Privacy Policy

Last updated: November 9, 2023

Generall

For us at Senseworks, your personal privacy is important. Our goal is for you to feel secure when we process your personal data. In our role as data controller, we ensure that applicable data protection laws are always followed.

Scope of Application

This Privacy Policy applies to all Senseworks' use of personal data within the scope of our operations in relation to you as a user of our service. We need to process certain personal data about you to provide our services.

Collected Personal Data

The information we collect about you is primarily provided by you when you or the company you work for enter into an agreement with us and use our services. This may include contact details and information from support cases. We also collect data from your employer and other sources, such as public registers and business partners.

Our Use and Sharing

At Senseworks, we use your personal data to provide you with the best possible experience of our products and services. Your personal data is used for the following purposes:

  • To provide and administer our services
  • Support, case management, and training related to our services
  • Development and improvement of our services
  • Administration in connection with business acquisitions, restructuring, etc.
  • Compliance with applicable legislation regarding accounting, auditing, and anti-money laundering.
  • Safeguard our legal interests in the event of a dispute.

We do not use your personal data for any other incompatible purposes and retain it only for as long as necessary. In some cases, we may disclose your personal data to IT providers or companies we collaborate with to deliver our products and services. We will not sell your personal data to anyone.

Your Rights

You have the right to receive information about what personal data we use about you and how we process it, as well as certain control over your data. In some cases, you have the right to access your data or request that it be corrected, deleted, blocked, or transferred. You also have the right to object to certain types of data processing or withdraw your consent for its use. If you believe that we have processed your data unlawfully, you always have the right to file a complaint with the Data Protection Authority. If you want to learn more about your rights, you can read our full Privacy Policy.

Contact Information

If you have any questions about this Privacy Policy, our use of your personal data, or if you wish to exercise your rights, you can contact us in the following ways:

Senseworks AB, org.nr. 559237-6593, 

Address: Tvistevägen 47, 907 29 Umeå

E-mail: dpo@senseworks.io

Complete Privacy Policy
1. General
  1. Senseworks AB, reg. no. 559237-6593 ("Senseworks"), respects and safeguards your personal privacy. We want you to feel secure when we process your personal data. With this privacy policy ("Privacy Policy"), we aim to demonstrate how we ensure that your personal data is handled in accordance with applicable legislation.
  1. In order to best provide our services to you as a user, we need to process your personal data. This Privacy Policy applies to you as a user of our service in your capacity as an employee of a company that is our customer.
2. Data Controller

Senseworks is the data controller for the use of your personal data and is responsible for ensuring that the processing is carried out in accordance with applicable legislation. You can find our contact details at the end of this Privacy Policy.

3. Our Use of Personal Data

In the sections below, you will find more information about, among other things, why we use your personal data, which personal data we store to achieve these purposes, and how long we retain your personal data.

3.1 Provide and Administer Our Service

What we do

We use your information to receive and process orders, enter into agreements regarding our services, and to provide and administer our services. For example, we need to know who we are entering into an agreement with, create and enable login access to our service, and invoice you.

Personal data we use

  • Contact details such as name, personal identification number, email address, and phone number.
  • Order and payment details such as order and purchase history, as well as payment information.
  • Login and user details such as email address, user ID, password, and IP address.

Legal Basis

ILegitimate interest, as we assess that our interest in administering and providing our services to your employer outweighs your interest in the protection of your personal data.

Storage period

The personal data is stored as long as necessary to provide our services (i.e., fulfill the contractual relationship with the customer) and up to 3 months thereafter (e.g., to transfer your customer data to you or another provider).

3.2 Support, case management, and training related to our services

What we do

We use your personal data to provide customer service and support for our services, for example, when you contact us and we create a case to assist you. We also use personal data for training purposes, such as when we identify that one or more customers have recurring and similar questions, as well as to maintain and improve our service and offerings.

Personal data we use

  • Contact details such as name, personal identification number, email address, and phone number.
  • Comments regarding the Customer's Data made by users within the Customer's organization for the purpose of conveying information within the Customer's organization.
  • Login and user data such as email address, user ID, password, IP address, and your usage of the service and its features.
  • Support data, such as the personal data provided by you in a support case.

Legal basis

Legitimate interest, as we assess that our interest in managing and providing our services to your employer outweighs your interest in the protection of your personal data.

Storage period

  • The data is stored for up to 15 months from the completion of the support case and, in many cases, for a shorter period.
  • Data related to our security and troubleshooting log is stored for up to 3 months from the time of logging.
3.3 Development and Improvement of Our Services

What we do

We use your personal data as part of our efforts to develop and improve our services, their features, our website, and the online environment in general. This processing primarily involves statistical analysis of customer usage of our services, as well as customer data transferred to us during service use. We also generate aggregated information based on your and other customers' data.  

