Austria
Belgium
Estonia
Finland
France
Germany
Greece
Iceland
Ireland
Italy
Netherlands
Norway
Poland
Portugal
Spain
Sweden
Switzerland
Turkey
United Kingdom
Australia
New Zealand
Hong Kong
India
Indonesia
Malaysia
Philippines
Singapore
Thailand
Brazil
Chile
Colombia
Mexico
Peru
Bahrain
Israel
Morocco
UAE
Oman
Tanzania
Turkey
Privacy & Data Protection Policy
Version 2022-01-11
1. Introduction
This Privacy Policy (the “Policy”) describes how
- Howden Insurance Brokers AB, reg. no. 556409-4323, with address Linnégatan 2 6 tr, 114 47 Stockholm,
- Howden Insurance Brokers South AB, reg. no. 559168-5606, with address Södergatan 13, 211 34 Malmö, and
- Howden Insurance Brokers West AB, reg. no. 556704-4077, with address Fredsgatan 1, 411 07 Göteborg,
(referred to as ”Howden” below), process personal data as a data controller, under customer assignments (as an insurance intermediary) and in relation to website visitors and other business contacts.
Since Howden process personal data in different contexts, Howden has structured this Privacy Policy into different sections so that the data subject can gain a better understanding of the personal data processing:
- Processing of personal data in relation to customer assignments (section 2)
- Processing of personal data in relation to website visitors and other business contacts (paragraph 3)
- General requirements for all personal data processing (paragraph 4 to 9)
Questions regarding Howden’s processing of personal data can be sent to Howden’s address above or to: [email protected].
2. Processing of personal data in relation to customer assignments
2.1. Howden acts as a personal data controller
In its role as an insurance intermediary, Howden must perform assignment in accordance with the Swedish Act (2018:1219) on Insurance Distribution and with due observance of the generally accepted insurance distribution practices. Howden is registered as an insurance intermediary at the Swedish Companies Registration Office (Bolagsverket) and at the Swedish Financial Supervisory Authority (Finansinspektionen) and is under regulatory supervision in respect of insurance intermediation. Howden’s authorisations for different types insurance are listed in the Financial Supervisory Authority’s public register. Howden process personal data within its insurance intermediation to meet these requirements. Consequently, Howden acts as the sole personal data controller for all personal data processing performed within the scope of the assignment. The Client and any Insurance Company are however personal data controllers for their own respective personal data processing.
As an insurance intermediary, Howden distributes and administers insurances on behalf of the Client and provides advice and information on applicable insurances, depending on the Client’s needs. The assignment may include assisting the Client in insurance matters related to the business as stated in the Agreement entered into with the Client or as stated in Howden’s General Terms.
Under the assignment, Howden may process personal data mainly regarding representatives and representatives of the Client. Additionally, Howden may have access to or process personal data concerning individuals covered by insurances or persons that are involved in an insurance matter, to the extent that the Client has shared such data and in accordance with this Privacy Policy.
2.2 Which personal data is processed
Within the scope of the assignment Howden process personal data primarily regarding representatives and representatives with the client. In addition, Howden may access and process personal data regarding individuals covered by an insurance or individuals involved in an insurance matter to the extent that the client shares such data and in accordance with what is described in this Privacy Policy,
2.3 How Howden collect personal data
Since Howden provides insurance intermediation primarily to companies, assignments normally only involve a limited collection of personal data. However, in some cases personal data may be collected in a more than limited extent, for example when compiling information on the Client’s business (in some cases including claim statistics) when procuring certain insurance solutions or when assisting in complex insurance matters (under special assignment). The main personal data processing regarding the Client’s insurances and/or insurance matters is primarily performed by the insurance company (where the insurance company acts as a separate personal data controller).
Information about the Client’s business and insurance needs is mainly collected directly from the Client or from its representatives before, in relation to or during the assignment.
Howden may also within the scope of the assignment collect personal data from other parties and sources, such as insurance companies or other publicly accessible registers. These can be:
- Other actors on the insurance market, for example providers of reinsurance and insurance intermediaries;
- Credit information companies;
- Other parties in relation to compensation claims, such as the demanding party, witnesses, experts, insurance regulators and lawyers;
- Anti-fraud databases and other similar databases, including sanction lists; and
- Government agencies, e.g. The Swedish transport Agency, the Swedish Companies Registration Office and the Swedish Tax Agency.
