone number and purchased products including serial number. | We need to process this information and your data in order to deliver the product you have ordered and to perform our services. We may use your personal data to administer your purchase, to communicate with you regarding your order, or in case of complaints and warranty matters, and to store our communication and transaction history. | The legal basis for this processing is that you have entered into an agreement with us. | We will process this personal data for a period of three (3) years from the date of purchase. |
6. Personal data that we process after you have entered into an agreement with us
| Personal data being processed | Purpose | Legal basis | Storage time |
|---|---|---|---|
| Name, customer number, invoice address, alternatively e-mail address for invoice and purchased products including serial number. | We need to process this information to post and invoice, charge for, and report our financial information. | The processing is based on a legal obligation. Stored in accordance with accounting rules. | We will process this personal data for a period of seven (7) years from the date it was recorded in accordance with the Accounting Act. |
| Name, addresses: address for contact and delivery address, e-mail address for contact, e-mail address for invoice, phone number, RMA number/reference code, purchased products including serial number, information about product faults, and other correspondence from you regarding your complaint. | We need to process this information in order to fulfill our legal and contractual obligations to you regarding complaints and warranty matters. | The processing is based on legal obligation. We need this information to be able to fulfill our legal obligation regarding complaints and warranty matters. | We will process this personal data in accordance with applicable regulations and legislation. |
7. Personal data processed for direct marketing
| Personal data being processed | Purpose | Legal basis | Storage time |
|---|---|---|---|
| Name and e-mail address. | We need to process this information for direct marketing. We may use your personal data to send you newsletters and thus provide you with updated information about our products. | The processing is based on your consent. | We will process this personal data for a period of one (1) year from newsletter registration or until you unsubscribe, whichever occurs first. |
8. Personal data processed due to legal obligation or to safeguard legal claims
| Personal data being processed | Purpose | Legal basis | Storage time |
|---|---|---|---|
| Personal data that has been processed because you have entered into an agreement with us and bought our products. | We need to process your personal data in order for us to fulfill our legal obligations in accordance with law, ordinance, government regulations, and guidelines. | The processing is based on a legal obligation. In order to meet the existing legal requirements, we need to process this information. These legal requirements can, for example, be tax law or according to accounting obligations. | We will process this personal data for the time required by the legal obligation. |
| Personal data that has been processed as a result of you coming into contact with our products. | In the event of a dispute, we may use your personal data to investigate, respond to, or determine legal claims or disputes related to your purchase or our contractual relationship in general. | We have a legitimate interest in safeguarding our rights. | We will process this personal data for the time required until the legal claim has been established and the decision/judgment has become final and has gained legal force. |
9. To whom do we share your personal data
In order to perform our obligations to you and fulfill our agreement with you, we may transfer to, or share the information with third parties such as providers or subcontractors, authorized retailers and distributors or service providers.
Milab engages external providers for the delivery of the purchased product and only the information relevant to the performance of the delivery is disclosed – so that we can fulfill our agreement with you.
IT providers – We use IT providers that are necessary for us to be able to offer you our products and deliver our service, especially in terms of website operation and support.
Provider of accounting services – We use external providers of accounting and bookkeeping services. The providers are necessary for us to be able to invoice and manage our accounting in our business.
The performance of these aforementioned services may mean that our providers gain access to your personal data.
Authorities and law enforcement – We may share your personal information when we believe, in good faith, that it is necessary to comply with legal obligations or to respond to legal claims. We may also share your personal data when we, in good faith, suspect that it is necessary for national security, law enforcement and intelligence purposes or to avoid death or personal injury, provided that these interests are not outweighed by your rights and freedoms for the protection of your personal data.
We may also disclose personal data to third parties when it has been specifically agreed between us and you, when it is necessary within the framework of a certain assignment to protect your or our rights, or if it is necessary for us to comply with authority decisions or court decisions.
10. Transfers outside the EU/EEA
We may transfer your data to countries outside the EU/EEA (third country) in cases where the transfer is necessary for us to be able to fulfil our agreement with you or to carry out actions preceding such agreement at your request (with your consent), thus to be able to fulfil our services and deliver the product you have ordered. In cases where data is transferred outside the EU/EEA, Milab takes all reasonable measures to ensure that this takes place in accordance with applicable laws and regulations on data protection.
Information about shipments may also be handed over and thus transferred to authorities in third countries (the country of destination) for example for customs handling, depending on the respective country’s legal requirements. The information provided may include, for example, the name, address, e-mail address and phone number of the recipient/buyer.
11. How do we protect your personal data?
Your security is of the outmost importance to us. Therefore, we have taken appropriate technical, organisational, and administrative security measures to protect your personal data from loss, abuse, disclosure, alteration, destruction, unauthorised access, and other unauthorised processing. We regularly analyse and evaluate the measures to ensure that the protection of your data is as safe as possible.
Only those individuals who have a clearly defined and justified need to handle your data, in accordance with their duties, will be granted access to this data.
Access is strictly limited to ensure that personal data is handled responsibly and in accordance with current data protection legislation and internal security procedures, with the aim of protecting your privacy and ensuring correct processing of the information.
Milab’s employees, contractors and their providers are required to comply with Milab’s regulations, Privacy Policy and other internal rules governing the process of your personal data.
As part of Milab’s security work, we educate our employees to promote a strong culture of data protection.
12. Your rights
It is not mandatory for you to provide us with your personal data, but in cases where the use of your personal data is based on the fulfilment of an agreement, we must have your data to fulfil our obligations. If you do not provide your personal data, there is a risk that we will not be able to undertake obligations under agreements.
In some circumstances, we may ask for your consent to use some of your personal data. It is not mandatory for you to give such consent if you do not want your personal data to be used for the specified purposes. You can withdraw your consent at any time by contacting us. If you withdraw your consent, the withdrawal is valid from the time of the withdrawal and does not affect the use of your personal data during the period before the withdrawal took place.
When we use your personal data, you, as a user, have several rights. You have the right to contact us at any time if you wish to exercise any of the rights described below. If you wish to exercise any of the rights described below, you can reach us most easily at GDPR@milabmic.com.
The right to information – You have the right to receive information about how we process your personal data.
The right to access – You have the right to contact us and request to know what kind of personal data we process about you. You have the right to request for copies of your personal data.
The Right to correction – You have the right to have incorrect information corrected and supplemented with correct information. As a rule, you also have the right to receive information about where we have obtained the incorrect information.
The right to deletion – Under certain conditions, you have the right to have your information deleted (the right to be forgotten).
The right to restrict processing – Under certain conditions, you have the right to demand that we restrict processing of your personal data.
The right to object – Under certain conditions, you have the right to object to the processing of personal data that is performed for the purpose of performing a task of public interest, as part of the exercise of authority or after a balance of interests. You therefore have the right to object to your personal data being processed for direct marketing.
The right to data portability – Under certain conditions, you have the right to obtain your personal data in a structured, usually used and machine-readable format and transfer the personal data that you yourself have submitted to Milab to another organization/Controller.
The right to withdrawal of consent – If our processing of your personal data is based on your consent, you are always entitled to withdraw your consent at any time for the continued processing of the personal data that Milab processes with such legal basis.
The right to submit a complaint – You have the right to submit a complaint with the Swedish Authority for Privacy Protection (IMY) if you believe that we process your personal data incorrectly. You can read more about this on the Swedish Privacy Protection Agency’s website https://www.imy.se/.
This Privacy Policy was last updated on the 1st of October 2024.