The results of our analysis serve as the basis for testing, improving, replacing, or developing new services, features, or working methods to meet your and other customers' expectations and needs. For example, we may use personal data to enhance our customer service and support, offer smarter features, or customize the appearance and functionality of our services according to your and other customers' preferences. We may also use personal data to develop entirely new services.  

Whenever appropriate, we strive to pseudonymize or anonymize your personal data in our efforts to achieve this purpose.

Personal data we use

  • Contact details such as name, personal identification number, email address, and phone number.
  • Comments regarding the Customer's Data made by users within the Customer's organization for the purpose of conveying information within the organization.
  • Login and user data such as email address, user ID, password, IP address, and your usage of the service and its features.
  • Usage history, such as which parts of our service you use and the duration of your usage.

Legal Basis

Legitimate Interest, as we assess that our interest in analyzing the use of our products and services to improve, replace, or develop new services outweighs your interest in the protection of your personal data.

Retention period

We retain and use your personal data for this purpose for up to 3 months, after which the data is deleted or anonymized.

3.4 Administration in connection with business acquisitions, restructuring, etc.

What we do

If Senseworks undergoes restructuring, such as being divided into multiple business entities, or if an external party intends to acquire Senseworks or our customer database, Senseworks will disclose your and other customers' personal data to the acquiring company. In such cases, that company will continue to use your personal data for the same purposes as outlined in this Privacy Policy (unless you receive different information at the time of the transfer).

Personal Data We Use

  • All personal data that we process about you in accordance with this privacy notice may be processed for this purpose, depending on the circumstances.

Legal Basis

Legitimate interest, as we assess that our interest in enabling an acquisition or restructuring process outweighs your interest in the protection of your personal data. However, this is subject to the condition that the acquiring company operates a business similar to Senseworks.

Storage Period

If Senseworks ceases to exist, for example, through a merger, liquidation, or bankruptcy, or if Senseworks' customer database is transferred to an acquiring company, we will delete your personal data unless we are required to retain it to comply with legal obligations. If Senseworks is acquired by an acquiring company or divided in connection with a restructuring, we will continue to store and use your personal data under the terms of this privacy policy unless you receive other information at the time of the transfer.

3.5 Safeguarding Our Legal Interests in the Event of a Dispute

What we do

If a dispute arises, such as regarding payment, we have the right to use your data to establish, defend, or enforce the legal claim.

Personal data we use

  • All personal data that we process about you in accordance with this privacy notice may be processed for this purpose, depending on the circumstances.

Legal Basis

If a dispute arises, we have the right to use your data based on a legitimate interest assessment.

Storage period

All personal data that we retain in accordance with the specified retention periods in this privacy policy may be processed in the event of a dispute. In such cases, we only process personal data relevant to the dispute in order to safeguard our legal interests. This may result in a longer retention period than stated in other parts of this policy. Therefore, these personal data may be retained for this specific purpose until the dispute is finally resolved and up to 3 months thereafter.

If no dispute arises, the personal data will be deleted in accordance with the provisions outlined in this privacy policy.

4. Where do we collect your personal data from?

The personal data we use about you comes from various sources. In addition to the data we collect from you, we also obtain personal data about you from your employer, public records, and business partners.

5. How long do we store your personal data?

We only store your personal data for as long as it is needed for the purposes for which it was collected, in accordance with this Privacy Policy. When we no longer need to retain your data, we delete it from our systems, databases, and backups. Under the section "Our Use of Your Personal Data," you can see how long we store your personal data for different purposes.

6. Who do we share your personal data with?

Senseworks may disclose your personal data to third parties, such as IT providers and companies we collaborate with to provide our services. In some cases, we may also be required to disclose data upon request from authorities or to other parties within the framework of legal proceedings, corporate acquisitions, or similar processes. Therefore, we will disclose your data to, among others, the sub-processors listed as approved sub-processors in our Data Processing Agreement.

We will not sell your personal data to anyone.

7. Where do we use your personal data?
  1. Senseworks strives to always process your personal data only within the EU/EEA. In some cases, we may transfer your personal data to countries outside the EU/EEA. If personal data is transferred to such a country, we will ensure that the data remains protected and that the transfer is carried out legally.
  2. For transfers to a country outside the EU/EEA that does not ensure an adequate level of protection for personal data, we use the EU Commission’s standard contractual clauses (SCC) for the transfer of personal data to countries outside the EU/EEA. You can find these on the EU Commission’s page about SCC.