2.4 How Howden process personal data
Howden only process personal data to the extent permitted under applicable data protection legislation. This inter alia means that Howden must be able to base the purposes of a personal data processing on a legal basis, which for Howden’s assignment as an insurance intermediary mainly includes one of the following legal bases:
Performance of a contract – the processing is necessary in order for Howden to provide the services or otherwise perform a contract between Howden and the Client, or to take measures at the Client’s request prior to entering into a contract.
The processing of information related to representatives of Howden’s Clients is carried out with reference to Howden’s legitimate interest to conclude and perform the contract with the Client.
Performance of legal obligations – the processing is necessary in order to fulfil Howden’s legal obligations under law or other statutes that Howden is subject to, or orders or decisions by courts or authorities, which require that processing of personal data.
Legitimate interests – the processing is necessary for purposes relating to the legitimate interests of Howden, the Client’s or of a third party, provided that the individuals interests or fundamental rights or freedoms do not override Howden’s legitimate interests (in which case the processing is not be allowed).
Below, Howden provides further details on the categories of personal data that Howden process, for what purposes these are processed and what legal bases the processing relies on, including for how long the personal data is stored.
2.4.1 Prior to or at the beginning of an assignment
Categories of personal data | Purposes of the processing | Legal basis | Storage period | |
Offering/entering into an agreement | ||||
First and last name Contact details such as email address, telephone number, place of residence and address Professional title Information that is otherwise provided in conjunction with the communication | Create a customer relation including maintaining contact with representatives with the Client, for the purpose of creating a customer relationship and to give a quotation, and assignment description or a draft agreement. This includes, among other things, customary administration of and communication about the agreement between the parties, and also communication via e-mail about Howden’s business and services. | If the agreement is entered into directly with the insured person the processing is done with the support of it being necessary for the entering into and the completion of an agreement. Otherwise, the processing is based on Howden’s legitimate interest is to create a business relationship with the Client.
| Howden process and store personal data under a period of maximum 3 years after the information was collected, or as long as a business relationship can be assumed to be imminent (considering the long lead times in the insurance brokerage industry). If a business relationship is established during the mention time period the personal data will be processed in accordance with what is stated below. | |
First and last name, personal identification number, (or other birth data), contact information (such as address, email address and telephone number), copy of passport or other identification document, information about: the scope of and the reason behind the assignment; where relevant assets come from; if the Client or someone close to the Client or any known associate is a politically exposed person; as well as other information needed to perform money laundering checks. | Control of the Client or key people employed by the Client in order to assess the risk for money laundering or financing of terrorism according to law (e.g. The Money Laundering and Terrorist Financing Prevention Act). | Processing is necessary to fulfil legal requirements or other legal obligations to which Howden i subject. | Howden process and stores personal data for a period of five years according to the Money Laundering and Terrorist Financing Prevention Act. If necessary, to prevent, detect or investigate money laundering or financing of terrorism, Howden may retain documents and information as described above for a period longer than five years, but not more than ten years. | |
2.4.2 Insurance intermediation assignments
Categories of personal data | Purposes of the processing | Legal basis | Storage period | |
Advising and analysing insurance requirements | ||||
Information regarding insured persons, beneficiaries and others directly and indirectly intended to be covered by the insurance. information about the Client’s wishes or needs for insurance coverage and, where applicable, financial and other circumstances. Other information provided to assess the insurance needed/required and perform and provide analyses and advice within the assignment (e.g. damages statistics, information from questionnaires, information about the business and assets etc.). | To be able to continuously assess and evaluate the Client’s insurance needs and requirements and provide advice concerning this. This includes follow ups and planning and where applicable, the provision of training. | If the agreement has been entered into directly with the insured the processing in performed on the basis of it being necessary in order to fulfil the agreement with the insured. Otherwise, the processing is based on Howden’s legitimate interest is to be able to offer its services to the Client and where the Client’s legitimate interest is to be able to obtain appropriate insurance cover. | Howden process and stores personal data, in compliance with Howden’s storage obligation under the applicable rules for insurance distribution, during the performance of the assignment and thereafter one year after 1. Howden’s commitments under the assignment has ceased, and 2. the timeframe within which claims can be made has expired (at the latest ten years after the intermediation). | |
Procurement of insurance solutions | ||||
