TrA.Subject

TrA.Announcement

ForSea AB, Reg. No. 556990-7198, Bredgatan 5, 252 25 Helsingborg, Sweden, (“ForSea”, “the Company”, “us” or “we”) ”) and group company takes all necessary measures to make sure that personal data concerning our customers, distributors and visitors of our website are being processed by us in a lawfully, fairly and transparent manner. ForSea operates the ferries between Sweden and Denmark on the route Helsingborg–Helsingør.

When you use our various services, we collect your personal data. Consequently, the Company is the data controller of your personal data and processes it in accordance with this privacy policy. This privacy policy explains and clarifies your rights in relation to the Company regarding the processing of your personal data and how you can exercise those rights.

The Company is committed to protecting your personal data and it is important to us to ensure that your personal data are processed in a secure way. We comply with all applicable laws and rules that exist to protect the privacy of individuals, including the Swedish Data Protection Act (2018:218), the Swedish Act on Electronic Communication (2003:389) and such other laws or regulations that implements and/or complements the Electronic Communications Directive 2002/58/EC and the EU General Data Protection Regulation 2016/679 (GDPR) and any changes to, amendments to or regulations that replace such laws and regulations. We use appropriate technical and organisational measures with respect to the amount and sensitivity of personal data.

It is important that you read and understand this privacy policy before you use any of the Company’s services. You should not use any of our services if you do not approve of this privacy policy.

Some pages on our website contain links to third party websites. These websites have their own privacy policies and the Company is not responsible for their operations or their information policies. Hence, any user who sends information to or through these third party websites should review the privacy policies posted on those websites before any personal data are transferred to them.

For information on the collection, handling and storage of information obtained through cookies, see the “Cookies” section below.

What personal data do we collect and where from?

If you visit the Company’s website, purchase a ticket to any of the ferry services provided by the Company or otherwise use our services, you may provide information to us that is considered as personal data under applicable data protection laws.

The types of personal data that we collect may, depending on the context, include:
• name and contact information including address, mobile number and e-mail address;
• delivery and billing information, payment information and other information that you provide in connection with the purchase of tickets to the services provided by the Company;
• different kinds of demographic information;
• user name and password to our mobile application Scandlines HH;
• other information that is relevant for customer surveys, advertisement/marketing or offers;
• information about preferences and interests based on the use of the Company’s websites; and
• user name and password to online booking and profile information.

We may collect your personal data from the following sources:
• the Company’s website, e.g. when you purchase any of the Company’s ferry services or products, consent to the use of cookies or subscribe to the Company’s newsletter;
• the mobile application in use by the Company, e.g. when you purchase a ticket to any of the Company’s services or use the GPS function.
• from third parties in the form of subsidiaries to companies in the group of the Company, or companies that the Company engages for the purpose of enriching its customer database.
• directly from distributors and corporate customers.
• Social Media, e.g. public profile information connected to customer engagement on posts published by the Company, private messages sent to the Company’s social channels (such as Facebook, Instagram, YouTube, Twitter, LinkedIn), received through the Company’s Social Management tool Falcon.io.

Why do we process your personal data?

The Company’s processing of personal data always have a legitimate purpose, and is always based on at least one legal ground. The legal grounds are set out below in bold, followed by the purposes connected to each legal ground.
• Performance of a contract: If you have purchased any of the Company’s services or made an order for the freight of goods, you have entered into an agreement with the Company. As a result, we process your personal data for the purpose of managing your purchase or order, for the handling and administration of the services, to make payments as well as to give you access to the Company’s websites and the services provided there.
• Consent: Direct marketing (by regular mail and e-mail), customer surveys, customer support, newsletters, coupons and flyers.
• Compliance with a legal obligation: We save invoice documentation in accordance with applicable accounting laws and regulations.
• Legitimate interest: In order to be able to provide, carry out and improve our commitments, products and services, it is necessary for us to process personal data in some other cases as well, e.g. to analyse statistics regarding the purchase of tickets and visits on our website.

In the event that a service we provide requires your consent, we will always explicitly ask you to give your consent to such a service and to the processing of your personal data in such a case. For example, we will ask for your consent if you would like to subscribe to any of the Company’s newsletters or if you would like to receive marketing and personalised offers.

In connection with your giving of consent, you will have to confirm that you have read this privacy policy and that you consent to the processing of your personal data as described herein.

Withdrawal of consent

In the event that we process your personal data based on your consent, e.g. regarding subscription to newsletters, you may withdraw your consent at any time by contacting customer service as stated below. Such withdrawal may be made in whole or in part.

If you do not wish to receive marketing and special offers from us you may withdraw your consent by contacting customer service or, if sent by e-mail, through a link in that e-mail.

Retention of personal data

The Company takes all reasonable steps to ensure that your personal data are processed and stored securely. Your personal data will never be stored longer than permitted by applicable law or longer than necessary to fulfil the above stated purposes. We will process your personal data during the following time periods:
• Performance of a contract: Personal data (name, address, telephone number, e-mail, billing and delivery information) which are submitted to the Company in connection with the purchase or order are stored for as long as necessary in order for the Company’s performance of the agreement with you.
• Legal obligation: The Company saves any documentation that constitutes accounting information in accordance with applicable accounting legislation.
• Consent: In cases where we process your personal data based on your consent, we will only save your personal data for as long as we still have your consent.
• Direct marketing: We may process your personal data for direct marketing purposes up to one year after the customer relationship has ended, unless you object to your personal data being used for direct marketing purposes. In addition, if the direct marketing is based on your consent, we may process your personal data for direct marketing purposes during the validity of your consent.