8. Your Rights

8.1 Our Responsibility for Your Rights
  1. Senseworks, as the data controller, is responsible for ensuring that your personal data is used in accordance with the law and that your rights are upheld. You may contact us at any time if you wish to exercise your rights. You can find our contact details at the bottom of this Privacy Policy.
  2. Senseworks is obligated to respond to your request to exercise your rights within one month from the date you contacted us. If your request is complex or if we have received a large number of requests, we have the right to extend the response time by an additional two months. If we determine that we cannot fulfill your request, we are required to inform you within one month of receiving your request, explaining why we cannot comply and informing you of your right to file a complaint with the supervisory authority.
  3. All information, communication, and actions we take are free of charge for you. However, if your request regarding your rights is manifestly unfounded or unreasonable, we have the right to charge an administrative fee to provide the information or carry out the requested action, or to refuse to comply with your request.

8.2 Your Right to Access, Rectification, Erasure, and Restriction

You have the right to request the following from Senseworks:

  1. Access to your personal data. This means that you have the right to request a record of how we use your personal data. You also have the right to receive a free copy of the personal data we process. For any additional copies, we reserve the right to charge an administrative fee. If you make a request in electronic format, such as via email, we will provide the information in a commonly used electronic format.
  2. Correction of your personal data. Upon your request or on our own initiative, we will correct, anonymize, delete, or supplement any data that we find to be incorrect, incomplete, or misleading. You also have the right to provide additional information if something relevant is missing.

You also have the right to request the deletion of your personal data. You have the right to request that we delete your personal data if there is no longer a legitimate reason for us to use them. Deletion should therefore take place if:

  1. the personal data is no longer needed for the purpose for which we collected it,
  2. we process your data based on your consent, and you withdraw it,
  3. you object to our use of your data based on a legitimate interest assessment, and we do not have compelling interests that outweigh your interests and rights,
  4. we have used the personal data in an unlawful manner,
  5. we have a legal obligation to delete the personal data or
  6. you are a child, and we have collected the personal data in connection with the provision of information society services.

However, there may be legal requirements or other compelling reasons that prevent us from immediately deleting your personal data. In such cases, we will stop using your personal data for purposes other than complying with legal obligations or other compelling reasons that make retention necessary.

You also have the right to request a restriction on the use of your data. This means that we will temporarily limit the processing of your data. You have the right to request a restriction when:

  1. you believe that your data is incorrect and you have requested rectification according to section 9.2.1 b), while we investigate the accuracy of the data,
  2. the processing is unlawful, and you do not want the data to be deleted,
  3. we, as the data controller, no longer need the personal data for our purposes of processing, but you need them to establish, exercise, or defend a legal claim, or
  4. you have objected to the processing pursuant to section 9.3, pending verification of whether our legitimate interests outweigh yours.

At Senseworks, we will take all reasonable measures to notify everyone who has received personal data as specified in section 7 above if we have corrected, deleted, or restricted access to your personal data after you have requested us to do so. Upon your request, we will inform you of the recipients to whom we have disclosed your personal data.

8.3 Your Right to Object to Processing

You have the right to object to the processing of your personal data that we carry out based on a balancing of interests or for reasons of public interest (see section 3 above). If you object to such processing, we will only continue if we have compelling reasons that outweigh your interests.

8.4 Your Right to Data Portability

You have the right to data portability. This means you have the right to obtain certain personal data in a structured, commonly used, and machine-readable format and to transfer this data to another data controller. You are only entitled to data portability when the processing of your personal data is automated and based on your consent or an agreement between you and us.

8.5 Your Right to Lodge a Complaint with the Supervisory Authority

You have the right to submit any complaints regarding our use of your personal data to the Swedish Authority for Privacy Protection (Datainspektionen).

9. We protect your personal data.

You should always feel safe when providing your personal data to us. Therefore, Senseworks has implemented appropriate security measures to protect your personal data from unauthorized access, alteration, and deletion. If security incidents occur that may significantly affect you or your personal data, such as a risk of fraud or identity theft, we will contact you and inform you about what you can do to minimize the risk.

10. Cookies

At Senseworks, we use cookies on our website and in our services to enhance your experience with us. We use cookies to simplify and customize our services and online environment. In our cookie policy, we explain in more detail how we use cookies and what choices you can make regarding them.

11. Changes to This Privacy Policy

Senseworks reserves the right to modify this Privacy Policy at any time. When we make changes that are not purely linguistic or editorial, you will receive clear information about the changes and what they mean for you before they take effect. If we require your consent to fulfill our obligations to you and you do not accept the revised terms, you have the right to terminate the agreement with us before the new terms come into effect.

12. Contact information

Senseworks AB, org.nr. 559237-6593

Adress: Tvistevägen 47, 907 29 Umeå

E-post: dpo@senseworks.io