Privacy policy
We at Kairos Future take your privacy seriously and it is important for us that you feel safe with our handling of your personal data. Personal data is any information that can directly or indirectly identify you as an individual (for example; name, address, images or IP-number).
The purpose of this policy is to make sure that we process your personal data in accordance with applicable data protection legislation. In this policy, we describe how we handle and protect your personal data in our capacity as a personal data controller (for example, we would never sell or transfer your personal information to another party in any way other than specified this policy). Furthermore, the policy describes your rights and how to proceed if you wish to exercise them.
Kairos Future also uses cookies on our website, you can read more about them in our Cookie Policy, which can be found here.
You will find information on how to contact us under "contact information" below.
Principles
When processing your personal data, we follow the data protection principles set out in the general data protection regulation (GDPR). Our personal data management should be transparent, risk-based and continuously evaluated.
Personal data should, among other things, be handled according to the following principles:
- Be processed legally, fairly and transparently;
- Only collected for specific, explicit and legitimate purposes and not processed in a manner incompatible with its original purpose;
- Collected only if the information necessary for the purpose;
- The data should be correct and, if necessary, updated;
- Not processed longer than necessary;
- Processed in accordance with the registrant's rights; and
- Protected with appropriate technical and organizational measures.
What Personal data will we process, and for what purpose?
The table below specifies the different occasions in which we may process your personal information. The table sets out the purpose of processing the data, how the data will be used, the categories of personal data being processed, the legal basis for the processing and how long the personal data is stored.
Members of Kairos Future Friends
Purpose of processing: Inform about new research projects, events and reports for members of the Kairos Future Friends network.
How the data will be used: Collection, registration, storage, processing (segmentation by industry, role and, in some cases, interest).
Types of personal data processed: Name, email, phone number, organization, title, industry, interest areas, information about your computer and your visits to kairosfuture.com, including your IP address, geographic location, browser type, reference source, visit time and pages.
Legal basis for usage: The processing is necessary to fulfill our rights and obligations as described in the membership statement, for example, to inform and adapt information to members' interests, industry and professional role.
Storage period: 6 months after termination of membership.
Members of Kairos Future Club
Purpose of usage: Inform about ongoing themes and seminars, new research projects, events and reports for our paying members of Kairos Future Club, as well as managing administration and billing.
How the data will be used: Collection, registration, storage, processing (segmentation by industry, role and, in some cases, interest).
Types of personal data used: Name, email, phone number, organization, company address, title, industry, interest areas, information about your computer and your visits to kairosfuture.com, including your IP address, geographic location, browser type, reference source, visit time and pages.
Legal basis for usage: This collection and processing is necessary to fulfill our rights and obligations under the member agreement with you as well as compliance with the Swedish accounting act. If the requested information is not provided, we cannot fulfill our obligations under the agreement. The processing is also necessary to inform and adapt the information to our clients' interests, industry and professional role.
Storage period: 12 months after termination of membership.
Users of Co:tunity
Purpose of usage: Provide login, as well as manage administration and billing.
How the data will be used: Collection, internal registration and revision, storage, processing, e.g. information about new features and invitation to seminars.
Types of personal data used: Name, email, phone number, organization, company address, title, information about your computer and your visit to cotunity.com, including your IP address, geographic location, browser type, reference source, visit time and pages.
Legal basis for usage: This collection and processing is necessary to fulfill our rights and obligations under the member agreement with you as well as compliance with the Swedish accounting act. If the requested information is not provided, we cannot fulfill our obligations under the agreement.
Storage period: Because we work with future-related long-term projects, where there is often reason to go back and follow up on projects after several years, we estimate that 3 years is a storage time that is in the interests of our customers.
Our other clients
Purpose of usage: Manage administration and invoicing for our clients. Inform about current seminars, new research projects, events and reports.
How the data will be used: Collection, internal registration and audit, storage, processing (segmentation by industry, role and, in some cases, interest). Correspondence regarding the execution of the purchase. Payment processing, such as billing (this may also include checking history of payment and collection of credit information).