 

Transfer of personal data

Personal data regarding our customers is an important part of the Company’s operations and we do not sell the personal data to anyone else. We only transfer personal data as described below. We always observe great caution when transferring your personal data and your personal data are only transferred in accordance with this privacy policy and after taking appropriate security measures.
• Partners outside the group of companies that the Company belongs to: Our partners, i.e. companies outside the group of companies that the Company belongs to and which are approved by the Company, may get access to your personal data. Such recipients include Scandlines Deutschland GmbH, BroBizz A/S and Öresundsbro Konsortiet and associated companies within the respective company group. Transfers to such recipients are an essential part of the services provided by the Company.
• Group and sister companies: Companies within the ForSea group as well as group and sister companies in the Nordic Ferry Infrastructure group, primarily Molslinjen A/S (and associated companies within the respective group) may gain access to your personal data.
• Business transactions: If all or part of the Company’s operations are sold or integrated with any other business, operation or company, your personal data may be disclosed to our advisors, potential buyers and their advisors, and be transferred to the new owners of the operation.
• Legal obligations: Your personal data may also be disclosed for the purpose of the Company’s compliance with certain legal obligations and it may be transferred to the police and other relevant public authorities when permitted and required by law.

We strive to, the type of transfers mentioned above may only be carried out to companies within the EU or EEA (i.e. all EU member states and Iceland, Norway and Lichtenstein). As far as possible, we do not process or transfer any personal data outside the EU and EEA.

Your rights

You have the right to request information about what personal data concerning you that we are processing and how it is being used by contacting us in writing (see contact details below). You can change your personal details at any time by contacting customer service (contact details below). You are also entitled to request correction of incorrect, incomplete or ambiguous personal data concerning you by contacting customer service. For the protection of your privacy and your personal data, we may require that you identify yourself in connection with our assistance.

In accordance with applicable data protection laws, you also have the right to request that your personal data shall be erased or that the processing of your personal data shall be restricted. In certain situations you also have the right to object to the processing of your personal data and request that your personal data shall be transmitted in an electronic format.

You may file a complaint with the Swedish Privacy Protection Authority (Sw. Integritetsskyddsmyndigheten, IMY) if you believe that the Company’s processing of your personal data is not carried out in accordance with applicable laws. IMY can be reached at www.imy.se or via e-mail at imy@imy.se

Cookies

The Company uses so-called cookies on our websites. A cookie is a small text file sent from a website to your web browser. The cookie cannot identify you personally, but only the web browser that is installed on your computer and the web browser you use when visiting the webpage. Consequently, different cookies are saved on different computers, should you use different computers when visiting our websites. Cookies do not carry viruses and cannot destroy any other information stored on your computer.

Cookies are usually categorised based on their origin and based on whether they are stored in your web browser or not. Cookies can either be sent to you from the website you visit (i.e. first-party cookie) or from another organisation that delivers services to the current website, such as an analysts and statistical company (i.e. third-party cookies). Cookies can also be divided into session cookies and permanent cookies. A session cookie is sent to your computer so that the webpages can function properly during your visit, but is erased when you close down your web browser. 

The function of a session cookie is for example that it is activated when you return to a previously visited part of the website and thus facilitates your navigation on the website. A permanent cookie, on the other hand, is stored in your web browser and thus allows a web page to recognise your computer’s IP address even if you turn off your computer or log out between visits. The cookie is stored for one year and is then deleted.

The Company uses both session cookies and permanent cookies on our website. Both types of cookies are needed primarily for the functionality of our services, to help us improve our delivery of products and services, to provide you with additional functionality or to help us provide you with relevant and customised advertisement/marketing. Furthermore, the Company uses third-party cookies from Google Analytics to investigate how to adapt and develop the information on the Company’s website in the best possible way.

Google Analytics is an analytic service provided by Google Inc. (“Google”). Google Analytics gather information on your device and makes it possible to analyse your use of the Company’s website and out mobile application.

The information will generally be transmitted to a Google server in the US and stored there. However, IP-addresses gathered by third-party cookies within the EU/EES will be shortened and hence anonymised prior to the transfer to the US, which entails that it will not be considered as personal data. For more information on the use of Google Analytics in the mobile application, please see the specific privacy policy regarding the application.

Most web browsers have a default setting that accepts the use of cookies. You can easily refrain from allowing the Company’s websites to store cookies on your computer with a setting in your web browser, including blocking cookies or erasing any cookies stored on your computer. Please note that if you choose to not allow cookies, some functionality on our websites may cease to function securely and properly and some services may not be provided. How you erase or change the settings for cookies is stated in the instructions to your web browser or in the utility function that usually is available in the web browser.

Changes to this privacy policy

Please note that the terms of this privacy policy may be changed or amended. Any new version will be published on the Company’s website. Consequently, you should review these terms on a regular basis to make sure that you are satisfied with the changes. In case of any material changes we will, if you have given us your e-mail address, e-mail you to make you aware of any changes made.

If the changes concern processing of personal data that we carry out based on your consent, we will give you the opportunity to once again give your consent to the processing on the new terms presented.

Contact us

If you have any questions related to this privacy policy, if you suspect that a breach of this privacy policy has occurred, or if you would like to contact us for any reason stated in this privacy policy, please contact our data protection manager or our customer service on the contact details provided below.

ForSea AB
Att: Customer service
Bredgatan 5
252 25 Helsingborg 
Sweden
customerservice@forseaferries.com
+ 46 42 18 60 00

ForSea Ferries AB
Att: Data protection manager
Bredgatan 5
252 25 Helsingborg 
Sweden
gdpr.privacy@forseaferries.com