Hem Integritetspolicy
Secmaker

Privacy policy

Dear Visitor,

The following webpages (individually the “Webpage” and collectively the “Webpages”) are provided by SecMaker AB, company registration number 556671-5479 having its registered address at Hesselmans torg 5 10 tr, 131 54 Nacka, Sweden (“we”, “us”, or “our”):

The services, as described below, provided through one or more of the Webpages are referred to as the “Services”.

Your privacy is important to us. Under the Swedish Personal Data Act (1998:204), which implements the EU Directive 95/46/EC, and under the General Data Protection Regulation (Regulation 2016/679), we are liable for the processing of personal data for which we decide the purposes and the means of processing which renders us the data controller. “Personal Data” means information which is directly or indirectly referable to a natural living person, e.g. name and address but also possibly location data or IP addresses. We may collect the information set out below, which include your Personal Data.

This document contains a policy statement regarding our collection, use and processing of Personal Data, with whom we may share such data and your rights in relation to your Personal Data. When you use the Services, we will process Personal Data for various purposes. Please read this Privacy Policy carefully.

Processed DATA AND PURPOSES

Main Site

The Personal Data listed below may be processed for providing you with offers and information concerning our services if you signed up and chose to receive our newsletter (the “Newsletter”):

  • your name, email address when signing up for the Newsletter; and
  • data collected via the cookies (see our Cookies Policy) concerning your use of the Webpage

For the purposes of administering and answering your inquires sent to us via the general form of the website, we may process the information you provide in the free text field and your email address, first and last name, your company’s name, your email and phone number.

If you subscribe to test our products, we may process your email address, first and last name, your company’s name and your role at the company, your email and phone number for the purposes of getting in touch with you and to provide you with an opportunity to test our products.

If you submit to us that you want to receive our white papers, we may process your email address to provide you with the white papers.

Please note that we are unable to provide the Newsletter or the other functionalities of the Main Site unless you provide the above listed Personal Data. The processing of the above Personal Data is necessary to provide you with the Newsletter or the other functionalities of the Main Site pursuant to your request.

We will never store your Personal Data for longer than it is necessary for each purpose. We store personal data for analytics, statistics and history for 5 years or until you request to delete it as described in Section “Data Subject’s Rights” below.

Support Site

The Personal Data listed below are processed on the Support Site:

  • email address;
  • password;
  • location information based on IP address;
  • page history data across the helpdesk and any “tagged” web pages; and
  • number of visits to the Webpage.

The purpose of collecting and processing the above listed Personal Data is to provide you tracking and live chat functionality of Kayako helpdesk software and to help you pre-fill the login form next time you visit the Webpage. Some of these Personal Data are collected via the relevant cookies (see our Cookies Policy). Furthermore, your email address may be used by our support department for communication with you regarding authentication issues, reported support issues, releases and other product information (altogether the “Support Services”).

Please note that we are unable to provide the functionalities of the Support Site unless you provide the above listed Personal Data. The processing of the Personal Data is necessary to provide you with the requested support and to maintain the contractual relationship between you or your company and us going forward.

We will never store your Personal Data for longer than it is necessary for each purpose, and in any case until you request to delete the information as described in Section “Data Subject’s Rights” below or if you are no longer granted access to the service.

 

Service Site

The following Personal Data may be processed only for authenticated users (where the authentication has been previously carried out via one of our products):

  • date and time of visit;   
  • common name (which includes authenticated users’ first name and surname);  
  • organization name (if provided earlier upon authentication);
  • subject serial number (if provided earlier upon authentication; which may include social security
  • number [Swedish personnummer] or other national identification number or “HSA-ID”);
  • e-mail address (if provided earlier upon authentication);
  • job title (if provided earlier upon authentication); and
  • common name of the certificate issuer.

The above Personal Data are processed for providing the functionalities of the Service Site to authenticated users, in order to provide technical information on our products, best practices, information on how to handle certain issues, information on using third party products, to provide help when configuring our products. We are unable to provide the functionalities of the Service Site unless you provide the required Personal Data. The processing of the Personal Data is necessary to provide you or your company with our services.

We store your Personal Data for 1 year from login or until you request to delete the information as described in Section “Data Subject’s Rights” below.

Showroom

The Showroom allows authenticated customers to try the functions of Net iD Portal and Net iD Access Server, which also is the purpose of the processing of the below Personal Data that we process.

  • Information that you, as an authenticated user, enter when trying the functionality of the products, such as name, e-mail address, mobile number, social security number (Swedish. personnummer) or other national identification number, “HSA-ID”.

Please note that we are unable to provide the Showroom unless you provide the above listed Personal Data. The processing of the Personal Data is necessary to allow authenticated users to try the functions of our products, pursuant to your request.

We will never store your Personal Data for longer than it is necessary for each purpose, and in any case until you request to delete the information as described in Section “Data Subject’s Rights” below or if you are no longer granted access to the service.

 

Web Shop

The following Personal Data may be processed via the Web Shop:

a)   Information relating to your purchase (such as products, quantity, amount of purchases; payment method and details);
b)  Information relating to the delivery (delivery method, country);
c)   Information necessary for delivery and invoicing (full name, address, email address, phone number).

We process the Personal Data for the purposes of processing your purchases, delivering the ordered items and to invoice you for the items ordered by you.

