Privacy Policy

DATA CONTROLLER

Welcome to Checkproof.

The purpose of this privacy policy is to inform you about our processing of your personal data. When we refer to “Checkproof”, “we” or “us”, we are referring to Checkproof AB, reg.no. 556975-9615.

We will process your personal data when you use our services via our app or our web application, the “Services”. We will also process your personal data when you contact us by submitting a request for more information or to book a demo on our website or otherwise, when you visit our website and if you represent a supplier of ours.

The policy applies to processing of personal data as a data controller. As data controller, we are responsible for fulfilling the legal obligations of a data controller in relation to your rights as a data subject.

When using the Services, you will share personal data with us. We are mainly acting as a data processor when you are using the Services. You should therefore, as a user of the Services, contact your employer, who is also the data controller for the processing of personal data that is not stated herein when using the Services. We will, however, also process your personal data in your capacity as an individual, using the Services on behalf of your employer. In this regard, we are the controller of such personal data.

You may reach us at:

Post address: CheckProof AB
Sjöflygvägen 35C
183 62 Täby

Phone: Tel: 08-732 35 00

E-mail: info@checkproof.com

This policy begins by explaining the purposes for which your personal data is used. For each such purpose, we outline the categories of personal data, the legal basis for processing and for how long we will process the personal data. Then, we provide information on the sharing and transfer of personal data, your rights and how you can exercise them.

PROCESSING OF PERSONAL DATA

Marketing

Purpose
We use your personal data to market the Checkproof systems, its features and updates, and similar services. The marketing is directed to businesses, and you receive our marketing materials as a representative of a former, current or potential customer company using the Services.

Categories of personal data
- Name.
- Contact details, including e-mail address, telephone number and post address.
- Professional information, including job title, company/employer name and business segment.
- Geographical information, including the country and region where the employer is located.
- Technical data regarding device being used and its settings, i.e. operative system.

Legal basis
The processing is necessary for our legitimate interest in marketing the CheckProof systems, including the Services, to you as a professional, while you use the Services and for a limited time after uninstalling the Services. Additionally, it is necessary for our legitimate interest in marketing the CheckProof systems where we deem that you, as a professional, may be interested in our systems for your work.

Processing activities
We collect personal data for distribution of marketing material by e-mail. We also use targeted marketing on external platforms, such as LinkedIn.

Retention period
We will store and process your personal data for marketing purposes until you inform us that you no longer wish to receive marketing communications, or sooner, if we determine that the marketing is no longer relevant to you as a professional.

You have the right to demand that we stop using your personal data for marketing purposes at any time. Additionally, you can always unsubscribe from our e-mails by clicking the “unsubscribe” link included in each message. For more information about your rights and how to contact us, please see below.

Improving the Service, and research and development

Purpose
We collect and use your personal data for research and development purposes, with the aim to improve the functioning of the Services, including our app and our web applications.

Categories of personal data
Technical data regarding device being used and its settings, i.e. IP-number, browser, user ID and location (country and city).

Legal basis
The processing is necessary for our legitimate interest in minimizing any crashes or error messages, and to develop and improve our Services.

Processing activities
Analysis of any error messages or unexpected crashes of the Service, as well as user monitoring, and research and development for future improvements of the Services.

Retention period
The data is discarded continuously every month.

Communication with contact persons

Purpose
To communicate with you a designated contact person for our potential customers, for instance if your employer requests an offer from us.

Categories of personal data
- Name.
- Contact details, including e-mail address, telephone number and post address.
- Professional information, including job title, company name and business segment.
- Geographical information, including the country and region where the employer is located.

Legal basis
The processing is necessary for our legitimate interest to communicate with you as a designated contact person by your employer.

Processing activities
- Communication with you by e-mail or phone.
- Distribution of newsletter.
- Storage of your personal data in our CRM-systems.

Retention period
The data is stored and processed for this purpose until the reason for our contact has been resolved and for up to one month thereafter, or, if sooner, for up to twelve months after our last interaction.

Answering contact requests

Purpose
We use your personal data to communicate with you if you contact us via the app, web application, by telephone, e-mail, our websites or customer support, or if you request a demo on our website. We will process your personal data to administrate and answer your request. This may also include processing of personal data to identify you.

Legal basis
The processing is necessary for our legitimate interest to communicate with you as per your request.

Processing activities
- Administrate your contact request.
- Contact you.
- Store your personal data in our CRM systems.

Retention period
The data is stored and processed until the reason for our contact has been resolved and for up to one month thereafter. However, if the interaction for instance involves a claim, we will retain the data for the applicable statute of limitations (e.g. up to ten years in Sweden).

