Privacy Policy for CRMdata i Sverige AB

Last updated: March 15, 2025

1. Introduction

Your privacy is important to us. This Privacy Policy describes how CRMdata i Sverige AB (“CRMdata,” “we,” or “us”) processes personal data when you visit our website, create a test account, contact us, or use our services in other ways. We want to ensure that your personal data is handled securely and in compliance with applicable data protection legislation, including the EU General Data Protection Regulation (“GDPR”), insofar as the GDPR applies.

2. Data Controller

CRMdata i Sverige AB is the data controller for the processing of your personal data. If you have any questions about how we handle your personal data or if you wish to exercise your rights, you are welcome to contact us:

• Company Name: CRMdata i Sverige AB
• Organization Number: 559255-7929
• Address: Hagaesplanaden 86, 113 67 Stockholm, Sweden
• Email: info@crmdata.se
• Phone: +46 (0)10-123 78 18

3. Information about Company Data and Publishing Certificate

In addition to the personal data processing described in this policy, we also engage in editorial activities supported by a publishing certificate from the relevant authority for our database. This means that certain information about companies (“company data”) in our database is covered by constitutional protection under the Swedish Fundamental Law on Freedom of Expression (Yttrandefrihetsgrundlagen, YGL) or the Swedish Freedom of the Press Act (Tryckfrihetsförordningen, TF). For such editorial activities, the GDPR does not apply to the same extent.

• Responsible Publisher: Axel Bäckström
• Scope: The data covered by our publishing certificate may include information about a company’s name, address, contact persons, and other information that is publicly available or obtained from public registers.
• Exemption from GDPR: Because data published under the publishing certificate is regulated by constitutional protection, GDPR does not govern its processing in these particular areas. However, we follow good practices and handle all data responsibly.

This Privacy Policy focuses on the processing of personal data not covered by our publishing certificate but rather subject to the GDPR.

4. What Personal Data Do We Collect?

Regarding the part of our operations regulated by the GDPR, we only collect and process the personal data necessary for the purposes described in this policy, for example:

• Contact Details: Name, email address, and possibly phone number when you register a test account or contact us via a form or email.
• User Data: Information on how you interact with our website, such as technical details (IP address, device type, browser version), in order to troubleshoot or improve our services.
• Customer-Related Data: If you become our customer, we may also process data necessary to manage your user account, billing, and support cases.

5. Purposes and Legal Bases for Processing

We process personal data for the following purposes (within the scope of the GDPR):

1. Providing and Administering a Test Account

   • Purpose: To create and manage your test account, provide access to our CRM service, and offer support.
   • Legal Basis: Necessary for the performance or preparation of a contract (GDPR Article 6(1)(b)).

2. Communication and Support

   • Purpose: To respond to your inquiries via email or phone and provide customer support.
   • Legal Basis: Our legitimate interest (GDPR Article 6(1)(f)) in being able to communicate with you and address your questions.

3. Development of Our Services and Website

   • Purpose: Troubleshooting, data analysis, and statistics to improve functionality, user-friendliness, and security.
   • Legal Basis: Our legitimate interest (GDPR Article 6(1)(f)) in developing, optimizing, and ensuring the proper functioning of our services.

4. Compliance with Legal Obligations

   • Purpose: To fulfill requirements under applicable legislation, such as the Swedish Bookkeeping Act.
   • Legal Basis: Legal obligation (GDPR Article 6(1)(c)).

6. How Long Do We Store Your Personal Data?

We do not store personal data longer than necessary for the purposes for which the data is processed. Below is an overview:

• Test Account: Your contact details are stored for as long as you have an active test account with us. If you do not switch to a paid service, the data is usually deleted or anonymized within six (6) months after the test period ends.
• Communication: Email correspondence and other contact details are stored as long as needed to address your inquiry or in accordance with our backup and retention policies.
• Customer Data (Under Contract): If you become a customer, we store data in accordance with applicable legislation (e.g., the Swedish Bookkeeping Act) for up to seven years after the contract ends.

7. Sharing of Personal Data

We do not share your personal data with third parties for their own purposes. However, we may need to share certain data with trusted suppliers or subcontractors who help us provide our services, such as IT operations or system providers. In these cases, we ensure that your data is handled securely and only according to our instructions.

8. Transfer of Personal Data Outside the EU/EEA

We do not transfer your personal data to countries outside the EU/EEA. All our systems and suppliers we use are located within the EU/EEA or have agreements guaranteeing compliance with EU data protection regulations.

9. Cookies and Similar Technologies

We use cookies and similar tracking technologies on our website to enhance the user experience and analyze traffic. Our cookies mainly come from Yoast (for search engine optimization), as well as any session cookies to manage logins and settings. You can block or delete cookies in your browser at any time, but certain parts of the website may then cease to function properly. For more information about our cookies, please see our [Cookie Policy] (or the corresponding link if you have a separate policy).

10. Your Rights

Under data protection legislation, you have several rights regarding your personal data. You can exercise these rights by contacting us using the details above.

• Right of Access (Subject Access Request): You have the right to confirm whether we are processing personal data about you and to obtain a copy of the data we hold.
• Right to Rectification: You have the right to request that inaccurate or incomplete data about you be corrected.
• Right to Erasure (“Right to be Forgotten”): In certain cases, you have the right to have your personal data deleted, for example if the data is no longer necessary for the purposes for which it was collected or if you withdraw your consent.
• Right to Restriction: You have the right to request the restriction of processing of your personal data under certain circumstances.
• Right to Object: You have the right to object to the processing of your personal data where it is based on our legitimate interest.
• Right to Data Portability: When we process your personal data based on a contract or consent, you have the right to request to receive the data you have provided in a structured, commonly used, and machine-readable format.

If you believe that we are processing your personal data in violation of applicable law, you also have the right to file a complaint with the supervisory authority, which in Sweden is the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten, IMY).

11. Security

We take appropriate technical and organizational security measures to protect your personal data against unauthorized access, alteration, dissemination, or destruction. Only authorized personnel have access to systems where personal data is stored, and all staff are bound by confidentiality obligations.

12. Changes to This Privacy Policy

We may update this policy as necessary, for example if we process your data for new purposes, collect additional data, or need to make changes due to new legal requirements. The latest version of our Privacy Policy is always available on our website. In the event of significant changes, we will notify affected users by email or via a notice on our website.

13. Contact Information

If you have any questions about this Privacy Policy, our processing of personal data, or wish to exercise your rights, please contact us at:

CRMdata i Sverige AB
Hagaesplanaden 86, 113 67 Stockholm, Sweden
Phone: +46 (0)10-123 78 18
Email: info@crmdata.se

Data Protection Officer/Contact Person: Axel Bäckström