Processing of personal data

Thermia (Thermia AB, org. no. 556269-6483. Snickaregatan 1, 671 34 Arvika, Sweden) is the data controller for the processing of your data.

Thermia processes your data in connection with products and services that Thermia supplies to you. We take care of your privacy and would therefore like to provide information about how we process your data. You can contact us at: privacy@thermia.com

 

Processing of personal data

  • CONTACT PERSONS OF PARTNERS, RETAILERS, NON-RETAILERS, TRIAL RETAILERS AND THIRD PARTIES

    PURPOSE AND LEGAL BASIS

    CATEGORIES OF DATA

    We process your data in order to contact and correspond with you in your capacity as a contact person at a company. The legal basis for the processing is our legitimate interest (balance of interests) which consists of creating effective cooperation in a business context. Please contact us for the assessment at privacy@thermia.com.

     

    • First name
    • Address
    • Telephone number
    • Email

     

    How long do we keep your data for?

    We store your data for the duration of the current business relationship. A current business relationship requires that there has been an active correspondence between the parties or a current transaction, such as a registration or other account activity, within one year of the last activity.

    Who has access to your data?

    We provide your data to IT suppliers and business partners within the Stiebel Eltron Group of which Thermia is a part. If a company within the Stiebel Eltron Group is located outside the EU or EEA, consent will be obtained from you before disclosure takes place.

     

  • INFORMATION ON THE END CUSTOMER AND CONTACT PERSONS OF RETAILERS WHO CARRY OUT WARRANTY WORK FOR THE END CUSTOMER

     

    PURPOSE AND LEGAL BASIS

    CATEGORIES OF DATA

    We process your data in order to contact and correspond with you to deliver warranty services.

    The legal basis for the processing is our agreement to offer the unit owner a functional warranty consisting of guaranteeing the function and operational reliability of the product.

    • First name

    • Address

    • Telephone number

    • Email

    How long do we keep your data for?

    We store your data for the period during which we are responsible for the product’s warranty and six months after the warranty expires. The maximum warranty period is 10 years from installation.

    Who has access to your data?

    We share your data with partners, resellers, installers and service representatives who will service your product.

  • GREETINGS AT THE TIME OF DEVICE REGISTRATION

    PURPOSE AND LEGAL BASIS

    CATEGORIES OF DATA

    We process your data to send a welcome greeting to Thermia’s digital services and to offer you newsletters. The legal basis for the processing is your consent. Contact us to receive the assessment at privacy@thermia.com.

    • First name

    •  Email
  • UNIT OWNERS CONTACT WITH THERMIA CUSTOMER CENTRES, PARTNERS, RETAILERS, NON-RETAILERS, TRIAL DEALERS OR SERVICE REPRESENTATIVES

    PURPOSE AND LEGAL BASIS

    CATEGORIES OF DATA

    We process your data in order to contact you for follow-up after a visit by the installer.

    In cases where warranty measures have been carried out, we will record the data performed on your device.

    The legal basis for the processing is our agreement to offer the unit owner a functional warranty consisting of guaranteeing the function and operational reliability of the product.
    • Email
    • Telephone number
    • First name
    • Address
    • Your selected message

    How long do we keep your data for?

    We store your data until it is disclosed to the correct partner, dealer or service representative. We store your data for the period during which we are responsible for the product’s warranty and six months after the warranty expires. The maximum warranty period is 10 years from registration.

    Who has access to your data?

    We will disclose your data to the partner, dealer or service representative who will contact you.

  • USER DATA FOR ACCOUNT REGISTRATION IN THERMIAS DIGITAL SERVICES

    PURPOSE AND LEGAL BASIS

    CATEGORIES OF DATA

    We process your data to enable the use of Thermia’s digital services.

    The legal basis for the processing is our agreement (EULA).

    •  Email

    • Telephone number

    • First name

    • Address

    How long do we keep your data for?

    We store your data for as long as you want to keep your account in Thermia’s digital services.

     

    Who has access to your data?

    We will disclose your data to the partner, reseller or service representative who delivers your digital services.

  • DISCLOSURE OF INSURANCE INFORMATION

    PURPOSE AND LEGAL BASIS

    CATEGORIES OF DATA

    We process your data in order for your product to be insured for a maximum of 10 years. The insurance period and guarantee period may vary. The legal basis for this processing is contractual.

    •  Email

    • Telephone number

    • First name

    • Address

    How long do we keep your data for?

    We store your data for a maximum of 10 years from the date of installation of the product.

