Privacy Policy

1. Introduction

J2 Sourcing AB has been a service provider for the global manufacturing industry since 2004. We aim to support every industry segment with tailor-made solutions to achieve efficiency in the supply chain while adhering to strict quality standards and excellent customer service. We value and foster a culture of collaboration, teamwork, and continuous improvement. Our mindset and flexibility make us fit for any challenge. 

At J2 Sourcing, we are committed to conducting business with integrity and transparency toward all our stakeholders. We treat each other with respect and we are dedicated to providing a supportive and inclusive workplace for all our employees. 

At J2 Sourcing, we aim to support every industry segment with tailor-made solutions to achieve efficiency in the supply chain while adhering to strict quality standards and excellent customer service. 

An integral part of our purpose is to respect the integrity and privacy of every person that we come into contact with when fulfilling our mission. In this general privacy notice, we explain how J2 Sourcing AB (“Controller”/”we”/”us”/”our”) collect, uses, discloses, and safeguards the data we collect about you when/if you visit our websites, submit your personal information to us via e.g. e-mail or the contact forms at our websites, or where you otherwise reach out to us for business purposes or use our services for such purposes, as well as where we collect your personal data for business purposes via, e.g., public sources or at an event, meeting, or similar interaction, and when we send you marketing or promotional communications for business purposes. 

Some J2 Sourcing companies and processing activities have different privacy notices that are provided when they are relevant. We also have some supplemental privacy notices that provide additional information as required by law. For instance, this General Privacy Notice does not apply to the personal information we collect about visitors to our premises since this is covered by our Privacy Notice for Camera Monitoring. 

If you have questions, wish to exercise your rights under the GDPR, or otherwise wish to contact us regarding our processing of your personal data within our capacity as data controller, please find our contact details under Section 8 below. 

2. Overview of processing activities

Data subjects  Category  Summary 
Website Visitors  Purpose 
  • Service and product development. 
  • Generate pseudonymized, anonymized, and/or aggregated datasets to be used for product development. 
  • Provide the information that you have requested from us. 
  • Marketing and promotional communication, newsletters, and other communication. 
  • Understand how you use our website, for analytics, statistics, and modeling. 
Categories of personal data 
  • Name and contact information. 
  • Technical information derived from your use of our website, including information collected from cookies and other technologies, as well as IP address, geolocation, browser type and browsing history, and device information. 
Categories of data subjects 
  • Website visitors. 
  • Subscribers to social media channels and newsletters. 
  • Persons who fill out online forms on our websites. 
Data sources 
  • Data subject itself and cookie and tracking technology 
Legal bases 
  • Fulfillment of contractual obligation: provide the information that you have requested from us. 
  • Consent: marketing and promotional communication, newsletters, and other communication. 
  • Legitimate interest: service and product development; generate pseudonymized, anonymized, and/or aggregated datasets to be used for product development; understand how you use our website, for analytics, statistics, and modeling. 
Sharing of data 
  • Sharing with third-party advertising companies: to be able to extract data analytics, statistics, and intelligence from your usage of our websites. Our websites only place marketing, personalization, and advertising cookies on your device(s) if you explicitly and actively consent to such cookies by clicking “Accept All.” Our “Cookie Notice,” available at the bottom left on our websites, explains how to manage your preferences and how to disable previously accepted cookies. 
Data subjects  Category  Summary 
Employees of customers/suppliers  Purpose 
  • Verify authority to purchase services and products, as well as verify eligibility for customer service. 
  • Provision of services and products, including creating offers and tenders, handling complaints/incidents, ensuring the quality of delivery and other related follow-ups of provided services and products, and tracking of purchased products. 
  • Communication related to offers and tenders, sales, and provision of services and products. 
  • Service and product development. 
  • Generate pseudonymized, anonymized, and/or aggregated datasets to be used for product development. 
  • Marketing and promotional communication. 
Categories of personal data 
  • Name and contact information, including professional role and title. 
  • Purchasing and invoicing history. 
  • Preferences on how services and products are to be provided. 
  • CCTV footage upon visiting J2 Sourcing premises (refer to Camera Surveillance Privacy Notice).
Categories of data subjects 
  • Customer contact person(s), including roles and persons necessary for offers and tenders, sales, provision of services and products, signatories and other members of management. 
Data sources 
  • Data subject itself, the employer and/or colleagues of the data subject. 
Legal bases 
  • Fulfillment of contractual: verify the authority to purchase services and products, as well as verify eligibility to customer service; provision of services and products. 
  • Fulfillment of legal obligations: retention of financial data related to the provision of services and products, including any data that have or might have value as evidence in case of a claim made or reasonably believed to be made against us. 
  • Legitimate interest: communication related to offers and tenders, sales, and provision of services and products; service and product development; generate pseudonymized, anonymized, and/or aggregated datasets to be used for product development; marketing and promotional communication. 
Sharing of data 
  • Sharing with freighters and other partners: to provide services and products purchased by your employer; to manage fraud, compliance, and complaints, including investigating incidents related to the provision of services and products. 
  • Sharing with group companies: as is necessary to provide services and products (and they are only allowed to use data in accordance with this Privacy Notice) 

3. How we share your data with third parties 

If personal data is shared with a third party, we ensure that appropriate data-sharing agreements and/or data-processing agreements are in place before sharing data. The only time such sharing is done without a sharing/processing agreement in place is if the sharing of personal data is required by law or ordered by a court/other governmental body or authority. 