Analyzing how our websites and applications are used

Purpose
To analyze how our websites, applications, and the Services are used. This involves compiling statistical data and analyzing the use of our websites and applications to better understand customers’ and potential costumers’ needs, preferences, and behaviors.

Categories of personal data
Online identifiers. Please see the section about cookies and similar technologies below to learn more about our processing of personal data by using cookies and similar technologies.

Legal basis
The processing is necessary for our legitimate interest to identify how and how much our websites and applications are used so that we can view and analyze the statistics.

Processing activities
Analyzing how visitors interact with our websites and applications.

We use Google Analytics to collect information about how our website is used to develop analyses based on such information. The information may for instance show the most visited pages on our website, how visitors navigate on the website, most visited webpages and for how long certain content is viewed. Google Analytics is only used to analyze data for visitors on our website, not for users of the app or the web application.

Retention period
The data is stored and processed for up to 24 months from collecting the data. Please see our cookie declaration for a detailed description of our use of cookies and similar technologies and their retention periods.

Complying with legal obligations

Purpose
We will process your personal data where we are legally obliged to process the data under law or according to a contract. Such legal obligations will primarily include to keep certain data for book-keeping and accounting purposes. It also includes recording your privacy settings.

Categories of personal data
We process the following categories of personal data, if included in an invoice, order, order confirmation or any similar document:
- Name.
- Contact details.
- Professional information, including job title, company name and business segment.
- Your privacy settings.

Legal basis
Legal obligation: Where there are laws or rules that oblige us to process certain personal data.

Processing activities
- Storing invoices and other delivery information.
- Recording and applying privacy settings.

Retention period
We will process your personal data for up to ten years to comply with applicable accounting and book-keeping legislation and standards.

Internal educational and evaluation purposes

Purpose
We will process your personal data for educating our staff and evaluating their performances.

Categories of personal data
We will use a recording of our meeting with you. This may include the following categories of personal data.
- Name.
- Audio with your voice.
- Video of you.
- Professional information, including job title, company name and business segment.
- Any other personal data that you share with us during a recorded meeting.

Legal basis
Your consent.

Processing activities
- Recording and storing.
- Displaying the recording for selected parts of our staff during education and performance evaluation.

Retention period
We will erase the recording and any personal data it contains for up to 12 months after the recorded meeting.

Managing suppliers

Purpose
This section applies to you who, as a sole trader or as a representative of a company, has been, are or will become a supplier to CheckProof. The purpose is to:
- Negotiate, enter into and manage supply agreements with you, with your sole trading company or with a company that you represent.
- Apply such agreements.
- Establish, exercise or defend legal claims that arise out of or in connection with such agreements.
- Comply with mandatory law and regulations, such as book-keeping rules.

Categories of personal data
- Name.
- Contact details, including e-mail address, photo, telephone number and post address.
- Professional information, including job title, company name and business segment, as well as any user-ID and other information necessary to assess the supplier’s offerings in relation to its competitors.
- Performance information, including information about the supplier’s performance under the agreement.
- Invoices, orders, and delivery notes.

We will collect the personal data directly from you, your colleagues and your employer or group companies and partners, but also third-party resources such as recommendations, prospect lists and our group companies.

Legal basis
The processing is necessary for our legitimate interest to establish and maintain an efficient, competitive supply of goods and service, to enter into and apply supply agreements, to manage and follow up on our suppliers’ performances, to communicate with you and to ensure that our supply agreements are properly complied with.
Where we have a legal obligation to process data to comply with mandatory law, such as book-keeping rules and public procurement laws, the legal basis for processing will be the applicable legal obligation.

Processing activities
- Communications.
- Making payments and fulfilling other obligations under the supply agreement.
- Receiving goods and services and safeguarding other rights under the supply agreement.
- Maintaining a supplier database.
- Contract management.
- Tendering.
- Administering our business relationships.
- Storing invoices and other delivery information.

Retention period
We will store the personal data for as long as it is necessary for the purposes described above. As a benchmark, we store the personal data for as long as you or your employer is a supplier to us. We will also for as long as required by mandatory law, such as for book-keeping purposes.

Disputes and enforcement of agreements

Purpose
We may process your personal data to resolve disputes and to enforce our agreements.

Categories of personal data
The categories of personal data will depend on the circumstances.

Legal basis
Depending on the circumstances, the legal ground for processing personal data for this purpose may be that we have a legitimate interest to assert our rights under an agreement, a legal obligation or the fulfillment of an agreement.

Processing activities
The processing activities will depend on the circumstances.

