Padlock on computer keyboard. Network Security, data security and antivirus protection PC

Privacy policy

Privacy Statement

ÅF Pöyry AB (publ) and its subsidiaries (collectively “AFRY”, “we” or “us”) is committed to protecting your privacy and keeping your personal data secure. On this page you find information on what personal data AFRY collects and how it is used and protected. Where you provide AFRY with personal data about other individuals (for example, colleagues of yours), please refer them to this Data Privacy Statement.

We process personal data in accordance with the applicable laws and regulations. Please find out more about our processing activities:

Privacy Notice for customers and business partners

This data privacy notice gives information regarding AFRY’s collection, processing, storage and sharing of personal data belonging to persons working for actual or potential AFRY customers and other business partners.

1. Categories of personal data that are concerned

The personal data that may be collected include:

  • Basic personal information, such as name, e-mail address, phone number, title or position;
  • Company information, such as details on the company you work for, including financial information, and other business related information related to your or your company’s business interactions with AFRY, such as meetings, projects and assignments;
  • Business opportunities, such as details on potential projects or assignments, including stakeholder information, market area(s) and competence area(s);
  • Marketing related data, such as email subscription record, association with marketing campaigns and whether direct marketing has been denied.
  • IT access control data, i.e. data used if you access AFRY’s IT-systems and networks, such as IP address and any information required in order to establish and maintain a secure IT connection and to log access.

The information above may be collected in contacts with you directly or be provided to AFRY from its customers and business partners or be collected from public sources such as internet searches.

2. The purposes and legal basis of the processing activities

AFRY collects and processes personal data for legitimate business purposes, including entering into and performing business contracts with you, or the company you work for, or engaging with other business partners, marketing AFRY and its services and products, or as otherwise permitted or required by law.

The following are examples of business purposes pursued by AFRY:

  • 提供专业的服务和产品,包括承包,项目管理,工作规划和资源分配;
  • 进行业务规划和发展,战略评价和统计评估;
  • to issue and process invoices and payments;
  • 为了维护安全,安全和有效地利用内部信息,确保业务关键信息和其他资产是安全和保护的;
  • 保持良好的健康和安全实践;
  • 调查和预防欺诈,不当行为,侵权或其他侵犯法律权利和义务的行为;
  • to manage disputes and complaints, i.e. compensation claims, and to ensure compliance with legal obligations that AFRY are otherwise subject to.

3.存储和擦除的例程

AFRY只处理和存储个人资料as long as is necessary for the purposes that applied when collecting the data and to comply with legal obligations, resolve disputes and enforce contracts. Personal data may thus, for example, be stored during the performance of a contract up until it has been concluded and the period of limitations has expired, i.e. claims for compensation can no longer be pursued.

4. With whom we may share personal data

对于本隐私通知中描述的目的,可以在AFRY组的公司之间共享个人数据。通过AFRY以电子方式处理的个人数据主要将存储在位于EU / EEA的服务器上。由于Afry在全球范围内运营并拥有全球客户和项目,因此可以由欧盟/ EEA之外的AFRY子公司和可信任的供应商和商业伙伴转让和处理个人数据。

Personal data may be shared third party service providers, who may process data on AFRY’s behalf, such as IT service providers, subconsultants, lawyers and other external professional advisors.

Personal data may be shared with AFRY’s customers where you are a business partner and be shared with AFRY’s business partners where you are a customer, and other third parties, to the extent it is required for AFRY’s fulfilment of any actual or potential contracts with you or if its required by law or pursuant to any order of court or other competent authority or tribunal or by any applicable stock exchange regulations.

Any international transfer of personal data that takes place will be subject to appropriate security measures and all reasonable steps to ensure that your personal data is protected and maintained in accordance with this Privacy Notice and applicable data privacy laws will be taken, including using ‘standard contractual clauses’ approved by the European Commission.

5. Your rights as a data subject

In accordance with applicable data protection legislation, subject to some conditions and exceptions, you have the following rights:

  • The right to information about and access to your personal data, including the right to data portability;
  • The right to have personal data corrected or updated;
  • The right to erasure (‘The right to be forgotten’);
  • 限制处理的权利;
  • The right to object to certain processing.

You may exercise the rights above by sending an email toprivacy@www.lemongroves.com。To opt-out of commercial electronic news letters and marketing, you may always click on the unsubscribe link at the bottom of the message.

You have a right to lodge any complaints regarding AFRY’s compliance with data protection laws with the appropriate supervisory authority.