4. International data transfers 

We are a Swedish company, and the main part of the processing is conducted in Sweden or within the EU/EEA. We may, in certain cases, transfer data outside the EU/EEA. In such cases, transfers are done in accordance with data protection legislation and the limits set therein. 

Where data is being transferred outside of the EU/EEA to a country for which there is an adequacy decision made by the European Commission, such decision serves as the lawful basis. This is the case where data is being transferred to, e.g., the UK. 

Where there is no adequacy decision in force, we rely on other transfer mechanisms in the GDPR, e.g., by using Standard Contractual Clauses approved by the European Commission and, if necessary, supplement these with additional safeguards. 

If necessary for, e.g., an incident investigation undertaken by a customer based outside the EU/EEA, we will rely on relevant derogations to perform an extraordinary and singular transfer of personal data that may be necessary for the investigation. 

We will ensure that an appropriate transfer mechanism is used for all international transfers before engaging in a transfer to a country outside of the EU/EEA. 

5. Retention of data 

In general, we will keep your personal data for as long as it is relevant to the purpose it was collected. 

  • When contacting us with a question or request, e.g., by emailing, calling, or filling out our online forms, relevant data will normally be kept for 1 month after the question or request is duly handled unless the request results in a customer/potential customer relationship. 
  • Online identifying information collected automatically through the use of cookies and other tracking technology is generally deleted within 6 months from when it was collected. 
  • In the case of customer contacts, personal data is retained as long as the customer maintains a relationship with the organization. Considering the nature of our business, this means that data is saved also for such customers that buy products and services seldom. Additionally, the data may be kept and analyzed for a time thereafter for service development purposes, in which case it will to the extent possible, be pseudonymized or anonymized. 
  • Certain data related to customer contacts are retained to fulfill tax, accounting, and record-keeping requirements for a period of 7 years after the expiration of the financial year during which the records were made. 

The information may be retained for a longer period of time if reasonably deemed necessary to protect the company’s rights, defend against potential claims, and meet legal obligations. 

6. Your Rights 

You have the following rights, which you can, under certain circumstances, exercise in relation to our processing of your personal data.  

  • Right to be informed: You have the right to know what personal data is being collected about you, why it is being collected, and how it will be used. This notice is provided partly in order to fulfill our obligation with respect to this right. 
  • Right of access: You have the right to access your personal data and receive a copy of it. If you want a copy of the personal data that we process about you when you are visiting or using our website, please contact our Privacy Manager. 
  • Right to rectification: You have the right to request that any inaccurate personal data about you be corrected. If you want us to rectify any of the personal data we process about you in relation to this website, please contact our Privacy Manager. 
  • Right to erasure: You have the right to have your personal data erased under certain circumstances. If you want us to delete any of the personal data that we process about you related to the visiting and use of this website, please contact our Privacy Manager and let us know what data and why. 
  • Right to restrict processing: You have the right to request that the processing of your personal data be restricted under certain circumstances. If you want us to restrict the personal data that we process about you, please contact our Privacy Manager and let us know what data and why. 
  • Right to data portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit it to another data controller. If you want to receive a copy of the personal data that we process about you or have it transferred to another controller, please contact our Privacy Manager.  
  • Right to object: You have the right to object to the processing of your personal data under certain circumstances. If you want to object to our processing of your personal data, please contact our Privacy Manager and let us know what data and why. 
  • Rights related to automated decision making and profiling: You have the right to know when automated decision making and profiling are being used, and to object to it under certain circumstances. Please note that we do not use your personal data collected in relation to our website for any automated decision making or profiling. 

If you believe that we have processed your personal data in violation of applicable laws and regulations, you also have the right to make a complaint to our Privacy Manager, who can be reached at the contact information listed under Section 8 below, or by filing a complaint with the competent supervisory authority. If you live in Sweden, the competent supervisory authority is Integritetsskyddsmyndigheten, and you can find the right to complain here: 

7. Changes to this General Privacy Notice 

We may introduce changes or updates to this General Privacy Notice from time to time. In such cases, we will publish information on the changes or updates on our website. 

8. Contact Information 

If you want to exercise any of your rights or if you want any other information relating to how we process your data, please contact us using any of the channels below.  

Contact

Data Controller 

J2 Sourcing AB 

Email address: gdpr@j2sourcing.com 

Address: Kantyxegatan 29, SE-21376, Malmö, Sweden 

Privacy Manager 

Christian Zieger 

E-mail address: Christian.zieger@j2sourcing.com  

Phone number: + 46 761802323