logo
Software
Customers
About Us
Careers
Software
Customers
About Us
Careers
Contact Sales

Privacy Policy

In light of the General Data Protection Regulation (GDPR) we would like to inform you how we process your personal information if you engage with us at Industrial Path Solutions Sweden AB, IPS IBOFlow AB, and IPS Particle Technology Sweden AB (also "we", "us"). Each company is the data controller for their data processing outlined in this privacy policy. Personal data is any type of data that can be used to identify an individual.

This policy applies to you if you

  • Are a visitor of our website,

  • Have entered your personal information on our website,

  • Are the contact person of one of our customers,

  • Subscribed to our newsletters/software updates,

  • Or have participated in one of our virtual or physical events.

We may make changes to this policy.

1. How do we process your personal data?

Below we list the personal data processing activities we carry out, including their purposes, legal bases, the personal data processed, and retention periods. Where we rely on legitimate interests as the legal basis under Article 6.1.f) GDPR, we have assessed that our legitimate interest in the processing outweighs your privacy interests. We set out our legitimate interests where this legal basis applies.

When a third party, such as our IT-providers, process data on our behalf we have entered into a data processing agreement with them. We may also transfer your data to recipients who are data controllers and thus responsible for their own personal data processing, such as public authorities and offices and sales representatives within the IPS network.

1.1 For users of our website and individuals who have contacted us

  • Customer service:

    Purpose of processing: Handling inquiries via the contact form on our website or e-mail.

    Legal basis: Legitimate interest. Our legitimate interest is to establish customer relationships.

    Personal data: Name, employer, phone number and e-mail belonging to contact persons at potential customers, as well as inquiry details and communication history.

    Retention policy: The data is stored for one year from the last interaction.

We do not use any cookies on our website.

1.2 For individuals who have been contacted by us, participated in our events or subscribed to our newsletter

  • Contact with potential customers:

    Purpose of processing: Marketing and business development activities to identify and contact potential customers.

    Legal basis: Legitimate interest. Our legitimate interest is to develop our business and identify potential customers.

    Personal data: Name, employer, phone number and e-mail belonging to a contact person at potential customer organizations.

    Retention policy: The data is stored for a maximum of one year.

  • Marketing communications:

    Purpose of processing: Sending newsletters and follow-up e-mails.

    Legal basis: Consent. You have provided your consent to receive e-mails following one of our physical or virtual events, our newsletter or software updates.

    Personal data: Name, employer and e-mail address.

    Retention policy: The data is stored until you unsubscribe from our newsletters or else withdraw your consent.

  • Events:

    Purpose of processing: Organizing and managing virtual or physical events.

    Legal basis: Legitimate interest. Our legitimate interest is to organize events for business development purposes.

    Personal data: Name, employer, phone number and e-mail address of event participants.

    Retention policy: The data is stored for one year after the event.

  • Event follow-up:

    Purpose of processing: Keeping your data in order to reach out to you after participating in an event arranged by us.

    Legal basis: Legitimate interest. Our legitimate interest is to reach out to you after participating in an event arranged by us.

    Personal data: Name, employer, phone number and e-mail address of event participants.

    Retention policy: The data is stored for one year after the event.

1.3 For customers

  • Provision of services (for legal entities):

    Purpose of processing: Executing agreements with our customers.

    Legal basis: Legitimate interest. Our legitimate interest is to execute agreements with our customers. Personal identity number is processed based on that it is clearly justified in view of the importance of secure identification.

    Personal data: Name, personal identity number, employer, phone number and e-mail belonging to a contact person working for our customer.

    Retention policy: The data is stored throughout the customer relationship or for as long as contractual obligations persist.

  • Provision of services (for sole proprietors:

    Purpose of processing: Executing agreements with our customers.

    Legal basis: The processing is necessary for the performance of a contract to which the data subject is party. Personal identity number is processed based on that it is clearly justified in view of the importance of secure identification.

    Personal data: Name, personal identity number, phone number and e-mail.

    Retention policy: The data is stored throughout the customer relationship or for as long as contractual obligations persist.

  • Bookkeeping:

    Purpose of processing: Fulfilling legal obligations regarding bookkeeping and accounting.

    Legal basis: Legal obligation. We are legally required to maintain accounting records.

    Personal data: Name, employer, phone number and e-mail belonging to contact persons at customers and suppliers, as well as company registration numbers.

    Retention policy: The data is stored in accordance with applicable bookkeeping legislation, seven years.

1.4 For suppliers

  • Receiving services from suppliers (legal entities):

    Purpose of processing: Executing agreements with our suppliers.

    Legal basis: Legitimate interest. Our legitimate interest is to execute agreements with our suppliers. Personal identity number is processed based on that it is clearly justified in view of the importance of secure identification.

    Personal data: Name, personal identity number, employer, phone number and e-mail belonging to a contact person working for our supplier.

    Retention policy: The data is stored throughout the supplier relationship or for as long as contractual obligations persist.

