Last updated 18 January 2021
This Privacy Notice applies to the collection and use of your personal data. It also explains your rights in relation to us and how you can exercise your rights.
The type of information we collect will depend on the circumstances and the service you are using, e.g. we collect analytics data when you visit our website and other data when you contact us directly.
Privasee will maintain and process all your personal data (i.e. all kinds of information that links directly or indirectly to you as an individual in compliance with the EU General Data Protection Regulation (GDPR). Privasee will not pass on your personal data to third parties, other than as explicitly described in this policy.
Our website contains links to other websites. Once redirected to another website, this notice is no longer applies.
When you use our services and browse our website or contact us, we automatically record information about your usage of those services, your browsing, your interaction with our emails as well as information about the device you are using and your internet connection. We will use personal data that we collect, to provide, maintain, protect, improve, and promote our services in accordance with your preferences and as otherwise stated in this policy.
If you use Privasee Services you will likely be processing personal data of other persons. In this relationship Privasee is acting as data processor. It is your responsibility to make sure that the processing complies with GDPR. Please refer to the Data Processing Agreement (DPA) between your organisation and Privasee for details regarding that relationship.
Examples on collection/use of your personal data by our Services can include, but are not limited to:
We may use tracking technologies; such as tags and cookies. These technologies enable us to recognise your device and to track your interaction with our services, website, emails and adverts. The first time you visit this website you will be given the choice and information on a cookies function. On subsequent visits you can deselect your choices using the cookie consent banner on the right of the page where you can also find detailed information on which cookies are used and why.
Use of Privasee Services
When a user normally an employee of a Privasee customer uses a our Services, like GDPR TotalTrust Portal, Helpdesk, GDPR training, the employer and user will share personal data with us. In these kind of transactions Privasee is a data processor, and the user/employee is the data controller. This relationship is detailed in the Data Protection Agreement between Privasee and its Customer.
Whenever you visit any of our social media channels, we collect information that you have chosen to submit to us, e.g. names, addresses, email addresses, phone numbers and other personal data. We may also process information regarding your usage , such as transaction history and technical data relating to the device you are using , e.g. IP addresses, unique device ID and type of web browser.
If you have clicked on one of our direct marketing communications, we may get access to contact information which forms part of your online profile (e.g. your name, email address, phone number and event business information). We use this information to supply you with the requested Service, and to supply you with marketing and offers about our Services. Opt out is provided in the communication.
How long do we process your data?
We will process your personal data for the limited time needed in order to fulfil a specific purpose. in some cases we may need retain for a longer period if there is a legal reason. In particular, we process your data for:
We only share your personal data with third parties when necessary and according to the principles stated in this Privacy Notice. As a general rule, we do not disclose personal data to third parties, save from circumstances in which we share data with our partners and suppliers, as listed below:
Suppliers and subcontractors
Privasee may share personal data with the suppliers and subcontractors we use in order to provide our Services to you. Suppliers and subcontractors are companies who are only entitled to process the personal data they receive from Privasee. Examples of such suppliers and subcontractors are cloud services providing applications, and development software- and data storage, data analytics services.
We may share personal data with suppliers to Privasee both inside and outside the European Economic Area (EEA). When we share your personal data, we take all reasonable contractual, technical, and organisational measures to ensure that your personal data is treated with an adequate level of protection and in accordance with the GDPR.
A list of service suppliers which are located outside of the EEA ar listed below.
Zoho.com (US) and transfers for technical support in IndiaThe GDPR compliance portal is developed on Zoho Creator Developer (Application as a Service) based in Zoho U.S. data centres. Encryption enabled at field-level when technically viable. | customers, partners, employees
|
Zoho.eu (data stored in EU data centres) transfers for technical support in IndiaOperational purposes, e.g. Word, Excel, etc., are hosted Zoho WorkDrive. | customers, suppliers, sub-contractors, pro-bono contacts, investors
|
Helpdesk services are based on Zoho Desk. | registered users and employees
|
Talent LMS (EU and US)This is a cloud service which we use for the GDPR-privacy awareness training, that we call our DOVE. | customers, partners, employees
|
Smartsupp.com (EU and US)All is processed in the EU except for Mailchimp which involves an international transfer. | website visitors
|
monday.com (EU/EEA and US) Project management tool | customers, partners, employees
|
User Centrics GmbH Cookie consent banner | website visitors
|
We implement security measures appropriate to the size and nature of our business, all with the aim of keeping your personal data safe and secure. We maintain appropriate organisational, technical and contractual safeguards to protect against loss, misuse or unauthorised access, disclosure, alteration or destruction of the personal data we hold about you. It is also critical that we ensure the availability and resilience across our IT operations. We require that our service providers do likewise.
If you would like to know what personal data we hold about you or would like us to delete your personal data from our records then please contact us.
If you are a customer, please contact Privasee's customer service or your key account manager.
We will make reasonable efforts to supply, correct or delete personal data about you on our files. Please note that we are required to retain logs/evidence on data subject requests by law and/or for own legitimate business purposes.
If you have a complaint you can contact Privasee's data protection responsible directly or send a complaint to the Swedish DPA can be made using this link.
Personal data is our business, let us help you make it yours!