Information about insured persons, beneficiaries and others that directly or indirectly are intended to be covered by insurance Information about the Client’s wishes or needs for insurance coverage, where applicable economic and other circumstances. Other information that is provided in order to assess the insurance needs/wishes as well as perform and provide analyses and advice within the assignment (e.g. damages statistics, information from questionnaires, information about the business and assets, etc.). | Find suitable insurer, insurance policy and premium according to the Client’s needs and requirements and obtain quotes from insurers. Prepare quotation documentation and handling of power of attorney from the Client. Maintain contact for negotiations with insurance companies. | If the agreement has been entered into directly with the insured, the processing is performed on the basis that it is necessary for the fulfilment of the agreement with the insured. Otherwise, the processing is based on Howden’s legitimate interest is to be able to offer its services to the Client and where the Client’s legitimate interest is to be able to obtain appropriate insurance cover. | Howden process and stores personal data, in compliance with Howden’s storage obligation under the applicable rules for insurance distribution, during the performance of the assignment and thereafter one year after 1. Howden’s commitments under the assignment has ceased, and 2. the timeframe within which claims can be made has expired (at the latest ten years after the intermediation). | |
Administration of insurance | ||||
First and last names and the professional titles of the representatives. Contact details such as email address, telephone number, place of residence and address. Other information necessary for the performance of the assignment. | Management of insurance renewals and, when necessary, provide information in writing to or from the insurance companies. If necessary, update insurance and monitor that changes are made. | Howden’s legitimate interest to communicate with customers and facilitate the continued insurance coverage. | Howden process and stores personal data, in compliance with Howden’s storage obligation under the applicable rules for insurance distribution, during the performance of the assignment and thereafter one year after 1. Howden’s commitments under the assignment has ceased, and 2. the timeframe within which claims can be made has expired (at the latest ten years after the intermediation). | |
Claims | ||||
First and last names and the professional titles of the representatives Contact details such as email address, telephone number, place of residence and address Information about the insured persons and beneficiaries. Other information provided by the Client, the insurance company or which is required for the performance of the assignment. | Be able to assist the client with advice in the event of damage and related services such as burglary- and fire inspections, valuation of insured property, descriptions of risk, and assistance with complicated claims and insurance related contract review. Also mediating contact between clients and insurance companies. | Howden’s legitimate interest is to be able to provide or fulfil the agreement with the Client and the Client’s legitimate interest to be able to safeguard its rights. | Howden process and stores personal data, in compliance with Howden’s storage obligation under the applicable rules for insurance distribution, during the performance of the assignment and thereafter one year after 1. Howden’s commitments under the assignment has ceased, and 2. the timeframe within which claims can be made has expired (at the latest ten years after the intermediation). | |
2.4.3 During the entire life cycle of the insurance
Categories of personal data | Purposes of the processing | Legal basis | Storage period |
First and last names and the professional titles of the representatives. Contact details such as email address, telephone number, place of residence and address. Information that is otherwise provided in connection with the communication. | Contact and communication with representatives at one of Howden’s clients, for the purpose of maintaining and develop the business relationship and give information about assignments, events and offers. This includes, inter alia, customary administration of and communication about the agreement between the parties as well as communication via email about the assignment, Howden’s business, services and ongoing activities. | Howden’s legitimate interests is to maintain and develop the business relationship with the Client. | Howden process and stores the personal data as long as there is a business relationship with the Client or other contacts that indicate an imminent renewed relationship (considering the long lead times in the insurance brokerage industry), but no longer than three years from the last contact of relevance between the parties. Howden could however be required to store information for a longer period of time for other purposes, e.g. to fulfil legal obligations, for example regarding accounting in accordance with the Book-keeping Act or Howden’s documentation and storage obligations according to the rules of insurance distribution. |
Information about insured persons, beneficiaries and others who have been directly or indirectly affected by the current given insurance mediation. Informatino about the Client’s complaints, requirements and relevant circumstances including relevant events and developments after the completion of the current assignment (including any claim information) Other information provided or needed to be able to assess and handle the complaint and any other claims. | Handling and follow up on complaints from the Client, including collecting information and assessments of the provided advice, as well as assessment of possible liability and/or settlement if liability exists. This includes contacts with the Client, insurance companies and other relevant advisors as well as necessary documentation of the complaint matter in accordance with applicable regulations for insurance distribution (e.g. regarding searchability and identification). | Fulfilment of legal obligation, regarding Howden’s obligation under rules for insurance distribution to handle, document and store complaint cases. | Howden process and stores personal data, in accordance with Howden’s storage obligation in accordance with rules for insurance distribution, for at least three years after the complaint or as long as it is required with regards to the nature of the case, the parties need for documentation as well as Howden’s other potential storage obligations under rules for insurance distribution. |
First and last names and the professional titles of the representatives Contact details such as email address, telephone number, place of residence and address Information that is provided in contract related matters, e.g. questions and feedback on contracted services. | General customer care. This includes inter alia invoicing as well as the usual handling, follow-up and documentation of agreement related matters. Also communication with clients.