Retention period
We will process personal data for this purpose until the dispute has been finally settled or the claim has been enforced, as the case may be. If a claim is unsettled, we will process the data until the claim is subject for statutory limitation (e.g. up to ten years from the last time the claim was made in Sweden).

HOW DO WE COLLECT PERSONAL DATA?

We collect data that you give to us. If you are a user of the Services or our applications, we collect your personal data from your employer. If you, directly or indirectly, work on behalf of one of our customers, we will collect your personal data when you use our applications, or when you use a vehicle or equipment connected to the web application. We also collect personal data about visitors and users when visiting our websites or using the Services by using cookies and similar technologies and also from third party providers of potential customer lists.

RECIPIENTS OF PERSONAL DATA AND TRANSFERS OUTSIDE OF THE EU/EEA

As a data controller, we may instruct a partner or supplier to perform processing activities specified above, for example IT-suppliers who administer necessary operations, providers of analyzing services as well as media and advertising agencies to distribute marketing material. Such processing will only be done for the purposes mentioned in this privacy policy. Some partners and suppliers may have part of their activities in non-EU/EEA countries. Transfers of personal data are then only made to countries that, according to the EU Commission, have an adequate level of protection or that the supplier has a legally binding and enforceable instrument that guarantees the safety of data, in addition to application of standard contractual clauses for international transfers adopted by the European Commission or the Data Protection Framework. Please contact us if you want to learn more about the relevant safeguards. You will find our contact details further down on this page.
We use the analytics tool Google Analytics. You will find more information about for which purposes we use Google Analytics under the headline To analyze how our website is used above. Google Analytics stores data on our behalf in several countries, including the USA. If you want to learn more about Google’s processing of personal data, please follow these links:
- Google’s data center locations: https://www.google.com/about/datacenters/locations/
- Google’s sub-processors: https://privacy.google.com/businesses/subprocessors/
- Terms for using Google as processor: https://privacy.google.com/businesses/processorterms/mccs/

YOUR RIGHTS

You have the right to:
- Request information about what personal data we are processing about you and request a copy of these records (right of access);
- Receive personal data concerning you transferred to another data controller (right to data portability);
- To get inaccurate or incomplete personal data corrected and in some cases request us to delete your personal information;
- To oppose the processing of certain personal data and request that the processing of personal data be restricted, and
- Revoke consent for the processing of personal data if consent is used as a legal basis for processing.
- If you have any questions, remarks or concerns regarding our processing of your personal data, you are always welcome to let us know via the contact details below.
- You are also entitled to lodge a complaint about our processing of your personal data with the Swedish Authority for Privacy Protection (Sw: Integritetsskyddsmyndigheten). For more information, please visit https://www.imy.se/privatperson/utfora-arenden/lamna-ett-klagomal/

COOKIES AND SIMILAR TECHNOLOGIES

Website
When visiting our website, we use cookies and other similar technologies. These cookies may process information about you as a visitor, your preferences, what webpages you visit and what you read on our website, as well as information about the device you use while visiting our website.
The purpose of our cookies and the information they gather is to
- Adapt the content on our webpage based on your previous visits and geographical location.
- Deliver and adapt our webpage and our Services to the device and the browser you are using when visiting the webpage.
- Develop and improve our Services and the experience of visiting our website.
- Measure and analyze traffic on the website and our different webpages.
- Direct advertisement to visitors and analyzing target groups for marketing purposes.
You can choose not to allow certain types of cookies by deactivating certain categories of cookies. Please be advised that deactivation of certain cookies may impair the functioning of the website.
The cookies we use on our website are set out in our cookie declaration, which you will find on the website.

Application and web application
When using our Services via the applications (which includes both the application and the web application), we use cookies and other similar technologies to ensure that the Services function as intended. The purpose of our cookies and the information they gather when using our Services is to ensure the proper functionality of and access to important features of the Services via the applications, like page navigation, and access to secure areas of the applications. These cookies are essential, as they are required for us to deliver and maintain our Services via our application and our websites.
We also use cookies and similar technologies to compile statistics to better understand how users interact with the applications and the Services. The legal basis for using these cookies is that we have a justified interest in ensuring that our Services function in a satisfactory manner and to analyze how users use our Services. To the extent cookies are used to provide the Services under a contract with our customer, the processing of personal data is governed by a data processing agreement with each customer.

CONTACT INFORMATION

If you want to exercise any of your rights, you may contact us at:

CheckProof AB
Sjöflygvägen 35C
183 62 Täby

Tel: 08-732 35 00
E-mail: info@checkproof.com