Guarantor
Processing of personal data - Guarantor
Castellum cares about your privacy and protecting the personal data we process about you. All processing of personal data takes place in accordance with the provisions of the General Data Protection Regulation and other applicable data protection legislation. We present below a description of how we compile, process and share your personal data in connection with the guarantee commitment you have signed regarding a residential lease.
This is how we process your personal data
This description applies irrespective of whichever company within the Castellum group owns the property which is used by the tenant for whom you have provided a guarantee. Note, however, that it is the company which belongs to the region in which the property is located that is the controller. In this document “we” as well as “Castellum” shall mean the relevant regional company. Consult the end of this document to see which companies may be controllers.
Which personal data will be processed?
Castellum compiles and processes the following data: names, addresses, email addresses, personal ID numbers, lease numbers, credit data, income data, credits, loans, liabilities as well as additional information which may be disclosed by you in connection with communication with us, (your “personal data”).
Why do we process your personal data?
Castellum processes your personal data in order to administer the guarantee commitment (e.g. by contacting you if it becomes relevant to demand that you take the measures you have undertaken under the guarantee commitment) and to assess your payment ability.
From where do we obtain personal data?
The personal data is compiled directly from you and from credit information agencies.
Who has access to your personal data?
We have taken appropriate technical and organisational security measures to protect your personal data against, for example, loss and unauthorised access. Only persons at Castellum have access to your personal data and such will be processed only for the purposes stated above.
We may, however, share your personal data with other companies within the Castellum group with the aim of transferring knowledge of what has arisen in communication with you, to monitor strategic issues, cost statistics, etc. We may also share your personal data with our providers and other cooperation partners who perform services on our behalf. The personal data you provide to us may primarily be shared with our IT providers, for the supporting and the maintenance of our IT systems, as well as with our auditors and our bank.
How long is your personal data stored?
Your personal data will be stored for three months after the termination of the lease with the tenant for whom you have provided the guarantee, unless there are special statutory requirements whereby the data must be stored for a longer period.
What right does Castellum have to process your personal data?
The processing of your personal data for administering the guarantee commitment and assessing your payment ability is based on a balancing of interests. Castellum considers that it is entitled to process your personal data since the processing is necessary for purposes which involve Castellum’s legitimate interests.
This is our reasoning
Castellum’s legitimate interest as regards administration of the guarantee commitment is to be able to contact you on various issues within the scope of the guarantee commitment that you have undertaken. Castellum has weighed its legitimate interest against any encroachment on privacy that Castellum’s processing of your personal data might entail. Castellum makes the assessment that the risk of encroachment on privacy is restricted since the personal data which is processed cannot be deemed to be particularly privacy-sensitive personal data. The personal data which is processed is also restricted to what is needed to perform the purposes of the processing of the personal data. Accordingly, Castellum makes the assessment that Castellum’s interest in processing your personal data is of greater weight and, following such balancing of interests, that it is entitled to process the personal data
Castellum’s legitimate interest as regards assessment of your payment ability is to safeguard our interests before we commence a business relationship with a tenant. Castellum has weighed its legitimate interests against any encroachment on privacy that Castellum’s processing of your personal data might entail. Castellum makes the assessment that there is a risk of encroachment on privacy, but that the use of the information is so restricted and that Castellum has a strong interest in processing such data in order to protect its business. The personal data which is processed is also restricted to what is needed to perform the purposes for which the processing of the personal data takes place. Furthermore, Castellum makes the assessment that Castellum’s interest in being able to conduct this processing carries considerable weight. Accordingly, Castellum makes the assessment that Castellum’s interest in processing your personal data is of greater weight and, following such balancing of interests, that it is entitled to process the personal data
What happens if you do not provide your personal data?
It is necessary that you provide the personal data stated above to enable Castellum to contact you and take measures as stated above. If the data stated above which is obtained from you is not provided, the aforementioned measures cannot be taken by Castellum.
Your rights
You are entitled to request access to the personal data that Castellum processes about you. You are entitled to have incorrect personal data about you rectified and may request that personal data be erased. You are also entitled to object to certain processing of your personal data and to request that the processing of personal data be restricted.
If you request that Castellum restricts or erases your personal data, this may have the consequence that Castellum is unable to perform its duties. You are also entitled to request to receive your personal data in a machine-readable format with the aim of transmitting the data to another controller (referred to as data portability).
If you are dissatisfied with the way in which Castellum processes your personal data you may complain to the supervisory authority regarding Castellum’s processing of personal data.
If you have any questions concerning the way in which your personal data is processed, you are welcome to contact Castellum’s data protection team on gdpr@castellum.se.
Controller and contact details to Castellum
The controller in respect of the processing of your personal data is the company stated in the list below which belongs to the region in which the property in which the tenant for whom you have provided a guarantee is located.
- Castellum Mitt AB; reg. no. 556121-9089, Box 1824, 701 18 Örebro
- Castellum Stockholm AB; reg. no. 556002-8952, Box 1084, 101 39 Stockholm
- Castellum Väst AB; reg. no. 556122-3768, Box 8725, 402 75 Gothenburg
- Castellum Öresund AB; reg. no. 556476-7688, Box 3158, 200 22 Malmö
- Castellum Mälardalen AB, org.nr. 559292-6678, med adress Box 1187, 721 29 Västerås