| Balancing of interests where Howden’s legitimate interest is to maintain and develop the business relationship with the client. In cases where an agreement has been entered into directly with the insured person some processing takes place to fulfil the agreement between the parties. | Howden process and stores the personal data as long as there is a business relationship with the Client or other contacts that indicate an imminent renewed relationship (considering the long lead times in the insurance brokerage industry), but no longer than three years from the last contact of relevance between the parties. Howden could however be required to store information for a longer period of time for other purposes, e.g. to fulfil legal obligations, for example regarding accounting in accordance with the Book-keeping Act or Howden’s documentation and storage obligations according to the rules of insurance distribution. |
To fulfil legal obligations or to establish, exercise or defend legal claims | |
Howden may process personal data in order to fulfil legal obligations according to law or other statutes that Howden is subject to, or if we are subject to orders or decisions by courts or authorities, which require Howden to process the Data subject’s personal data. Howden may also process personal data so that the Client. Howden, insurers or any relevant third party can establish, exercise or defend its legal claims, e.g. in connection with an ongoing dispute. | |
3. Processing of personal data in relation to website visitors and other business contacts
This section 3 describes how Howden process personal data as a data controller in relation to visitors and users of Howden’s website and persons who come into contact with Howden's business (excluding customer assignments, which is described in section 2 above).
3.1 How Howden collects personal data
The information that Howden process is mainly collected directly when visiting and using Howden's website or in connection with Howden's contact with a data subject - e.g. via e-mail, telephone or at personal meetings, conferences, trade fairs or similar occasions. Howden may also collect information from third parties, usually from the company that the data subject represents. Howden also process the personal data provided by the data subject or on behalf of the data subject to Howden.
3.1 How Howden process personal data
3.2.1 Maintain and improve Howden’s website
Categories of personal data | Purposes of the processing | Legal basis | Storage period |
IP-address, e-mail address, visited websites, time and duration of visits as well as cookies (which is a text file stored on the computer of the person visiting a website) and similar information created by the use of cookies, through the use of Howden’s website. Other technical information generated through visits on Howden’s website, such as the type of technical device that was used, web browser, visited pages as well as the time of the visits (browser information, time zone at the place from which Howden’s website was visited, other web traffic information) | Collect statistical data and analyse the web traffic on Howden’s website as well as other technical information generated when visiting the website in order to maintain and improve its functionality, the user experience, and in order to discover and handle errors, breaches and incidents. This is done by use of third party analytics services. The statistics Howden produce and the analysis Howden carry out by using these services are based on aggregated data and other de-identified or anonymized data. | Legitimate interest, where Howden’s legitimate interest is to collect information to maintain and improve the functionality, content, and security of the website. Collection of information by use of cookies and similar technologies is carried out based on consent, unless they are strictly necessary for the use of the website in an appropriate manner. For more information on how Howden use cookies and similar technologies, please see Howden’s cookie policy here. The web browser can be set so that cookies are not saved automatically. Please note that when choosing not to accept cookies, some of the website's functions may be restricted. | Howden collect and store information on how visitors interact with Howden’s website for no longer one year. In most cases, the collected personal data is however converted to aggregated data (anonymized data) before the said time period, in connection with Howden producing statistical data. |
3.2.2 To create, maintain and develop business relationships (in addition to customer assignments)
Categories of personal data | Purposes of the processing | Legal basis | Storage period |
First and last name Contact details such as email address, telephone number, place of residence and address Professional title and information about the company that the data subject represent Information that the data subject provide to Howden in contract related matters with you or the company the data subject represent, e.g. questions and feedback on contracted services. | Contact and communication for the purposes of creating, maintaining and developing a business relationship with the data subject or the company the person represent. Administration and communication in order to conclude or perform a contract between Howden and you or the company the data subject represent This includes, among other things, invoicing and regular handling, following up and documentation of contract related matters. This includes, among other things, communication via email about Howden’s business, services and Howden’s current activities and communication regarding Howden’s customer, partner and supplier agreements | Legitimate interests, where Howden’s legitimate interest is to