DB24 Privacy Policy

In this Privacy Policy the terms "we", "our", and "us", refers to DB24 and our subsidiaries.

Given that we handle personal data, we know that we have a responsibility. We are committed to being transparent about how we work, and we want you to understand what it is that we do, what data we might collect, how we use it, and what your rights are.

If you have any questions about our privacy policy, please send us an email to privacy@db24.se and we will happily assist you!

1. Introduction

DB24 help companies protect their valuable data in order to serve their organisation and business with timely, efficient, secure and automated database operations and management.

1.1 Key concepts in this Privacy Policy

Controller. Means the company or the organization that determines how personal data is to be processed and the purposes of the processing. The controller is the entity responsible for the processing of your personal data and shall make sure that you are being given information about the processing and that your rights are guaranteed. We are the controller of the processing of personal data according to this Privacy Policy.

Personal Data. Means any information that directly or indirectly (indirectly indicates data that together with other information, such as an IP-address) can be related to an identifiable private individual, such as name, personal security number, picture, email address and IP-address.

Processor. Means for example a company which processes personal data on behalf of the controller. In relation to our customers, we are the processor and they are the controller since we process personal data on their behalf.

2. How our Privacy Policy is Applied

This Privacy Policy is applied when we are the data controller. This means that this Privacy Policy is relevant for you who visit our website or communicate with us. Furthermore, it applies to you who are employed by, or a representative of, our customers, suppliers, business partners or other organization we interact with.

3. Changes To This Privacy Policy

Just like everything else, DB24 will change over time, and that means we may change this Privacy Policy. If we make any big changes, we will notify you by email or by publishing it on our website so that you will have the opportunity to review such changes before they become effective. Make sure to check this Privacy Policy from time to time, to see if we have done any lesser updates, and to make sure that you are up to date.

4. The Personal Data We Collect and How We Use It

Our collection of personal data can be put into two categories:

• If you do not have a contractual relationship with us and you visit our website or contact us - go to section 4.1.
• If you are working for or represent any of the organizations we interact with and have a contractual relationship with, or are an organization we are likely to enter into a contract with - go to section 4.2.

4.1 If you contact us or visit our website

4.1.1 The personal data we collect and process about you

Naturally, we do not collect the same data every time. Depending on the circumstances, we may process the following types of personal data about you:

• Contact details, such as name, email address, telephone number and postal address.
• Individual data, such as name, birth date, personal identity number, preferred language, photos and hobbies.
• Organizational data, such as company name, job position, place of work and country.
• Correspondence data, such as personal information provided by email, by forms, by post or similar means.
• Data related to events, such as information related to which events you sign up for, including allergies and other food preferences.
• Technical data, such as IP address, device ID or other device identifier.
• Traffic information data, provided by your web browser such as browser type, language, the address of the website from which you arrived and your general geographic location.
• Preference or behavioral data, such as website clickstream behavior (which links you click on and when), which posts you show interest in and how you interact with emails sent.
• Other data. We may also collect and process any other relevant information you share with us, for example through your interactions by email, phone or in person, such as date, time and the subject of conversation.

4.1.2 How we collect your personal data

Information given to us. Most of the data we collect comes from you, for example when you speak to us on the phone, email us, or fill out a form on our website. Of course, you can choose to not disclose certain information to us.

Information we collect. Sometimes we collect data in other ways. For example from publicly available sources such as contact information service providers or through our use of cookies (see section 11 below and our Cookie Policy). You can always opt-out of our use of cookies, of course.

4.1.3 How your personal data is used

How we process your data, the purposes, and our legal bases for doing so are listed below. These examples are not exhaustive, and they may vary depending on the circumstances.

• To promote and market our services. We might send you informational or promotional content via email, such as our latest blog posts or information about our services. If you do not want to receive such information, you can follow the instructions on how to unsubscribe or send us an email to privacy@db24.se.
• To target, online advertising of our services. We may use third party websites such as Facebook or LinkedIn to target our ads to you if you have visited our website and consented to our use of cookies or by giving us your contact details.
• To communicate with you. In order to carry out our work we will have to communicate with you and answer your questions via email, via our website forms, by phone, or on our social media channels.
• To track email-interactions. If we have obtained your prior, informed consent for such use, we may send you emails with tracking technology that will collect data about whether you have opened an email and what links you click.
• To compile statistics and make analyses. We will compile anonymized data to see statistics for e.g. the use of our website and marketing activities to improve and gain a better understanding of the use of our services.
• To protect our legitimate business interests and legal rights. Where required by law, or where we believe it is necessary to protect our legal rights, interests and the interests of others, we use information about you in connection with legal claims, compliance, regulatory and audit functions.

4.1.4 Our legal bases for handling your data

Legitimate interests. We process your personal data to pursue our legitimate interests when we handle your inquiries and communications, when we market our services to people that have shown interest in our services, and when we use your data for statistical and survey purposes.

Legal obligation. We process your personal data based on legal obligation when we are required by law.

Consent. If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time. Please note that this will not affect any processing that has already taken place.

4.2 If you are an employee or representative of our customers or any other organization we interact with

4.2.1 The personal data we collect and process about you

Naturally, we do not collect the same data every time. Depending on the circumstances, we may process the following types of personal data about you:

• Contact details, such as name, email address, telephone number and postal address.
• Individual data, such as name, birth date, personal identity number or other identifier, gender, preferred language and photo.
• Correspondence data, such as information provided by email, by forms, by post or similar means.
• Contractual data, such as information of past and current contracts, orders and other agreements between us and you or the company you represent.
• Financial data, for example if you are a sole trader interacting with us, we may collect and process credit or payment information and bank account details.
• Organizational data, such as company name, job position, place of work and country.
• Data related to events, such as information related to which events you sign up for, including allergies and other food preferences.
• Other data. We may also collect and process any other relevant information you share with us.