6. About us

ÅfPöyryab(公告),Corp。没有556120-6474与瑞典公司注册办公室和注册地址SE-169 99斯德哥尔摩,瑞典是Åf集团的主要数据控制器。此外,Åfab(公共发行)的子公司也可以是数据控制器和处理个人数据,如本隐私声明所述。您与Åf的关系将确定我们的哪些集团公司可以访问和处理您的个人数据,我们的哪些集团公司是负责您的个人信息的数据控制器。

如果您对正在处理的个人数据的隐私和安全性有疑问,请在Åf的公司内部是数据控制器,请发送电子邮件privacy@www.lemongroves.comor contact our Data Privacy Manager at:

ÅF Pöyry AB (publ)
Att: Data Privacy Manager
SE-169 99 Stockholm, Sweden

[隐私通知主页]

Privacy Notice for candidates

This Privacy Notice gives information regarding collection, processing, storage and sharing of personal data for individually identifiable candidates. Candidates are persons not employed by AFRY that has registered a digital profile in AFRY’s systems for the purpose of interaction with AFRY preferably leading to employment. Personal data is collected when the candidate registers on our webpage and can be complemented by AFRY and candidate for as long as the relationship is active.

1. Categories of personal data that are concerned

  • Basic personal data: name, e-mail address, address, phone number and other private contact details.
  • Job resume: education, employments, assignments, competences, personal letter etc.
  • Recruitment process data: information obtained from interviews, assessments or references etc.
  • Sensitive personal data: In some cases, a candidate chooses to provide so-called sensitive personal information, such as ethnic backgrounds, sexual orientation, political opinion, religious beliefs, or professional affiliation. As a rule, we recommend not to provide this type of privacy-critical personal information. However, if a candidate still chooses to do this, we will process this information based on the candidate’s consent. This kind of data is, of course, handled with special vigilance, to protect your privacy as far as possible.

2. The purposes and legal basis of the processing activities

AFRY may collect and process candidates’ personal data due to legal obligations and/or legitimate interest of AFRY. Some of the data is processed based on consent of the candidate (e.g. data not required but still received in the CV or application letter).

申请人可以在AFRY内共享的信息Human Resource function and its other business functions (e.g. line management in relation to specific positions) to determine how well the application fits the position the employee candidate have applied for, or possible future postings. Additionally, the application data will be viewed together with additional information the applicant provides AFRY during the recruitment process (e.g. interviews, assessments, references). If applicant becomes an employee, the data may be retained and used for personnel administration including the establishment of a personnel record or other employment related purposes.

3.存储和擦除的例程

前往将在注册之日起处理和存储候选人的个人数据三年。经过三年的候选人将收到一封电子邮件,因为有机会主动同意我们将注册个人资料留成另一个十二个月。

4. With whom we may share personal data

对于本隐私通知中描述的目的,可以在AFRY组的公司之间共享个人数据。通过AFRY以电子方式处理的个人数据主要将存储在位于EU / EEA的服务器上。由于Afry在全球范围内运营并拥有全球客户和项目,因此可以由欧盟/ EEA之外的AFRY子公司和可信任的供应商和商业伙伴转让和处理个人数据。

Personal data may be shared third party service providers, who may process data on AFRY’s behalf, such as IT service providers, subconsultants, lawyers and other external professional advisors.

Personal data may be shared with AFRY’s partners to the extent it is required for AFRY’s fulfilment of any actual or potential contracts with you or if its required by law or pursuant to any order of court or other competent authority or tribunal or by any applicable stock exchange regulations.

Any international transfer of personal data that takes place will be subject to appropriate security measures and all reasonable steps to ensure that your personal data is protected and maintained in accordance with this Privacy Notice and applicable data privacy laws will be taken, including using ‘standard contractual clauses’ approved by the European Commission.

4. Your rights as a data subject

In accordance with applicable data protection legislation, subject to some conditions and exceptions, you have the following rights:

  • The right to information about and access to your personal data, including the right to data portability;
  • The right to have personal data corrected or updated;
  • The right to erasure (‘The right to be forgotten’);
  • 限制处理的权利;
  • The right to object to certain processing.

You may exercise the rights above by sending an email toprivacy@www.lemongroves.com

You have a right to lodge any complaints regarding AFRY’s compliance with data protection laws with the appropriate supervisory authority.

5. About us

ÅfPöyryab(公告),Corp。没有556120-6474与瑞典公司注册办公室和注册地址SE-169 99斯德哥尔摩,瑞典是Åf集团的主要数据控制器。In addition, subsidiaries of ÅF AB (publ) may also be data controllers and process personal data as described in this Privacy Notice. Your relationship with ÅF will determine which of our group companies has access to and processes your personal data, and which of our group companies are the data controller(s) responsible for your personal information.