create and thereafter maintain and develop a business relationship with you or the company the data subject represent. The processing is necessary for Howden to be able to enter into and fulfil agreements with you or the company the data subject represent If the data subject is acting on behalf of someone else e.g. in the capacity of representative of a customer, partner or supplier to us, Howden’s processing is carried out based on Howden’s legitimate interests, where Howden’s legitimate interest is to enter into as well as perform the agreement with the company the data subject represent. | Howden process and store personal data as long as Howden has a business relationship with the data subject or the company the data subject represent, but no longer than three (3) years after the last time contact was held in the business relationship. Howden may however need to store personal data for a longer time for other purposes, e.g. if Howden need to take measures in order to establish, exercise or defend legal claims. Howden may also need to store personal data for a longer time in order to fulfil legal obligations, e.g. relating to book keeping according to the Swedish Accounting Act. |
To fulfil legal obligations or to establish, exercise or defend legal claims Section 3 in this Privacy Policy | |||
Howden may process personal data in order to fulfil legal obligations according to law or other statutes that Howden are subject to, or if Howden is subject to orders or decisions by courts or authorities, which require Howden to process personal data. Howden may also process personal data so that the data subject, or the company the data subject represent, Howden, any relevant third party can establish, exercise or defend its legal claims, e.g. in connection with an ongoing dispute. | |||
4. Security measures
Howden has taken measures to ensure that personal data is handled in a safe way. For example, access to systems where personal data is stored is limited to Howden’s employees and service providers who require it in the course of their duties. Such parties are informed of the importance of maintaining security and confidentiality in relation to the personal data that is processed. Howden maintain appropriate safeguards and security standards to protect personal data against unauthorized access, unauthorized disclosure or misuse. Howden also monitor the systems to discover vulnerabilities.
5. How Howden share personal data
Access to personal data that Howden process is limited to persons who require such access for the purposes described in the sections above. Personal data may therefore be shared with the following categories of third party recipients:
a) Companies within Howden’s group: Howden may share personal data with other companies within the same group. If Howden shares personal data within the group Howden ensure that the personal data continues to be processed in line with this Policy.
b) Service providers: Howden use third party service providers to manage parts of the business operations. Personal data is shared with these suppliers so that they can perform services on behalf of Howden, such as providing support and business systems or performing assignments as sub-contractors in connection with Howden's own services. When Howden uses service providers under this clause a data processing agreement is entered into and other suitable measures to ensure that the personal data is processed in line with this Policy are taken.
c) Insurance companies: Within the scope of its assignment Howden may share data with insurance companies inter alia to obtain quotes but also to convey information provided by the Client.
d) Partners: Howden may from time to time cooperate with external parties in order to improve the services and business. Such parties either process personal data as data controllers according to their own terms and policies for handling personal data, or as data processors in accordance with Howden’s instructions for the data processing. In the latter case, a data processing agreements is enter into and other suitable measures are taken to ensure that the personal data is processed in line with this Policy.
e) Sale or transfer: Howden may share the personal data with a buyer/investor or prospective buyer/investor in the event of a sale, assignment or other transfer of all or parts of the shares, assets or operations. Should such transfer occur, Howden will take actions in order to ensure that the receiving party process the personal data in accordance with this Policy. The purpose of such sharing or processing of the personal data is to allow a (potential) buyer/investor to carry out an assessment of the business, and where necessary, take actions and make preparations in the event of a sale or investment, where the transfer occurs out with reference to the legitimate interests of allowing such assessment, actions and preparations by the.
f) Public authorities: Howden may share personal data with public authorities such as the Swedish Police or the Swedish Tax Agency when required to do so by e.g. applicable law or other legal statutes or orders or decisions by courts or authorities in order to fulfil the legal obligation specified therein.
g) Howden’s advisors: Howden may share personal data with its advisors, such as Howden’s accountants, lawyers or other advisors, to the extent necessary to carry out Howden’s duties, legal obligations or to satisfy Howden’s legitimate interests. When Howden uses advisors under this paragraph, the data is processed on the basis of Howden’s and the adviser’s legal basis for such processing or, in so far as the advisor acts as a data processor under a personal data processing agreement, to ensure that personal data is processed in accordance with this Privacy Policy.