     

    Who has access to your data?

    We will disclose your personal data to the insurer.

  • NEWSLETTER

    PURPOSE AND LEGAL BASIS

    CATEGORIES OF DATA

    We would like to keep you updated on new relevant changes to Thermia’s products and services. The legal basis for the processing is your consent. You can withdraw your consent at any time by requesting correction of your personal data at privacy@thermia.com.

    • Email

    • First name

     

    How long do we keep your data for?​​​​

    The processing is based on consent.

     

    Who has access to your data?

    We share your personal data with our IT suppliers.

  • VISITORS

     

    PURPOSE AND LEGAL BASIS

    CATEGORIES OF DATA

    We process your data to register your visit. The legal basis for the processing is our legitimate interest, which consists of maintaining a high level of security for confidentiality and fire risk. Please contact us for the assessment at privacy@thermia.com.

    • First name

    • Details of employment, if any

    • Host

    How long do we keep your data for?​​​​

    We will keep your data for up to 30 days after the visit.

     

    Who has access to your data?

    We share your personal data with our system suppliers.

  • TRAINING ACTIVITIES AND EVENTS THERMIA OFFERS TO PARTNERS, RETAILERS AND COMPANIES

    PURPOSE AND LEGAL BASIS

    CATEGORIES OF DATA

    We process your data to register and provide you with training related to our products and services.

    If you have registered for the training yourself, the legal basis for the processing is the performance of the contract.

    If your employer has registered you for the training, the legal basis for the processing is our legitimate interest, which consists of administering and enabling the provision of training. Please contact us for the assessment at privacy@hermia.com.

    • First name

    • Contact details

    • Previous training and skills

    About Thermia employees

    • Indication of the type of employment

    How long do we keep your data for?​​​​

    We store your data until the training and any course evaluation is completed. However, max. six months. If your data is needed due to legal requirements, the data will be stored for as long as the requirements remain.

     

    Who has access to your data?

    We share your personal data with our IT suppliers and relevant certification organisations. We collect your personal data from you when you register for the course. If your employer has registered you for the course, we have received your information from them.

     

  • CAMERA MONITOR

    PURPOSE AND LEGAL BASIS

    CATEGORIES OF DATA

    Cameras located indoors:

    We process your data to monitor certain designated areas and at the entrance. The legal basis for the processing is our legitimate interest in maintaining a high level of security on our premises.

    Cameras located outdoors:

    We process your data to monitor the facades and entrances to our buildings and parking lots. The legal basis for the processing is our legitimate interest in maintaining a high level of security in our area. Please contact us for the assessment at privacy@thermia.com.

    • Moving images

    How long do we keep your data for?​​​​

    We store your data for ten days after recording. If there is any suspicion of a crime, we act as described below.

     

    Who has access to your data?

    We share your personal data with the police if a crime is suspected. In connection with a police report, the police are informed that there is material from CCTV surveillance that can be used in the investigation. If the police consider that the material may be of interest to the investigation, the material is handed over to the police. We will also provide service companies with an opportunity to connect if necessary. Service providers cannot access recorded material and can only connect for service purposes.

     

  • RECRUITMENT ACTIVITIES

    PURPOSE AND LEGAL BASIS

    CATEGORIES OF DATA

    We process your data to carry out a recruitment process in the best possible way. The legal basis for the processing is our legitimate interest in carrying out the process as smoothly and efficiently as possible. If you have given your consent, we will process your data for a longer period of time for future recruitment processes. Please contact us for the assessment at privacy@thermia.com.
    • First name
    • Contact details
    • CV
    • Cover letter

    How long do we keep your data for?​​​​

    We never process your personal data for a longer time than is allowed by applicable law, regulation, practice or governmental decision. Data that we process about you will normally be retained for as long as necessary for the recruitment process in question. If the process ends and you are not offered the position, we will either delete your data or ask for your consent to continue to retain your personal data for future recruitment processes. Data may also be stored for a longer period of time if you have been taken out for a job interview or offered the service to fulfil our obligations under the Swedish Discrimination Act (2008:567).

     

    Who has access to your data?

    If you apply, you can, on your own initiative, submit your personal data to us via the recruitment system Varbi. Sometimes we work with recruitment agencies during a recruitment process, and we may then disclose your data to the recruitment agencies Testhuset, Professionals Nord or Intro to enable efficient and effective recruitment. Your personal data may be disclosed to companies within the Stiebel Eltron Group within the EU/EEA, but also to countries outside the EU/EEA. This is only relevant if you apply to companies that operate outside the EU/EEA. Your consent is obtained when disclosing data outside the EU/EEA.

