Dstny AB (Dstny) and personal data processing
Dstny works systematically with integrity and information security to ensure compliance with the Data Protection Ordinance and ensure a high level of protection for the personal data we process. Dstny uses an external Data Protection Officer to obtain specialist expertise but also to ensure independent review. We continuously perform risk and impact analyzes, samples, audits and other efforts to measure and improve our privacy protection and increase information security. In addition, Dstny’s staff are continuously trained in integrity and information security.
Dstny makes the assessment that we act as a personal data assistant, and you as a customer act as a personal data manager. This is because it is you as a customer who decides that the personal data shall be processed and for what purpose. As you as a customer use Dstny’s services, we process personal data on your behalf, and then an assistant relationship arises. This relationship shall be agreed via a Personal Data Processing Agreement, which states which personal data Dstny processes, how these are to be processed and with what protection personal data is to be processed. Since Dstny offers standard services to several customers, Dstny uses our standard template for Data Processing Agreement, Dstny’s Personal Data Processing Agreement.
Our agreement is comprehensive and is covered by the requirements specified in the Data Protection Ordinance. In the Personal Data Processing Agreement, we state which personal data we handle, how we protect the personal data, that you have the right to perform audits, which subcontractors we use and more.