Privacy Notice

Redovisningskonsulterna på Östermalm AB, BDO Sweden AB & Fortnox AB (Sweden)

Bookkeeping is what is processed by redovisningskonsulterna på Östermalm AB, auditing by BDO Sweden AB, and the cloud service Fortnox is the tool used.

customers, suppliers, sub-contractors, employees, investors

• contact details, financial details

One.com (EU)

One.com is used as our web-hosting platform and email. Personal data collected and processed on this e-commerce website: contact details, buying history, financial data and cookies.

website visitors

• cookie data
• contact details
• buying history
• download history
• If you are a volunteer or partner with Privasee, your privasee email address will be created in this service

customers, suppliers, sub-contractors, investors, prospects, partners, employees

• email address
• correspondence

Zoho.com

The GDPR compliance portal is developed on Zoho Creator (Application as a Service) based in Zoho U.S. data centres. Zoho have amended the Data Processing Addendum (based on Model Contractual Clauses) to be compliant with the data processing requirements of GDPR.

Minimal personal data is stored in this application, with the option to anonymise once the purpose has been fulfilled. 

customers, partners, employees

• Email address of admin user used as logon credentials.
• Employee names which are active in GDPR compliance tasks.
• Name, email, telephone, notes, relating to data subject exercising their rights under GDPR to your organisation. 
  
• Name of credit card holder and card number used for payment and details of what was purchased.

Swedish portal - to be migrated to new portal by end of August. All personal data on the right has been removed as a functionality in the new version.

all of the above +

• Employee privacy awareness training status for each employee replaced with status training per se, see TalentLMS for status.
• All upload file functions replaced with hyperlink to organisation Sharepoint or equivalent.
  

Zoho.eu (data stored in EU data centres)

Operational purposes, e.g. Word, Excel, etc., are hosted Zoho WorkDrive.

customers, suppliers, sub-contractors, pro-bono contacts, investors

• personal data which can be contained within communications documents, spreadsheets and slides

Helpdesk services are based on Zoho Desk.

registered users and employees

• Name, email address, language, locale, optional personal data added to profile by user, e.g. bio.
• Earned gamification points
• Contributions to the Community
• Questions/dialog between user and helpdesk personnel

Chat services and website analytics are using Zoho SalesIQ (started 5 Aug 2020),

Note: Statcounter used previously in decommissioning phase. (All data deleted from 4 weeks following 6 Aug 2020)

website / helpdesk visitors and Chat sessions

• IP address, 2 of 4 parts masked.

• browser version
• operating system version
• date/time of visits/history
• direct/indirect/ subsequent actions
• type of visit (i.e. new, returning)
• length of visit
• pages visited
• country, city
• message content in Chat sessions,
  

Talent LMS (EU)

This is a cloud service which we use for the GDPR-privacy awareness training, that we call our DOVE.

customers, partners, employees

• email address
• full name
• course completion success/failure
• learning experience and outcome
• gamification badges on success

PayPal (EEA)

Payment options to Privasee services.

customers, partners, employees

• • payment method information (such as credit or debit card number, or bank account information),
  • purchase amount, date of purchase

Send in Blue (EU)

Marketing, mail campaigns.

customers, prospects

• • contact data
  • clicks, date/time of response
  • direct/indirect actions