4.2.2 How we collect your personal data

Information given to us. Most of the data we collect comes from you, for example when you speak to us on the phone, email us, or fill out a form on our website.

Information we collect about you. Sometimes we obtain information in other ways. For example, we may collect information from your employer or from the company that you represent, from social networks such as LinkedIn and publicly available sources.

4.2.3 How your personal data is used

• To enter into and manage the business relationship. Your personal data will mainly be used to manage and take care of the business relationship between us, you and the company you represent.
• To communicate with you. In order to carry out our work we will have to communicate with you and answer your questions via email, via our website forms, by phone, or on our social media channels.
• To promote and market our services. We might send you informational or promotional content via email.
• To target, online advertising of our services. We may use third party websites such as Facebook or LinkedIn to target our ads to you.
• To compile statistics and make analyses. We will compile anonymized data to see statistics.
• To conduct polls and surveys. We may send out surveys such as end customer satisfaction surveys to improve our services.
• To track email-interactions. If we have obtained your prior, informed consent, we may send you emails with tracking technology.
• To protect our legitimate business interests and legal rights. Where required by law, or where we believe it is necessary to protect our legal rights.
• Other purposes with your consent. We also use information about you when you have given us consent to do so for a specific purpose not listed above.

4.2.4 Our legal bases for handling your data

Contractual obligation. We process your personal data based on the contractual obligation when we are required to do so to fulfil the terms of the agreements we have entered into with you or the organization you're employed by or represent.

Legal obligation. We process your personal data based on legal obligation when we are required by law.

Legitimate interest. We process your personal data to pursue our legitimate interest when we communicate with you for reasons other than to fulfil the terms of agreements and when we send you promotional communications with relevant marketing.

Consent. If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time.

5. How Long Do We Save Your Personal Data?

We only keep your personal data as long as it is necessary to fulfil the purposes for which we collected the data. The duration depends on the type of information. We review our need to keep personal data on a regular basis, taking into account applicable legislation and contractual obligations. After that, we erase or securely anonymize your personal data.

6. How Do We Share Your Personal Data?

To provide excellent services in what we do, we need to work with third parties who offer exceptional services in what they do. When we use their services, it is sometimes unavoidable to share your personal data with them. We select our suppliers and partners carefully and will only share information with them when we are confident that they will protect it.

We may share your personal information with our employees, our consultants, with companies within our company group and other parties when needed:

• Employees and consultants. We share your personal information with our employees and consultants, but we restrict the access to those who need it to perform their jobs.
• Group Companies. We sometimes share your personal information with affiliated companies within the company group.
• Suppliers and subcontractors. We may transfer or share your personal data in our ordinary course of business, only to the extent necessary, with our suppliers and subcontractors that provide services to us.
• Business Transfers. We may share or transfer information we collect under this Privacy Policy in connection with any merger, sale of company assets, financing, or acquisition of all or a portion of our business.
• Legal obligations. Sometimes legal obligations may require us to share information about you.
• With your consent. We may share your personal information where you ask us to.

7. Do We Transfer Your Personal Data Outside of the EU?

We always strive to process and store your data within the EU/EEA. However, your data may in some cases be transferred to, and stored at, a destination outside of the EU/EEA by companies within the DB24 company group, suppliers or subcontractors. Before transferring personal data outside of the EU/EEA area, we will make sure to protect your data by taking all steps reasonably necessary to ensure that adequate safeguards are in place.

8. How Do We Protect Your Data?

We have great respect for your integrity and protecting your privacy is a key objective for us. We work continuously with the GDPR and guidelines from authorities to protect your personal data. We conduct routine vulnerability scans and penetration tests of our platform and systems. We also have thorough internal rules and policies in place to protect your data.

9. Your Rights

This is a short summary of your rights:

• Your right to object. You have the right to object to our processing of your personal data based on our legitimate interests.
• Your right to access and to move your data. You have the right to request a transcript of your personal data processed by us and additional information on how the data have been collected, processed and shared.
• Your right to rectification. You have the right to correct inaccurate or incomplete personal data about you.
• Your right to erasure. You have the right to request that we delete personal data about you.
• Your right to restriction. You have the right to request that our processing of your personal data should be limited.
• Your right to withdraw your consent. You have the right, at any given time, to withdraw any consent you have given us.

10. How Do You Object To Direct Marketing?

As described above, we may use your contact details such as email address for direct marketing. If you do not want us to use your email for direct marketing purposes, you have the right to object to such use at any time. Please contact us at privacy@db24.se, and we will block you from such marketing activities.

11. What About Cookies?

Like almost every other company in the world, we use cookies, pixels and similar technologies to provide you with a pleasant online experience, personalized advertising and to analyze the traffic to our site.

12. How Can You Complain?

If you feel that we have not complied with the requirements of applicable laws and the GDPR when it comes to your personal data, please contact us first, and we will help you in every way that we can. Please observe that you also have the right to reach out to the Swedish Supervisory Authority - Datainspektionen.

13. Contact Us

DB24 AB, company registration number 559272-5435, is a Swedish liability company incorporated under the laws of Sweden, with its registered office at Masthamnsgatan 21, 413 29 Göteborg, Sweden. We are the responsible legal entity (controller) of your personal data as described above. We comply with Swedish personal data protection laws, including the General Data Protection Regulation (GDPR).

We have an operations team devoted to working with privacy and personal data protection. Please contact them with any question you may have about this privacy policy or our processing of your personal data by sending an email to privacy@db24.se, and they will get back to you promptly.