Privacy Policy
- Hem
- Privacy Policy
Privacy Policy
Privacy Policy
This privacy policy applies when PartnerSec AB (PartnerSec) provides products and services to corporate customers (the customer) and for the data that PartnerSec is the data controller for. The policy describes our handling of data and the rights that the data subject, i.e., an employee or contractor of the customer (user), can exercise for data concerning the user.
Data covered by the privacy policy is part of the information we process to provide products and services to customers. The privacy policy also applies when visiting our websites aimed at customers in Sweden but not for any other company’s website or services.
PartnerSec’s processing of personal data on behalf of the customer is not covered by this privacy policy.
Data and how we manage it
What type of data we collect
User data
User data is information about a user, such as phone number, email, user ID, password, and other information that we process to provide products and services to the customer.
How we collect data
Depending on the product or service we provide, we collect and
process data such as:
- information provided by the customer when entering into an agreement with PartnerSec and communicating with us – for example, when contacting us for information or subscribing to newsletters.
- data generated when the user uses certain services – for example, cloud services or sends SMS and email.
- data generated by our websites using cookies that collect information on and from users’ browsers.
What we use data for
To process data, there must be legal support, a so-called legal basis – for example, the Electronic Communications Act and the General Data Protection Regulation. This means that data processing may be carried out if it is necessary (1) to fulfill the agreement or (2) to fulfill a legal obligation for PartnerSec. Data processing may also be carried out (3) based on a legitimate interest or (4) after consent has been given for that specific processing.
Provision of Services
We process data to manage and fulfill orders according to agreements and to provide services. We also process data for billing services, managing invoices and payments, resolving errors and handling other incidents, as well as managing complaints and claims.
Legal basis: Fulfillment of contract.
Other communication about services
We also process data in connection with other communication with the customer, such as when we send information about and are in contact with the customer regarding our services. When the user calls our customer service, the call may be recorded. When the user chats with our customer service, the written texts may be analyzed. We do this to train our employees and improve our work methods.
Legal basis: legitimate interest.
Development of Services
We process data to develop and manage our business, our services, and our processes. For this purpose, we may also compile statistics for analysis needs.
Legal basis: customer consent (data) and legitimate interest (user data).
Marketing
We process various types of data to market our products and services. For this purpose, we may also compile statistics for analysis needs. Marketing may be conducted via methods such as mail, telephone, SMS, and email.
Legal basis: customer consent (traffic data) and legitimate interest (user data).
Information security and preventing misuse of services
We process data to ensure the security of all our services, to detect or prevent various types of illegal use or use that otherwise violates the terms of the service. We also process this data to prevent abuse of services and to detect and prevent fraud, virus attacks, etc.
Legal basis: performance of contract (user data) and legal obligation (traffic data).
Compliance of Laws
We process data in order to fulfill our legal obligations, such as the Accounting Act.
Legal basis: legal obligation.
Hur länge vi sparar data
We never store data longer than necessary. Some data is deleted immediately, while others are kept for varying lengths of time depending on the purpose of the data and our legal obligations.
- User data is stored for as long as the customer is a customer with us and thereafter
for a maximum of 24 months after the contractual relationship has ended.
Exceptions apply to data that must be retained according to law, such as
the Accounting Act. - Traffic data (quantity of SMS) is stored for billing purposes. Regarding unpaid
invoices, the data is kept until the claim is settled. Once the invoice is paid,
the data is deleted after 6 months, except for the information retained as required
by law, such as the Accounting Act. - We store incoming traffic information to our cloud services, along with associated IP addresses,
to facilitate troubleshooting in case of issues.
This data is retained for a maximum of 180 days. We do not store information about
specific pages visited or their content. - To limit damage from and protect against internet fraud, we save
IP addresses so that we can trace, block, and remove addresses and
messages. This allows us to prevent the spread of viruses, spam, and
trojans. - The recorded customer service calls are stored for 3-28 days.
- Chat conversations with customer service and support are saved for 60 days.
To whom we disclose your data
Subcontractors processing data on our behalf. In various areas, we engage subcontractors to deliver our services. This means that they also need certain information about our customers and their users. However, these parties are not allowed to use such data for any other purpose than providing the agreed-upon products and services.
Certain subcontractors may operate their business in countries outside of Sweden or in so-called “third countries,” i.e., outside the EU/EEA. If PartnerSec transfers data to a subcontractor in such a third country to provide products and services, we take appropriate protective measures and ensure that the transferred data is handled in accordance with applicable law. PartnerSec enters into agreements with such subcontractors to ensure compliance with the clauses approved by the EU Commission regarding the protection of personal privacy. There are also countries that the EU Commission has decided meet the level of privacy protection required.
You can find the EU Commission’s standard contractual clauses here.
You can find the Data Inspectorate’s page on transferring data to third countries here.
Governments
PartnerSec is obliged to, upon request according to law and regulatory decisions, disclose the data as specified in the decision – for example, to the police.
Other
How do we protect data
We are constantly working to protect the privacy of our customers. Our security work includes protection of individuals, information, IT infrastructure, internal and public networks, as well as office buildings and technical facilities. Special attention is given to information security to prevent, detect, and prevent the spread or loss of data to outsiders. Access to data is only provided to those who need it for their tasks. Data processing is logged and systematically controlled. Data encryption is performed using widely recognized and secure encryption methods. We continuously work on combating unauthorized influence on our services.
User’s(cloud customer) rights
A user (cloud customer) can exercise individual rights regarding the data we process as the data controller. It is important that it is the data subject (the individual user) whose data we process that exercises these individual rights. Therefore, we may request that the customer assists in identifying the individual user and specifying which right the user wishes to exercise, as well as providing additional information necessary for us to handle the request and fulfill the user’s rights.
Cookies
On our websites, we use cookies. These are small text files that are stored on the device, such as a mobile phone or computer, used when visiting a website. Cookies are used for certain functions that improve our websites for the user or provide us with statistics about site usage. Most web browsers allow you to block cookies.