  • COMPLIANCE WITH APPLICABLE ACCOUNTING AND TAX LAW OR RETENTION OF DATA FOR DEFENDING LEGAL CLAIMS

    PURPOSE AND LEGAL BASIS

    CATEGORIES OF DATA

    We will process your data to fulfil our obligations under applicable accounting and tax law. The legal basis is the fulfilment of legal obligations.

    We may also store your data to defend ourselves in legal disputes in accordance with the statute of limitations.

    • Email

    • First name

    • Surname

    • Personal ID number

    • Address

    • Other personal information that can identify a transaction

    How long do we keep your data for?​​​​

    We save personal data that can be included in accounting information for seven years in accordance with the Swedish Accounting Act, tax legislation and the statute of limitations.

     

    Who has access to your data?

    We may provide necessary information to our auditors and relevant authorities if we are required by law or if you have given your consent on a case-by-case basis.

  • CHATBOT/DIGITAL SUPPORT ASSISTANT

    PURPOSE AND LEGAL BASIS

    CATEGORIES OF DATA

    We process your data so that we can provide you with support. The legal basis for this processing is our legitimate interest in administering the case.

    •  Email

    • Telephone number

    • First name

    • Address

    • Your support session

    How long do we keep your data for?​​​​

    We store your data until the consultation is complete. To ensure that the case does not recur, we may retain your data for up to 12 months.

     

    Who has access to your data?

    Your information is available for Thermia AB.

  • SOCIAL MEDIA

    PURPOSE AND LEGAL BASIS

    CATEGORIES OF DATA

    We use the social media platforms Facebook, Instagram and LinkedIn to communicate. On these media platforms, we process your data to provide information about our products and services and to create engagement around our brand.  

    As a starting point, the legal basis for processing is your consent. If, on the other hand, the processing relates to data about another individual, the legal basis for the processing is our legitimate interest, which consists of marketing our products and services, creating commitment to our brand and assisting you with service. Contact us at privacy@thermia.com to receive the assessment.
    • Email
    • Your username
    • Information that you voluntarily provide in the comment field

    How long do we keep your data for?​​​​

    If you have commented on our posts on a social media platform, such comments will be stored for the duration of the post on our site. However, we may elect to remove e.g. abusive or offensive comments and comments containing information about another individual at an earlier date in light of our legal obligation. We may also delete comments in languages other than Swedish and English. A user always has the right to delete his or her comments on our site.

     

    Who has access to your data?

    The social media platforms Facebook, Instagram and LinkedIn will have access to your data. If you want to read more about how the social media platform processes your personal data, you can read their privacy policy.

     

    Transfer to countries outside the EU/EEA

    If you would like a copy of the safeguards that have been taken for third country transfers or information about where these have been made available, please contact us at privacy@thermia.com.

Transfer to countries outside the EU/EEA

We always strive to process your personal data within the EU/EEA. However, sometimes we may have to transfer your personal data to a country outside the EU/EEA, for example if we share your personal data with a supplier who is established or stores the personal data in a country outside the EU/EEA.

Regardless of the country in which your personal data is processed, we take all reasonable legal, technical and organisational measures to ensure that the level of protection is the same as within the EU/EEA. In cases where personal data is processed outside the EU/EEA, the level of protection is guaranteed either through a decision by the European Commission that the country in question ensures an adequate level of protection or through the use of so-called appropriate protective measures. Examples of appropriate protective measures are the European Commission’s standard contractual clauses or binding corporate regulations. If you would like a copy of the safeguards that have been taken or information about where these have been made available, please contact us. 

 

Your rights as a data subject

If the processing is based on your consent, you have the right to withdraw your consent at any time. However, such a revocation will not affect the lawfulness of the processing based on the consent before its revocation. In accordance with data protection legislation, you have the right to request access to information about which of your personal data is being processed and to request rectification of your personal data.

You also have the right to object to and request restriction of processing of your personal data as well as the right to request erasure of your personal data. You also have the right to lodge a complaint with the competent supervisory authority (choose your country at the European Data Protection Board, https://edpb.europa.eu/about-edpb/about-edpb/members_en).

Please contact us at privacy@thermia.com if you would like to exercise your rights or request information.

 

Data portability

Under certain conditions, you have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format and to transmit this data to another data controller (data portability).

 

Updates

This page was last updated on 16 March 2023.