如果您对正在处理的个人数据的隐私和安全性有疑问,请在Åf的公司内部是数据控制器,请发送电子邮件privacy@www.lemongroves.comor contact our Data Privacy Manager at:

ÅF Pöyry AB (publ)
Att: Data Privacy Manager
SE-169 99 Stockholm, Sweden

[隐私通知主页]

Privacy Notice for networkers

[隐私通知主页]

This data privacy notice gives information regarding collection, processing, storage and sharing of personal data for individually identifiable AFRY Networkers. Networkers are persons not employed by AFRY that has registered a digital profile in AFRY´s systems for the purpose of interaction with AFRY and/or the possibility to take on assignments for AFRY. The personal data is collected at registration in AFRY´sNetwork, and can be complemented by AFRY and Networker as long as the relationship is active.

  1. 基本个人数据:姓名,出生日期/个人识别码,电子邮件地址,国籍,性别,地址,电话号码和其他私人联系方式,AFRY系统,居住国的ID号,以及当需要的其他基本个人数据。
  2. Partner Company data (when applicable): Company name, VAT number, homepage, F-tax verification (timestamp & performed by)
    a. Sales responsible (when applicable): Name, e-mail & phone number
  3. Performing and planning work: Availability, information supporting quality assurance process and applications for available assignments, picture, searchable CV data (e.g. education, employments, assignments, competences etc.) that may be communicated to AFRY Customers.
  4. Business administration: ID number in AFRY system, AFRY sales responsible, working time, travel expenses, contact information to next of kin and when needed other personal data necessary for business administration.
  5. Communication: personal data needed for access to AFRY´s IT-systems and networks, i.e. e-mail address/usernames for logging in and using the services available in AFRY portal but also other types of personal data logged in connection with the use of IT-systems and networks.
  6. Security: date of birth, personal identification number, your picture used for keycards within AFRY or externally and when needed other personal data necessary for security reasons.

1. The purposes of the processing of networkers’ personal data

AFRY may collect and process networkers’ personal data for the following purposes. The list is not exhaustive but is intended to describe AFRY ´s need to process the networkers’ personal data.

  • administration and handling of the relationship with AFRY, maintaining of an networker data register
  • management, contracting, planning of work, assignments, projects and workforce, planning and allocation of resources
  • evaluation and monitoring of performance
  • payments and processing of compensation for work performed
  • 保险目的的数据
  • give the networker access to AFRY information systems, maintain a safe, secure and efficient use of internal information, ensure that business critical information and other assets are safe and protected
  • health and safety
  • monitoring the use and application of internal policies and other regulations, protect AFRY property, material as well as intellectual property rights, prevent fraud and other illegal activities
  • 管理纠纷和投诉,即补偿n claims, act according to other legal requirements that AFRY might have to apply as a result of assignments performed for AFRY

2. The legal base for the processing of networkers’ personal data
处理数据的法律基础是在向前的系统中注册时给出的同意,以及在履行前往任务时履行合同中的义务。根据法律要求和其他法规,法律基础也包括以特定顺序处理个人数据的法律要求和其他条例,即与税务机关或保险公司或为了正确注册工作时间。法律基础也可能包含一个平衡的利益,给出了处理数据的权利。

If the processing is necessary to fulfil a contractual obligation or a legal obligation the networker cannot refuse the processing. If the processing of data is made after a balancing of interests the networkers´ refusal is tried on a case by case basis. If the processing is based on consent only, the networker may always withdraw the consent.

3.存储和擦除的例程

AFRY will process and store networkers´ personal data for as long as is necessary for the purposes that applied when collecting the data.

Personal data will stored during the time period required due to legal obligation for AFRY to maintain the data, for example in order to verify correct tax deductions or for AFRY to be able to protect its rights as a contract party. The personal data will be erased according to schedule when it is no longer needed and when it isn’t possible networkers´ or authorities to claim compensation from ÅF according to contracts. ÅF might also have a need to save certain personal data that is connected to certain projects and therefore need to be saved during the lifecycle of the project.

4. The rights of the networker

NetWorkers有权纠正或完成任何故障或不完整的个人数据。根据法律要求的可能性,AFRY将删除不需要保存所需的所有数据。请转到privacy@www.lemongroves.comwith questions regarding AFRY´s handling of personal data, requests and incident reporting.

For data processed based on consent only, the networker may always at any time withdraw his or her consent. Withdrawing consent is done by the networker her/himself using the “Delete profile” function when logged into portal.www.lemongroves.com.

AFRY shall, upon request, provide you with one (1) copy of the personal data undergoing processing. For any further copies requested, AFRY may charge a reasonable fee based on administrative costs.

Networkers have the right to turn to Datainspektionen (the Swedish Data Protection Agency) with any complaint (datainspektionen@datainspektionen.se)。

5. Contact information to AFRY as a data processor

ÅF Pöyry AB, org. nr. 556120-6474 with address Frösundaleden 2 a, Solna, Sweden is data controller. ÅF Pöyry AB is responsible for processing the personal data correctly and in accordance with applicable data protection regulations.