Please note that we are unable to provide the functionalities of and services via the Web Shop unless you provide the above listed Personal Data. The processing of the Personal Data is necessary to enter into a purchase agreement with us.

We will never store your Personal Data for longer than it is necessary for each purpose. We store personal data for as long as we are required to store the data in accordance with applicable law and customer agreement. 

General

We may use cookies and similar technologies to collect some of the Personal Data. More information regarding our use of cookies is provided in our Cookies Policy.

OTHER PURPOSES OF PROCESSING

Except as set out above, we will process the Personal Data for the following purposes:

a)   to administrate your account, to enable and provide the Services and integration with third party services, and to provide, personalize and improve your experience with the Services, and to otherwise provide the Services according to the terms of use;
b)  to inform you about updates of the Services or the terms of use;
c)   to enforce the terms of use, including to protect our rights, property and safety and also the rights, property and safety of third parties if necessary; and
d)  to comply with the law.

LEGAL GROUND FOR THE PROCESSING

By using one or more of our Webpages you consent

a)   to the processing of Personal Data as set out in this Privacy Policy;
b)  to the processing of your social security number (Swedish. personnummer) as set out in this Privacy Policy.

By subscribing to the Newsletter you consent to the processing of your Personal Data to receive direct marketing from us as set out in this Privacy Policy. You have the right to object to our processing of your Personal Data for direct marketing as described in Section “Data Subject’s Rights” below.

We process your Personal Data for the purposes of the Web Shop to be able to enter into the agreement with you when you wish to purchase our products and to be able to perform such an agreement for you (to process your purchases, deliver the products, to provide you with the invoices etc.).

DISCLOSURE OF PERSONAL DATA

We may share and disclose the following Personal Data to the following recipients or categories of recipients for the following purposes.

Certain recipients of the Personal Data are located outside the EU/EEA in countries that are deemed not to provide an adequate level of protection for personal data. Thus we have applied the below specified safeguards for the data transfers of which you can acquire more information by contacting us.

Recipient or category of recipients

Country

Type of personal data

Applied safeguard

Google

USA (outside the EU/EEA)

See our Cookies Policy

 

Privacy Shield

HubSpot

Ireland

Email, Name, Phone number,

See our Cookies Policy

N/A

The Generation

Sweden

See our Cookies Policy

 

N/A

Visma Webshop

Sweden

Name, delivery information, See our Cookies Policy

N/A

We store personal data for analytics, statistics and history. We will never store your personal data for longer than it is necessary for each purpose, and in any case until you request to delete it as described in Section “Data Subject’s Rights” below.

 

LINKS TO OTHER WEBPAGES

You should be aware that when you are on our Webpages you may be directed to other sites where the collection of Personal Data is outside of our control. The privacy policies of such other sites will govern the Personal Data collection and use on such sites.

RESPONDING TO LEGAL REQUESTS AND PREVENTING HARM

We may access, preserve and share your information in response to a legal request (like a search warrant, court order or a subpoena or the like), or when necessary to detect, prevent and address fraud and other illegal activity, to protect ourselves, you and other users, including as part of investigations, if we have a good faith belief that the applicable law requires us to do so.

This may include responding to legal requests from jurisdictions outside of the European Union or the European Economic Area where we have a good faith belief that the response is required by law in that jurisdiction, affects users in that jurisdiction, and is consistent with internationally recognized standards.

Information that we receive about you including financial transaction data on the Webpage using our Services, may be accessed, preserved and retained for an extended period of time when it is the subject of a legal request or obligation, government investigation, or investigations concerning possible violations of our Terms of Use or policies, or otherwise to prevent harm.

CHILDREN

The Services are not directed to persons under the age of 16. We do not knowingly collect Personal Data from persons under the age of 16 (the “Age Limit”). If you are a parent or guardian of a child under the Age Limit and you become aware of that your child has provided Personal Data through one of the Webpages without your consent, please contact gdpr@secmaker.com to exercise of your applicable rights.

DATA SUBJECT’S RIGHTS

You have the right to access your Personal Data, or request that we rectify, erase or restrict the processing of your Personal Data, and the right to data portability.

You have an absolute right to object to the processing of your Personal Data for direct marketing purposes, and you may at any time recall your prior consent to the processing of your Personal Data. The withdrawal of your consent does not affect the lawfulness of the processing based on the consent before its withdrawal.

If you have any complaints regarding our processing of your Personal Data, you may file a complaint to the competent data protection authority. You can find out more about the local data protection authorities under the following link http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm

CONTACT

To exercise the aforementioned rights, or if you have any questions about our processing or sharing practices, your rights under EU law, please contact us at the following address: gdpr@secmaker.com, SecMaker AB, Uddvägen 7, 5tr, 131 54 Nacka, Sweden or contact our data protection officer at patrik.jonasson@secmaker.com.  In order to ensure that you receive a swift response, please state in your request your full name and, if applicable, your address, user name and the email address used for registration. Note that you should sign the request yourself.

SOME OTHER THINGS YOU NEED TO KNOW

Change of Control

If the ownership of our business changes, we may transfer your information to the new owners so they can continue the Services. The new owner will still have to respect the commitments we have made in this Privacy Policy.

Notice of changes

If we make changes to this Privacy Policy we will notify you by publication here. If the changes are material, we will provide you additional, prominent notice as appropriate under the circumstances and, where required under applicable law, ask for your consent.