  • Receiving services from suppliers (sole proprietors):

    Purpose of processing: Executing agreements with our suppliers.

    Legal basis: The processing is necessary for the performance of a contract to which the data subject is party. Personal identity number is processed based on that it is clearly justified in view of the importance of secure identification.

    Personal data: Name, personal identity number, employer, phone number and e-mail.

    Retention policy: The data is stored throughout the supplier relationship or for as long as contractual obligations persist.

  • Bookkeeping:

    Purpose of processing: Fulfilling legal obligations regarding bookkeeping and accounting.

    Legal basis: Legal obligation. We are legally required to maintain accounting records.

    Personal data: Name, employer, phone number and e-mail belonging to contact persons at customers and suppliers, as well as company registration numbers.

    Retention policy: The data is stored in accordance with applicable bookkeeping legislation, currently seven years.

1.5 For job applicants

  • Recruitment:

    Purpose of processing: Conducting recruitment processes.

    Legal basis: Legitimate interest. Our legitimate interest is to recruit personnel for our organization.

    Personal data: Name, contact information, CV, cover letter, references, and other information provided in job applications.

    Retention policy: The data is stored until the recruitment process is completed.

  • Legal obligation according to the Discrimination Act:

    Purpose of processing: Complying with the rules on providing information about qualifications in accordance with Chapter 2, Section 4 of the Discrimination Act.

    Legal basis: Compliance with a legal obligation.

    Personal data: Name, contact information, CV, cover letter, references, and other information provided in job applications. This applies to the person who was hired for the position.

    Retention policy: For this purpose, the data of the person who was hired for the position is stored for two years after the recruitment process is completed.

  • Retaining applications:

    Purpose of processing: Retention of job applications for an extended period of time for future recruitment processes.

    Legal basis: Our legitimate interest is to keep job applications for an extended period of time for future recruitment processes.

    Personal data: Name, contact information, CV, cover letter, references, and other information provided in job applications.

    Retention policy: The data is stored for three years.

2. How do we safeguard your personal data?

Industrial Path Solutions Sweden AB, IPS IBOFlow AB, and IPS Particle Technology Sweden AB implement comprehensive organisational and technical security measures to ensure the confidentiality, integrity, availability, and traceability of information assets, protecting against unauthorised disclosure, data leakage and data loss. From an organisational perspective, IPS maintains formal access control policies with documented user registration and regular review processes to ensure access rights are restricted on a need-to-know basis, whilst prioritising information security awareness training for all employees.

On the technical side, we implement encryption technologies to protect confidential information during storage and transfer, deploys malware detection and repair software, and requires multi-factor authentication for systems accessing sensitive information and privileged access. Additionally, we perform regular backups of information and software tested in accordance with defined Recovery Point Objectives (RPO) and Recovery Time Objectives (RTO), and employ monitoring tools to identify threats and unexpected network behaviours.

3. Data transfers to non EU/EES-countries

In cases where personal data is processed outside the EU/EEA (in a "third country"), there is either a decision by the European Commission that the third country in question ensures an adequate level of protection for the processing of personal data, or other appropriate safeguards in accordance with the GDPR, for example in the form of standard contractual clauses, which ensure that your rights are protected. Where applicable, we also take additional security measures to ensure the protection of your personal data.

4. Your rights under the GDPR

Below is a description of your rights under the GDPR when we process your personal data. To exercise your rights, please contact us (see contact details below).

Right to withdraw your consent: When we process your personal data based on your consent, you have the right to withdraw all or part of the consent you have given.

Right to object: You have the right to object to processing based on a balance of interests and in the case of direct marketing. If we cannot show that there are compelling, legitimate reasons to continue processing the data, we must cease processing.

Right of access: You have the right to request information from us about what data we process about you and how the data is processed, a so-called register extract.

Right to rectification: You have the right to have incorrect data rectified without undue delay. You also have the right to ask us to complete incomplete data by providing us with correct data.

Right to erasure and restriction: You have the right to request the erasure of your personal data, e.g. if the processing is no longer relevant in relation to the purpose for which the data was collected. The right to erasure does not apply if the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation that requires processing, or for the establishment, exercise or defence of legal claims. You also have the right to request that certain processing of your data be restricted, for example if you object to the accuracy of the data.

Right to data portability: If we base the processing on your consent or on a contract with you, you have the right to obtain the personal data concerning you that you have provided to us in a structured, commonly used and machine-readable format and to transmit it to another controller or to obtain our assistance in transmitting it to another controller where technically feasible.

Right to lodge a complaint: You have the right to lodge a complaint with the Swedish Authority for Privacy Protection regarding our processing of your personal data.

5. Contact us

If you would like more information about how we process your personal data or if you wish to exercise any of your rights under section 5 above, contact our data privacy manager at privacy@industrialpathsolutions.com.

Kind regards,

Industrial Path Solutions Sweden AB, IPS IBOFlow AB, and IPS Particle Technology Sweden AB