- GENERAL INFORMATION
- DATA PROCESSED
- We will process the following personal data when you use the Service:
- telephone number;
- location data;
- information about your use of the Service;
- credit card information;
- details of the products and services we have provided to you or that you have enquired about, including any additional information necessary to deliver those products and services and respond to your enquiries;
- content that you post, upload and/or contribute to the Service; and
- technical data, which may include the URL you are accessing the Service from, your IP address, unique device ID, network and computer performance, browser type, language and identifying information and operating system.
- PURPOSES OF PROCESSING
- We will process the personal data set out above for the following purposes:
- to administer your account, to enable and provide the Service and integration with third party services, and to provide, personalize and improve your experience with the Service, and to otherwise provide the Service according to the terms of service;
- to ensure the technical functioning of the Service, and to prevent the use of the Service in breach of the terms of service;
- to enforce the terms of service, including to protect our rights, property, and safety and also the rights, property and safety of third parties if necessary;
- to improve and develop the Service or new services and products, and to analyse and create statistics regarding your use of the Service; and
- to fulfil requirements by law.
- LEGAL GROUND FOR THE PROCESSING
- The legal ground for the processing for the purposes under clause 1(a)-3.1(d) is fulfilment of contract. By accepting the “Terms of service for the Service”, you enter into an agreement with us (the “Agreement”). We process your personal data to be able to fulfil the Agreement with you.
- The legal ground for the processing for the purpose under clause 1(e) is legitimate interest. Our legitimate interest in the processing is a commercial interest to maintain and improve our Service and to develop new services.
- The legal ground for the processing for the purpose under clause 1(f) is to fulfil our legal requirements under law.
- DISCLOSURE OF PERSONAL DATA
- our employees and related bodies corporate;
- third party suppliers and service providers (including providers for the operation of our websites and/or our business or in connection with providing our products and services to you – for example: our customer relationship management software, email marketing software, and help desk software);
- professional advisers, dealers and agents;
- account administrators from your company may have access and control of your account if it is associated to the organisation’s account. please review your company’s internal policies if you have questions about this;
- payment systems operators (e.g. merchants receiving card payments);
- our existing or potential agents, business partners or partners;
- anyone to whom our assets or businesses (or any part of them) are transferred;
- specific third parties authorised by you to receive information held by us; and/or
- other persons, including government agencies, regulatory bodies and law enforcement agencies, or as required, authorised or permitted by law – we will not provide your information to these agencies unless a court order requires us to do so, and will inform you should such a request be made unless we’re legally prevented from doing so.
Our processor AWS is located outside the EU/EEA and we are therefore applying the following safeguards for example:
- All network communication between us and your web browser is encrypted,
- Only specific staff members may access the data we store on your behalf, and the systems storing this data automatically log access,
- Sensitive information such as passwords are only stored in encrypted form,
- All user actions in the system are logged by user and IP enabling us to track down unauthorised access for as long as our logs are kept.
- You can acquire further information regarding the transfer by contacting us at email@example.com.
- RESPONDING TO LEGAL REQUESTS AND PREVENTING HARM
We may access, preserve and share your personal data in response to a legal request (like a search warrant, court order or a subpoena or the like), or when necessary, to detect, prevent and address fraud and other illegal activity, to protect ourselves, you and other users, including as part of investigations.
- COOKIES, PIXELS AND OTHER SYSTEM TECHNOLOGIES
We store your personal data under the period for which you use the Service.
The Service is not directed to persons under the age of sixteen. If you are a parent or guardian of a person under the age of sixteen and you become aware of that the child has provided personal data to us without your consent, please contact firstname.lastname@example.org to exercise your access, rectification, erasure, limiting of processing and objection rights.
- YOUR RIGHTS
- You have the right to request access and further information concerning the processing of your personal data, or request that we correct, rectify, complete, erase or restrict the processing of your personal data. You have the right to obtain a copy of the personal data that we process relating to you free of charge once every calendar year. For any additional copies requested by you, we may charge a reasonable fee based on administrative costs.
- Since the processing is based on the legal ground fulfilment of contract, you have the right to data portability. Data portability means that you can receive the personal data that you have provided to us, in a structured, commonly used, and machine-readable format, and have the right to transfer such data to another data controller.
- CONTACT INFORMATION
- To exercise your rights, or if you have any questions regarding our processing of your personal data, please contact us at the following address: email@example.com, or MAFI Group AB, Seljavägen 15, 792 95. In your letter/email please state your full name and note the letter/email with “GDPR”. Note that you should sign the request to receive information of the processing of your personal data yourself.
- If you have any complaints regarding our processing of your personal data, you may file a complaint to the competent data protection authority. You can find out more about the local data protection authorities under the following link http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.
- Change of Control