Privacy Policy
Last updated: 1 July 2020.
You have reached the Ingka Group authentication system that gives you access to systems, data, and other resources that require authentication for access.
Purpose and legal basis
The personal data that is collected on the sign-in page is used for the purpose of certifying your right of access to Ingka Group systems and applications. The personal data is collected on the legal basis of legitimate interests (Article 6(1)(f) of the General Data Protection Regulation) with the aim to ensure the security of Ingka Group network.
We collect only the minimum amount of personal data that is necessary for us to enable your access to the Ingka Group systems and applications. The following personal data categories collected for the purposes described above:
- Your Network ID or UPN
- Your login time and date
- Your IP address
- Browser User Agent
The listed personal data categories are stored for 366 days.
Please note that systems and applications you are seeking access to may collect additional personal data for other purposes than described in this Privacy Policy. Please consult the respective privacy policies of such systems and applications for more information about the data processing.
Data sharing
The personal data collected is not shared with third parties and is used only within the Ingka Group on a need-to-know basis.
Security
The Ingka Group has implemented a number of security measures in order to make the connection as secure as possible. It is however never completely secure to use the Internet, so please remember to always make sure that the device you use is protected against malicious code and viruses.
Please be kindly reminded that pursuant to Ingka Group Code of Conduct and/or conditions of the applicable agreements (e.g., agreements pertaining to the network access if applicable to you), you have an obligation to ensure proper use of Ingka Group assets and as well as take steps to safeguard information you have access to when using Ingka Group systems, applications, data and other resources.
Cookies
Cookies enable us to identify your device once you have logged in. We use only cookies that are strictly necessary to enable the functionality of the authentication system and the applications you are seeking access to. Separate cookie settings apply per different systems and applications.
Your rights
You have several rights in relation to our processing of your personal data. Please note that some of the rights may not be applicable to your situation or just partly or under certain conditions, specified in the laws.
- You have the right to obtain confirmation from us as to whether or not personal data concerning you are being processed, and, where that is the case information on what personal data we process and why (Right to access)
- If you believe we store or process inaccurate personal data about you, such as an outdated address, you have the right to have it corrected (Right to rectification).
- You have the right to request us to permanently erase your personal data from our records (Right to erasure / right to be forgotten)
- You have the right to request that we restrict our processing activities in certain situations (Right to restrict the processing activities)
- You have the right to object to the processing of your personal data when we process your personal data (Right to object)
- Furthermore, you have the right to request that your personal data is transferred to both yourself and another data controller in a structured, commonly used and machine-readable format (Right to portability)
Contact
IKEA IT AB is the data controller of the personal data that is collected by the authentication system. If you wish to exercise your rights you are very welcome to contact us at
isdp.spoc.se@ikea.com.
Complaint to the DPO or a supervisory authority
If you have any complaints about personal data processing, you are welcome to contact the IKEA IT AB Data Protection Officer (DPO) at
isdp.spoc.se@ikea.com.
If you cannot solve the issue with us, you have the right to lodge a complaint with the
respective supervisory authority.
Effective Date
The effective date of the Privacy Policy is January 1, 2016. The Privacy Policy may be changed from time to time to reflect the changes in data processing. The date of the last update to the Privacy Policy can be found on top of this page.