DATA PRIVACY NOTICE CONSULTANTS.
This Data Privacy Notice gives information regarding collection, processing, storage and sharing of personal data of consultants (“Consultants”) registered in the Semcon´s Eco Partner System (the “System”) by Semcon Eco Partner (“Partner”). For the purpose of this Privacy Notice, a Consultant means identifiable individuals not employed by Semcon, which are subject to a registered digital profile in the System for the purpose of interaction with Semcon and/or the possibility to take on assignments for Semcon. The personal data is collected at registration in the System and can be supplemented by Semcon, the Partner or the Consultant as long as the relationship is active.
Semcon AB, Reg. no 556539-9549 with the Swedish Companies Registration Office and with registered address Lindholmsallén 2, SE-417 55 Göteborg, Sweden (“Semcon”) is the Semcon group’s main data controller. In addition, subsidiaries of Semcon AB may also be data controllers and process personal data as described in this Privacy Notice. Your relationship with Semcon will determine which of our group companies has access to and processes your personal data, and which of our group companies are the data controller(s) responsible for your personal information.
1. Categories of personal data concerned
The personal data that may be collected includes:
Basic personal data: name, date of birth/personal identification number, e-mail address, nationality, gender, address, phone number and other private contact details, ID number in the System, country of residence, and when needed other basic personal data;
Partner company data (when applicable): Company name, VAT number, homepage, F-tax verification (timestamp & performed by);
Sales responsible (when applicable): Name, e-mail & phone number;
Performing and planning work: Availability, information supporting quality assurance process and applications for available assignments, picture, searchable CV data (e.g. education, employments, assignments, competences etc.) that may be communicated to existing or potential customers or partners of Semcon;
Business administration:, Semcon sales responsible, working time, travel expenses, contact information to next of kin and when needed other personal data necessary for business administration;
Communication (when applicable): personal data needed for access to Semcon´s IT-systems and networks, i.e. e-mail address/usernames for logging in and using the services available in Semcon portal but also other types of personal data logged in connection with the use of IT-systems and networks;
Security (when applicable): date of birth, personal identification number, your picture used for keycards within Semcon or externally, host, time for entry and departure and when needed other personal data necessary for security reasons.
2. The purposes and legal basis of the processing activities
Semcon may collect and process Consultant’s personal data for the following purposes.
administration and handling of the relationship with Semcon, which includes maintaining the System;
management, contracting, planning of work, assignments, projects and workforce, planning and allocation of resources;
evaluation and monitoring of performance;
payments and processing of compensation for work performed;
data for insurance purposes;
give access to Semcon information systems, maintain a safe, secure and efficient use of internal information, ensure that business critical information and other assets are safe and protected;
to comply with health and safety regulations;
monitoring the use and application of internal policies and other regulations, protect Semcon property, material as well as intellectual property rights, prevent fraud and other illegal activities;
managing disputes and complaints, i.e. compensation claims, act according to other legal requirements that Semcon might have to apply as a result of assignments performed for Semcon.
The legal base for the processing consists of Semcon being obligated according to legal requirements and other regulations to process personal data in a specific order, i.e. in relation to the tax authorities or insurance companies or in order to correctly register working time. Semcon also processes Consultant’s personal data based on contractual necessity, e.g. in case of entering into and performing business contracts with you, to issue and process invoices and payments and also to deliver professional services, including contracting, project management, planning of work and allocation of resources.
Further, Semcon processes Consultant’s personal data based on legitimate interest, e.g. in case of entering into and performing business contracts with the company you as Consultant work for, engaging with other business partners, to deliver professional services, including contracting, project management, planning of work and allocation of resources.
Regarding the legitimate interests mentioned, Semcon has evaluated that the risk for the individual is less significant than the advantage for Semcon when processing this data, e.g. because no sensitive data is processed based on this purpose and because the processed data as well as the access rights are limited to the amount and type strictly necessary.
The legal base for the processing of data of a person registering to Semcon´s Eco Partner System is consent given at time of registration in the System as well as fulfilment of obligations in the contracts when performing assignments for Semcon.
3. Routines for storage and erasure
Semcon will process and store Consultants personal data for as long as is necessary for the purposes that applied when collecting the data. Semcon will process and store personal data for as long as the Consultant is registered in the System as candidate and during the time Consultant performs an assignment.
Further to the above, Semcon will store certain personal data for such longer period required due to legal obligation, for example in order to verify correct tax deductions or for Semcon to be able to protect its rights as a contract party. Semcon might also have a need to save certain personal data that is connected to certain projects and therefore need to be saved during the lifecycle of the project. The personal data will be deleted according to internal deletion routines when it is no longer needed and when it is not possible for customers, partners or authorities to claim compensation from Semcon according to contracts or applicable law.
4. With whom we may share personal data
Personal data may be shared between the companies of the Semcon group for the purposes described in this Privacy Notice. Personal data that is being processed electronically by Semcon will be stored on servers located in EU/EEA. Because Semcon operates globally and has customers and projects worldwide, personal data may be transferred and processed by Semcon subsidiaries and trusted suppliers and business partners outside of EU/EEA.
Personal data may be shared with third party service providers, who may process data on Semcon’s behalf, such as IT service providers, subconsultants, lawyers and other external professional advisors.
Personal data may be shared with Semcon’s customers and other third parties to the extent it is required for Semcon’s fulfilment of any actual or potential contracts with you or if it is required by law or pursuant to any order of court or other competent authority or tribunal or by any applicable stock exchange regulations.
Any international transfer of personal data that takes place out from the EU/EEA will be subject to appropriate security measures and all reasonable steps to ensure that your personal data is protected and maintained in accordance with this Privacy Notice and applicable data privacy laws. This includes relying on a suitable mechanism for data transfer under Chapter V of the GDPR, including, inter alia, adequacy decisions and appropriate safeguards, and, where necessary, supplementary measures required, such as for example using the standard contractual clauses approved by the European Commission.
5. Your rights as a data subject
In accordance with applicable data protection legislation, subject to some conditions and exceptions, you have the following rights:
The right to information about and access to your personal data, including the right to data portability;
The right to have personal data corrected or updated;
The right to erasure (‘The right to be forgotten’);
The right to restriction of processing;
The right to object to certain processing.
You may exercise the rights above by sending an email to
To opt-out of commercial electronic newsletters and marketing, you may always click on the unsubscribe link at the bottom of the message.
You have a right to lodge any complaints regarding Semcon’s compliance with data protection laws with the appropriate supervisory authority.
6. Contact Details
If you have questions regarding the privacy and security of your personal data that is being processed by Semcon, and which companies within Semcon are data controllers, please send an email to or contact us at:
Semcon AB
Att: Data Privacy Function
Lindholmsallén 2
SE-417 55 Göteborg, Sweden
+46 31 721 00 00