Privacy Policy

This privacy policy explains how we collect and use your personal data and cookies. It also describes your rights towards us and how you can exercise them. We will only use the information you provide in accordance with this privacy policy and the General Data Protection Regulation (EU 2016/679).

1 PERSONAL DATA THAT YOU GIVE US

You may choose to give us your personal data. This includes information submitted when you visit our website, use our Services or if you contact us (collectively referred to as “Services” in this privacy policy). We will process the following categories of personal data that you give us:
1.1 When you create a trial account: name and company email address.
1.2 When you create a user account: name, company email address and phone number of the contact person as well as your company name, office address and VAT-number.
1.3 When you subscribe to our newsletter: name and email address.
1.4 When you send us a job application: Name, email address, records to evaluate your suitability for the position, your CV and cover letter, as well as other personal data as may be relevant for the specific application.
1.5 If you contact us: We may ask for additional personal data other than as informed above, in order to assist you.

2. PERSONAL DATA THAT WE COLLECT

We will process the following categories of personal data that we collect:
2.1 To administer payments and invoice you: name, email address and phone number of the contact person as well as your company name, office address and VAT-number.
2.2 To manage the customer or supplier relationship: name, email address and company name.
2.3 By applying cookies when you visit our website:

  1. We collect information about the device you use to access our Services, including the device identifier, geolocation and IP-address.
  2. We collect information on how you use our website, such as information regarding how often you visit our website and which pages you visit on the website.
  3. We use social media widgets to enable visitors to engage with content from our website on the social platforms Facebook, YouTube, Twitter, LinkedIn, Instagram and Bitbucket. To understand how and what information is collected and what cookies are set by these third parties when you click on the links of the respective social platform, please refer to the privacy policy of the appropriate social platform.
  4. We use Matomo in order to better understand our users’ needs and to optimize this service and experience. Matomo is a technology service that helps us better understand our users experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback. Matomo uses cookies and other technologies to collect data on our users’ behavior and their devices (in particular device's IP address (captured and stored only in anonymized form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), preferred language used to display our website). Matomo stores this information in a pseudonymized user profile. Neither Matomo nor we will ever use this information to identify individual users or to match it with further data on an individual user. For further details, please see Matomo’s privacy policy by clicking on this link.

2.4 If you do not want to accept cookies, you may adjust your web browser settings either to not accept cookies or to indicate when a cookie is used. Please note that by disabling cookies, some features on our website might not work as intended.

3 HOW WE USE AND KEEP YOUR PERSONAL DATA

3.1 We use your personal data to be able to provide our Services and fulfill our commitments towards you. We process personal data based on the following legal grounds.

Purpose of the Processing Personal Data Categories Legal Basis for the Processing Storage Period
Manage your user account. Name, email address and phone number of the contact person as well as your office address. Fulfill our contractual obligations towards you. As long as you are a customer, and one year after.
Provide support services. Name, email address and phone number of the contact person. Fulfill our contractual obligations towards you. As long as necessary to provide the support, and one year after.
Send you our newsletter and provide updates and other information regarding our Services. Name and email address. Fulfill our contractual obligations towards you and to pursue legitimate interest. As long as we send out such information, unless you unsubscribe.
If you contact us. Name, email address and phone number of the contact person. Fulfill our contractual obligations towards you and to pursue legitimate interest. As long as is necessary to assist you.
Improve our website and understand how our website is used. Cookies described in Section 2.3 above. Pursue legitimate interest. 6 months after your visit.
Administer customer relationship, including order and payment processing. Name, email address and phone number of the contact person. Fulfill our contractual obligations towards you, and a legal obligation. 7 years after creation due to book keeping legislation.
Manage your job application or application to a specific job position. Name, email address and phone number as well as other personal data provided by you. Pursue legitimate interest, and consent if stored longer. Until the position has been filled. Subject to your explicit consent, we may ask to store it for a longer period.

3.2 Your personal data will be deleted by us when the processing is no longer necessary for the purposes stated above, except if required by applicable laws. In such case, we keep the data only as long as necessary or mandated by law for such purpose, such as for book keeping purposes.

4 SHARING OF PERSONAL DATA

4.1 We share your personal data with the following subcontractors to provide our Services and perform our contractual obligations towards you:

Subcontractor name (service name) Region for processing Transfer mechanism Services provided
Amazon Web Services Inc. (AWS) EU/EEA and the U.S. EU-U.S. Privacy Shield Framework Hosting and storage services

4.2 These third parties are limited by law or contract from using the personal data for purposes beyond those for which the personal data is shared. We take all reasonable legal, technical, and organizational measures to ensure that your personal data is treated securely and with an adequate level of protection when transferred to or shared with such selected third parties.
4.3 Some of the subcontractors we share your personal data with are located outside the EU/EEA (in a third country). Depending on which part of our Services you use, your personal data may be transferred to the United States. When doing so, we are committed to protect your data and comply with applicable data protection laws and will therefore put in place adequate safeguards to protect your personal data, such as the EU Commission’s Standard Contractual Clauses, or transfer the personal data to subcontractors certified in accordance with the EU-U.S. Privacy Shield Framework.
4.4 If we are required by law or you have agreed to it, we will disclose necessary personal data to authorities such as the police, tax agencies or other authorities. An example of legally required sharing is for the purposes of anti-money laundering and counter-terrorist financing.
4.5 In the event that we sell or buy any business or assets, we may disclose your personal data to the prospective seller or buyer of such business or assets. If we or substantially all of our assets are acquired by a third party, personal data about our customers may be disclosed and transferred.

5 YOUR RIGHTS

5.1 The right to a register excerpt. You have the right to request a transcript of your personal data that we store and process. Your request must be submitted in writing to us using the contact information below, including your signature.
5.2 The right to rectification. We want you to correct inaccurate or incomplete information about you, and ask you to keep your account updated at all times or contact us in this case.
5.3 Data portability. When it comes to personal data that you have provided to us, you have the right to request a transfer to another provider. Contact us for help with this.
5.4 The right to be forgotten. You have the right to object to our processing of your personal data. The consequence of this may be that we are no longer able to carry out the Services. Contact us and we'll see to what extent this is possible.
5.5 Marketing communications. You may at any time decline marketing communications from us. Let us know in that case.
5.6 Complaints. If you are displeased with our processing of personal data, you should contact us and let us know. You can also turn to the Swedish Data Protection Authority (Sw. Datainspektionen), Box 8114, 104 20 Stockholm, Sweden, phone number +46 8 657 61 00, email address datainspektionen@datainspektionen.se, or the equivalent authority in the EU-member state where you live, to file a complaint.

6 SECURITY

We are using adequate technical and organizational security measures to ensure that your personal data is not misused, lost or unlawfully accessed. We only give access to your personal data to those employees who require it to provide our services.

7 UPDATES TO THIS POLICY

7.1 We may occasionally update this privacy policy. If we make significant changes, we will notify you of the changes through our Services or through other means, such as email. To the extent permitted under applicable law, by using our Services after such notice, you accept the updates.
7.2 We encourage you to periodically review this privacy policy for the latest information on our privacy practices.

8 CONTACT INFORMATION

If you have any questions regarding our processing of your personal data, or any question, complaint or claim, please contact us at:
ComfortID
Skidvägen 15
129 49 Stockholm, Sweden

E-mail: info@comfortid.org
www.ComfortID.org