At Ansofy, we collect and use some of your personal data. In this policy we explain how and why we collect, store, process and share your personal data. In this policy we also inform you of your rights in relation to the personal data which is collected or given to us from you.
Our use of personal data is regulated by the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, updated on the 23 May 2018, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, also known as the General Data Protection Regulation (hereinafter referred to as “GDPR”).
2. Our Use of Your Personal Data
Ansofy is provided by Ansofy AB, 559170-3847, Petterslundsgatan 19, 75328 Uppsala, Sweden (hereinafter the “Provider”). The Provider is the “data controller” of any personal data Ansofy may collect, process and hold about you, unless we inform you otherwise.
In order to provide the Ansofy-services, we collect, use and share your personal data. Some of our use can be regulated by you in your chosen privacy settings.
2.1 What Personal Data Do We Process?
We will process personal data about you and, if applicable, your physical representatives such as:
Username, email address, technical data and metadata relating to any other personal data that you or the physical representative provide us with;
data sent by your device, device data such as date/time, authentication state and error;
data sent by your device over your article history.
2.2 Why and for How Long Do We Process Data?
We process personal data for the following purposes:
to provide and administer your account, Ansofy and the Services and to otherwise fulfil the Agreement with you;
to enable your participation in interactive features of our Services;
to inform you via e-mail or otherwise about updates of the Services, including updates of the Agreement;
to provide customer care and support;
development, analysis and research to improve the Services;
to monitor and prevent the use of the Services in breach of the Agreement;
to detect, prevent and address technical issues;
to fulfil requirements by law, and
We will keep your personal data for as long as required by law or, if applicable, for the period of time we need it for the purpose it is being processed for. After that time has passed, your personal data will be deleted or anonymized.
2.3 Legal Grounds for Processing Personal Data
Our processing is lawful due to the following legal grounds, which are each applicable either on its own, or together with other grounds:
When processing is necessary for ours and your performance of the agreement;
For compliance with our legal obligations;
When found necessary in order to protect the vital interests of you or another natural person;
When found necessary for the purpose of our or a third-party legitimate interest;
Your given consent to our processing for the above-mentioned purposes (section 2.2), where the Provider does not rely on another legal ground.
2.4 With Who and Where Do We Share Your Personal Data?
We share your personal data internally and with selected third-parties, for example service providers, subcontractors and other third-parties as well as in the case of business transfers or legal disclosure.
We may need to transfer your personal data to countries outside the European Economic Area (EEA). The EEA consists of countries in the European Union, Switzerland, Iceland, Liechtenstein and Norway: they are considered to have equivalent laws when it comes to data protection and privacy. This kind of data transfer may happen if our servers (i.e. where we store data) or our suppliers and service providers are based outside the EEA, or if you use our services and products while visiting countries outside this area.
Currently, we share data with:
Service providers (such as providers of technical infrastructure, analyzing tools, customer services, surveys or financial assistance);
Law enforcement or due to legal requests
3. Security of Your Personal Data
We continuously review and improve our measures of protection for your personal data from unauthorized access, accidental loss, disclosure or destruction.
We use encryption and are keeping track of recommended security measures with regard to our specific environment and are regularly reviewing our environment to make sure it is up to date with the latest version and patches.
If we transfer personal data to a country outside of the EEA, we will make sure that your information is properly protected. We will always ensure that there is a proper legal agreement that covers the data transfer. In addition, if the country is not considered to have laws that are equivalent to EU data protection standards then we will ask the third party to enter into a legal agreement that reflects those standards. If applicable, we utilize the standard contractual clauses approved by the European Commission and further rely on the European Commission’s recommendations on required measurements for transfer of personal data to certain countries outside the EEA.
We would like to inform you that, communications over the internet (such as e-mails) aren’t secure unless they’ve been encrypted. Your communications may go through a number of countries before being delivered, as this is the nature of the internet.
We would also like to inform you that no method of transmission of data over the Internet, or method of electronic storage is 100 % secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee absolute security.
4. Changing Your Preferences
We want you to be in charge of your personal data and strive to make that possible.
Through the Profile Settings in your account at Ansofy, you have the ability to update your newspaper preferences as well as view your account details and delete your account.
If you delete your account, we remove your personal data unless it is required by any legal grounds mentioned above in section 2.3, and you won’t be able to recover that information at a later time.
5. Children’s Privacy
Our Services do not address anyone under the age of 13 and we do not knowingly collect and/or use Personal Data which relates to children under the age of 13 and if it comes to our knowledge, we will take action and remove this data.
6. Your Rights Under GDPR
Under GDPR, you are entitled to:
have your data processed in a fair, lawful and transparent way;
access personal data we hold about you;
require us to correct any mistakes in your personal data;
require us to delete personal data concerning you in certain situations where we have no lawful ground for us to continue to process it;
request that we transfer your personal data to you or another service provider in a simple, structured format;
object at any time to processing of your personal data for direct marketing purposes;
object to automated decision making which produces legal effects concerning you or similarly significantly affects you;
object in certain other situations to our continued processing of your personal data;
otherwise restrict or temporarily stop our processing of your personal data in certain circumstances.
If you are unhappy with our services, and we were unable to help you, you can lodge a complaint at the Swedish Data Protection Authority, which is the Swedish data protection regulator. Their details can be found at https://www.datainspektionen.se, or contact them via e-mail at firstname.lastname@example.org or via mail at Datainspektionen, Box 8114, SE-104 20 Stockholm, Sweden.