6. Where the personal data is processed
As a starting point, Howden always process personal data within the EU/EEA (and to a limited extent in the United Kingdom, which has an adequate level of protection according to the European Commission’s decision). Information which is provided through Howden’s website may be transferred to the United Kingdom. In some cases, where Howden shall perform certain individual assignments of international nature it could be required that personal data is transferred to countries outside the EU/EEA. In such cases, Howden has an obligation to ensure that the transfer is in accordance with applicable data protection legislation before the data is transferred, for example by ensuring that the country to which the data is transferred meets the requirements for an adequate level of protection in accordance with the European Commission's decision, or by ensuring that the transfer is covered by appropriate safeguarding measures in the form of e.g. standard contractual clauses (including necessary safeguards) decided by the European Commission, which ensure that appropriate measures are taken to safeguard persons rights and freedoms. Transfers of personal data for such individual assignments that require it can in some cases also take place when there is no adequate level of protection or when appropriate safeguarding measures cannot be fully ensured. In such a case, Howden will transfer the personal data in consultation with the person whose data Howden is processing, after the persons has given consent or when the transfer is necessary to fulfil an agreement in the interest of the data subject. Such a transfer may involve risks to the personal data in question if the country the data is transferred to has not taken sufficient measures to ensure an adequate level of protection for personal data.
7. The data subject’s rights
The persons whose personal data Howden process (the ”Data subject”) has some rights in relation to the personal data processing that is described herein and for which Howden is responsible for as a data controller. To exercise a right as stated below, the Data subject may contact Howden, e.g. by email: [email protected]. For processing that takes place with the Client or with an insurer the Data subject must instead make its request to them as they are responsible for their own processing.
7.1 Right of access
The Data subject has the right to obtain a confirmation as to whether or not Howden process personal data concerning that person. If that is the case, the Data subject also has the right to receive copies of the personal data that is processed as well as additional information about the processing, such as for what purposes the processing occurs, relevant categories of personal data and the recipients of such personal data.
7.2 Right to rectification
The Data subject has the right to, without undue delay, have incorrect personal data rectified. The Data subject may also have the right to have incomplete personal data completed.
7.3 Right to erasure
The Data subject can demand that Howden without undue delay erase personal data if:
- the personal data is no longer necessary in relation to the purposes for which they were collected or otherwise processed;
- Howden’s processing is based on consent which has been withdrawn;
- the Data subject object to the processing that Howden carries out based on a legitimate interest, and where the objection overrides Howden’s or another party’s legitimate interest of the processing;
- the personal data has been unlawfully processed; or
- the personal data has to be erased for compliance with a legal obligations.
7.4 Right to restriction
The Data subject has the right to request that the processing of personal data is restricted in the following circumstances:
- the Registered contest the accuracy of the personal data during a period enabling Howden to verify the accuracy of such data;
- the processing is unlawful and The Data subject oppose erasure of the personal data and request restriction instead;
- Howden no longer needs to process the personal data for the purposes for which it was initially collected, but it is necessary for the Data subject for the establishment, exercise or defence of legal claims; or
- the Data subject has objected to the processing of the personal data which Howden carries out based on a legitimate interest, pending the verification whether the objection overrides Howden’s or another party’s legitimate interest to continue with the processing.
7.5 Right to object
The Data subject has a right to object to such processing of its personal data when it is based on Howden’s or another party’s legitimate interest. If this happens, in order to be allowed to continue with the processing Howden must demonstrate compelling legitimate grounds for the processing which override the Data subject’s interests, rights and freedoms.
7.6 Right to data portability
If Howden’s process the Data subject’s personal data based on the performance of a contract with the Data subject or its consent, the Data subject has the right to receive the personal data in an electronic format. The Data subject also has the right to have the personal data transferred from Howden directly to another data controller, where technically feasible.
This right to so called data portability does not cover personal data that is processed manually.
7.7 Right to withdraw consent
If Howden’s processing of the Data subject’s personal data is based on consent, the Data subject always has the right to withdraw its consent at any time. A withdrawal of consent does not affect the lawfulness of the processing that took place based on the consent before the withdrawal.
8. Complaints with the supervisory authority
In Sweden, the Swedish Authority for Privacy Protection (Sw. Integritetsskyddsmyndigheten) is the authority responsible for supervising the application of current data protection legislation. If the Data subject believes that Howden process personal data in a wrongful manner, Howden can be contacted in order to express these concerns. However, the data subject may file a complaint with the Swedish Authority for Privacy Protection at any time.
Changes to this Privacy Policy
This Privacy Policy may be updated from time to time. If the Privacy Policy is changed, the new version will apply when published on Howden’s website. When the latest update occurred is indicated by the date specified at the top of the Privacy Policy.
_______________________