Types of personal data used: Name, email, phone number, organization, company address, title, industry, interest areas, information about your computer and your visits to kairosfuture.com, including your IP address, geographic location, browser type, reference source, visit time and pages.
Legal basis for usage: This collection and processing is necessary to fulfill our rights and obligations under the agreement with you (see our Terms and Conditions) and our legal obligations, such as, compliance with the Swedish accounting act. If the requested information is not provided, we cannot fulfill our obligations under the agreement. The processing is also necessary to inform and adapt the information to our clients' interests, industry and professional role.
Storage period: Because we work with future-related long-term projects, where there is often reason to go back and follow up on projects after several years, we estimate that 10 years is a storage time that is in the interests of our customers.
Sensitive personal data
We only process sensitive personal data when we need to know about any allergies or cost preferences when you choose to attend our events or activities.
Personal identification numbers are only processed if necessary to ensure identification and we limit the use of personal identification numbers to the essentials.
We will only disclose your sensitive personal information to third parties as specified in this policy or where we consider it absolutely necessary.
Source of information
As a rule, we only process personal information that you have provided to us. In some cases, we may supplement this information with third party information, i.e credit rating information from credit reporting companies, banks or the like, for major orders from private individuals.
Information to other recipients
In cases where it is necessary to perform our services, we occasionally use external suppliers (personal information assistants). These providers may process personal data provided by you or the personal data collected through the digital channels or services we provide. We use vendors to help us with the following:
- Accounting and project management
- Marketing / CRM
- Development, maintenance and provision of IT-services
We will always strive to limit such access and only share information that is necessary for the supplier to perform his work. We always check that our suppliers can meet our high standards and that they have adequate safeguards. We require that they (i) protect your personal information in accordance with this policy and relevant legislation, and (ii) refrain from using your personal data for any purpose other than giving us the agreed product or service.
Transfer to third countries
We always try to keep your personal data within the EU/EEA and our own IT systems are located there. During support and maintenance, we may occasionally need to transfer information outside the EU/EEA.
All such information will always be kept to a minimum and be relevant to the purpose. Regardless of where the personal data is transferred, we always take appropriate technical and organizational measures to ensure that the level of security is the same as in the EU/EEA, thus maintaining an adequate level of security, such as using the EU Commission's standard contract clauses or companies affiliated with the Privacy Shield.
Changes to the Privacy Policy
If we need to change the content of this policy, we will inform you about the update on our website and directly via email, to our members.
Your rights
You are entitled to request information about the personal data we process about you, and to get incorrect information corrected. Please note that we may request further information about you to ensure the safe and efficient handling of your request and to ensure that the information is provided to the correct person.
You may request that we remove the personal information we have about you, for example, if the information is no longer necessary to meet the purpose for which they were collected or if you no longer wish to receive information from us. Please note that when necessary, we may need to reject your request, for example, if your personal information is required for tax or accounting purposes.
You are also entitled to request a limitation of treatment. In such cases, we may need to further investigate the situation before making a decision.
If your submitted personal information is no longer applicable, then you are entitled to contact us to request a correction of your personal information.
In the event that you have given your consent or if the processing is supported by the fact that we have a contractual relationship with you, you may, under certain circumstances, have the right to transfer your data to another person responsible for personal data. However, this requires that the transfer is technically feasible and can be performed automatically.
You also have the right to revoke any consent for processing personal data at any time.
If you want to know how we treat your personal information, please send us a written and signed request (see "Contact Information" below).
Security
We take all appropriate technical and organizational security measures necessary to protect personal data against unauthorized access, alteration or destruction. However, providing personal data through digital channels always poses a risk because it is not possible to completely protect technical systems from unauthorized access.
Contact information
If you have any comments on the usage of your data, you would like to use any of the above-mentioned rights or for any other reason to contact us, please use the following information:
Kairos Future
Organizational number: 556292-4398
Box 804, 101 36 Stockholm
info@kairosfuture.com
08 545 225 00
You are also entitled to contact the Data Protection Authority in your country, which is the competent authority for the processing of personal data, for the purpose of making complaints. Contact information for the Swedish Data Protection Authority can be found at www.datainspektionen.se.