GDPR

Privacy Policy

Strikersoft's Privacy Policy

This document is a translation of the original Privacy Policy as written in Swedish. In the event of any discrepancy between the text of this translation and the text of the original Swedish document, the original version will take precedence over the translation.

 

Why should I read this Policy?

This Policy describes how we at Strikersoft collect, use, and protect your personal data.

What information do you collect about me?

We collect information that helps us provide you with a service. This includes:

Customer data. Customer data is information that relates to you, e.g. information about which services/products you use and how you use them, your name, e-mail address, phone number, place of employment, and job title. Customer data can also include personal identification numbers, IP addresses, and your user IDs as well as any payment information or other information that you have provided during your interactions with us.

Traffic data. Traffic data is information concerning what happens when you visit our website. Traffic data are processed for the purpose of conveying an electronic message via an electronic communications network, e.g. when you send an e-mail. Data are collected on who has communicated with whom, the times at which the communication began and ended, the total duration of the communication, and which networks were used. Traffic data also includes information about where you are while you are connected to the network, e.g. which mast your communication is routed through.

How we collect data

We collect and process data that:

  • you yourself provide when you become our customer and when you communicate with us, e.g. when you download a product, contact us with a request for information, or subscribe to our newsletters;
  • is generated when you visit our website or contact us by another means.
    In isolated cases, we might retrieve information from other sources, e.g. publicly-available personal registers. Also, personal data contained in articles or other public sources such as LinkedIn, and information provided by our collaborators. This type of information is used to prepare and carry out sales activities;
  • is generated by the cookies on our website, which collect information about and from your web browser.

In what ways do we use data, for which purposes, and on which lawful bases?

  • Performance of a contract
    We process data to identify you as a customer or user, to manage and deliver orders in accordance with your contract, and to provide and maintain communication. We also process data in order to receive payment for the services you use, have signed a contract for, or have purchased, to manage your invoices and payments, and for the purposes of obtaining credit reports.
    Lawful basis: Performance of a contract
  • Improvements to service
    We process data in order to develop and manage our operations, services, and processes. To this end, we might also compile statistics to satisfy our analytical needs concerning our products. We also process data that we collect separately from you from time to time, e.g. through your decision to answer a questionnaire that we send to you.
    Lawful bases: Legitimate interest (customer data) and consent (traffic data)
  • Direct marketing
    We process different types of data in order to market our products and services to you directly. This involves marketing via letter, phone, text message, our website, and e-mail, for example. In this case, customer data might include such details as your name, address, e-mail address, phone number, and demographic information about you (e.g., your gender, age, and the size of the town/city you live in), what service/application you use, and certain user data. To this same end, we might also compile statistics to satisfy our analytical needs.
    Lawful bases: Legitimate interest (customer data) and consent (traffic data)
  • Compliance with the law
    We process data for the purpose of fulfilling our obligations as prescribed by law.
    Lawful basis: Compliance with a legal obligation

How long we save data

It is in everyone’s best interests that we do not save data any longer than we need to. Different types of data are saved for different amounts of time depending on what the information will be used for and on our legal obligations.

  • Customer data are saved by Strikersoft for as long as you remain our customer, and thereafter, for at least 13 months, and at most 60 months, after our contractual relationship ends, if no activity on your part has been registered in our internal systems. Exceptions apply to data that we are required by law to save, e.g. as required by Sweden’s Accounting Act.
  • Traffic data are saved for invoicing purposes. With regard to unpaid invoices, the information is saved until the debt is settled. Once the invoice has been paid, the data are saved as required by law, e.g. Sweden’s Accounting Act.

With whom do we share data?

In certain cases, we might share your data in order to run our business. Others who might be given access to these data are:

  • Subcontractors and other companies within Strikersoft AB and its holding company that process data on our behalf
    We engage contractors/suppliers in various areas and, in certain cases, also companies within our own group of companies. We do so in order to be able to provide our services. This means that they also require certain information about you. However, these parties may not use data concerning you for any other purpose than providing the service, or as otherwise stated in the terms specified by us.
  • Third countries
    Part of the operations of certain contractors/suppliers engaged by us may be located in countries other than Sweden, or outside of the EU/EEA (i.e., “third countries”). In certain cases, it might happen that we need to transfer your data to a contractor/supplier located in a third country. In such instances, we establish appropriate safeguards and ensure that transferred data are handled in accordance with current law.

    The European Commission has decided that certain third countries provide an adequate level of privacy protection. You can view the Commission’s list of approved third countries here. In cases where countries do not yet meet the requirements, in accordance with the EU’s general principles for international data transfers and appropriate safeguards, we establish an agreement with the contractor/supplier that obligates them to follow contractual clauses approved by the European Commission concerning the protection of personal privacy. (These are described in the original document found here and in the clarifications Recital 101 and 108, as described here.) The European Commission’s standard contractual clauses can be found here.

    More information about the transfer of data to third countries can be found on the Swedish Data Protection Authority’s website. Click here to visit the site.

What are my rights?

  • The right of access: You may request a copy of the personal data we keep about you.
  • The right to rectification: We want to ensure that your information is current and correct. If you consider it to be incorrect, you may request that your data be corrected or removed.
  • The right to erasure: You may request that we erase your personal data. We are not permitted to erase data that we are required by law to keep.
  • Data portability: You may request that we transfer your personal data from our IT environment to someone else – either to another company or to you. This does not apply to data that we are required by law to keep.
  • The right to withdraw consent: You may withdraw your consent to share your data or to receive marketing materials/mailings from us at any time. You may do so either by contacting us via e-mail or unsubscribing from the communication.
  • Complaints: You may lodge a complaint with the Swedish Data Protection Authority if you believe that we are processing your personal data in violation of the General Data Protection Regulation.

How can I exercise my rights?

If you wish to exercise any of your rights, you may contact us in writing via letter or e-mail at the addresses listed at the end of this Policy. If you wish to lodge a complaint with the Swedish Data Protection Authority, please contact the Authority directly.

Updates to this Policy

It is possible that we will update this Policy in the future. Updated versions of the Policy will be published on our website. This Policy was last updated on 22 May 2018.

How to contact us

Should you have any questions regarding this Policy, how we use your data, or your rights, you may contact us at the following addresses:

Strikersoft’s Data Protection Officer
Strikersoft
Isafjordsgatan 39B
SE-164 40 Kista
SWEDEN

E-mail: These e-mail accounts are monitored by our Data Protection Officer.
dataskydd@strikersoft.com
DPO@strikersoft.com och
gdpr@strikersoft.com