1. Collection of information on our website
To get the best possible experience when you visit our site, we collect information from you when you visit our site. This includes when you enter the Social Zense website, when you register on our site, log in to your account, send a request, participate in a competition and / or when you log out and actively perform an action on our site. The personal information we can handle about you consists of, among other things, the name, e-mail address, telephone number and address.
In addition, we automatically receive and save information from your computer and browser, including your IP address, software, hardware, and requested page / requested pages you visited / visit.
2. Use of information
The information we collect from you can be used to:
Personalize your experience and meet your personal needs
Provide custom ads
Improve our website
Improve our customer service and your need for help
Contact you by email
Manage a competition, an offer or a survey
3. Disclosure to third parties
We sell, trade, or otherwise transfer, not personally identifiable information to third parties. This does not include trusted third parties that help us operate our website or company (see 9.9), with the requirement to comply with the GDPR, current legislation, and that these parties agree to keep the information confidential.
3.1 Analyst services
On our web pages we use analytical services provided by third parties. These analytics services collect your IP address and information about the use and traffic to our site to help us develop and customize our products and services better.
4. Information protection
We take a variety of security measures to protect your personal information. We use advanced encryption methods to protect sensitive data transmitted over the Internet. Social Zense also protects your information offline. Only employees who will perform a specific job (eg billing or customer service) will have access to personally identifiable information. The computers / servers used to store personally identifiable information are stored in a secure environment.
How long a personal data is saved depends on the personal data and the purpose of its processing. The company – Social Zense – does not save personal data for a longer period of time than is necessary for the purposes for which they were collected.
Please note, however, that cookies activate certain features on our web pages and thus
Social Zense can not guarantee that all features on our websites will work as if cookies are not enabled.
6. End subscriptions as well as user / visitor rights
We use the email address you provide to send information and updates regarding your order, single newsletters, related product information, news about the company, and more. If you no longer want to receive such notifications, you’ll find information on how to unsubscribe at the end of each email.
You as an individual and user of the Social Zense website and services are entitled to request that we block, erase or correct your personal information. You are always entitled to revoke a given consent and to inform you that you still discontinue processing of your personal information. This is done completely free of charge. You can also at any time, by written request, know what personal information Social Zense treats about you, as well as free of charge.
9. General Data Protection Regulation (GDPR)
9.1. What information do we have?
This is a list of the various registers containing personal data and where we are personally responsible.
We register for our customers. When the customer is a legal person, the customer register contains personal information in the form of name, e-mail address and telephone number of our contact person at the customer. When the customer is a physical person, the registry also contains personal information about the mailing address of the customer. This information is required to store in order for us to communicate with our customers and ensure that invoices are sent properly, for example.
Legal basis: Relevant interest and agreements.
We send out newsletters to unsubscribed customers and to others who have shown interest. The newsletter subscriber register is located in the Evolumi CRM system and in Google Drive.
Legal basis: Eligible interest or alternative consent.
Our accounts contain personal information on the invoices we have sent to our customers. It is the same personal data that is contained in our customer register.
Legal basis: Legal obligation.
Our email conversations with customers contain personal information in an unstructured form, especially names and e-mail addresses.
Legal basis: Eligible interest or alternative consent.
We save the application forms from all people who are looking for a job with us. The information contains information about the applicant’s name, telephone number, e-mail address and their previous experience of similar jobs. Applicants can also choose to add additional personal information about themselves.
Legal basis: Eligible interest or alternative consent.
We use technology, such as cookies, to customize content and ads, offer features in social media, and analyze traffic to the site. We also share information about your use of the site with our trusted social media, advertising and analysis partners as follows;
We match our CRM data with Facebook user database to create a custom audience for our advertising campaigns.
Measurement and statistics
We process data to measure the results and reach of our advertising campaigns as well as provide statistics about the people who use our services.
We process data (cookies) through the Facebook Pixel tools, Albacross Nordic AB (more information here, external website), Google Tag Manager (more information here, external website) and LinkedIn Insight Tool (more information here , external website), this to give our users a better experience, both on our website but also on other trusted channels.
Legal basis: Consent
9.2. How do we collect personal data?
It may happen that we supplement these data via email or telephone contact with the customer. In exceptional cases, we may use a search service on the Internet to collect the customer’s address when the customer is a physical person.
Job seekers send applicants via email (refer to our website).
9.3. What do we use personal data for?
We use our customer register and newsletter to keep track of our customers, know who we are to communicate with and see what agreements we have made with each customer. We are required to record all transactions and store all verifications.
Legal basis: Legitimate interest and fulfillment of legal obligation.
9.4. Requesting data
The registrant may request all information we have stored about the person concerned. To ensure that it is the right person who requests the information, such a request should come from the email address that the customer has previously used to communicate with us. Normally, we will send the data to the registered following weekday.
At the registered person’s request we can immediately delete all personal information about the person in question, in addition to the personal data we must save to fulfill a legal obligation.
9.5. Request data about personal data in material from our customers
Please note that it is our customers who are responsible for the personal data contained in the material that customers instruct us to work with. We are the only person in charge. Those who want to access the personal data stored in the material should contact the personally responsible person, ie our customer.
9.6. Privacy Incident
If there is a personal data incident, that is, personal data for which we are personally responsible will be in the wrong hands and we will immediately report this to the data inspection. We will decide in each case whether we will notify this to the registered person.
9.7. How long is your personal data saved?
When a customer has not been active for two years, we delete our personal information. In connection with this, the customer will also be unsubscribed from our newsletter. Anyone who wishes to remain a customer, but refrain from our newsletter, can notify it via email.
We will complete all verifications in the accounts after seven years and delete the data file after 10 years. This is in accordance with current Swedish legislation.
The person who is registered as a jobseeker will be deleted after two years.
9.8. Transfer of personal data to third countries
Our employees work mainly from Sweden. However, as we are a distance workplace, employees may temporarily stay in other countries and work from there. Employees can freely choose to work temporarily from any EEA country. In the event that a worker will work from a non-EEA country, known as third countries, we will decide on a case-by-case basis if it can be done safely without the risk of personal data being processed incorrectly. In cases where we estimate that this is possible, we establish a special agreement with the employee that regulates how personal data can be processed in third countries. In these cases, treatment in third countries will only be performed by our Swedish staff on computers with Swedish operating systems that they bring from Sweden when they travel.
We use a cloud service that is established in third countries (USA). As this company is affiliated with the EU-US Privacy Shield, they fulfill the GDPR’s requirements for managing personal data in third part countries.
9.9. Who are personal data available for?
Personal data are available in full for selected parts of our staff, as well as in part for the following subcontractors who are our personal information assistants. We do not provide personal information to anyone else.
Our accounting, invoicing and administration are carried out by Hedco. They act on personal data counsel for us and have access to all personal information contained in our invoices. This is governed by a personal data agreement between us and Hedco.
We use Loopia as a web host and for managing email. Loopia lives up to the requirements of GDPR and manages personal data through a personal data agreement between us and Loopia. More information can be found here: https://www.loopia.se/pdf/loopia_allmanna_villkor.pdf
Our CRM system Hubspot handles information about our customers. More information how Hubspot works to follow GDPR here:
We use Google as the supplier of our email. In recent years, Google has put a lot of effort into adapting its technology and its agreements to meet the requirements of GDPR. You can read more about Google work here: https://privacy.google.com/businesses/security Google is affiliated with the EU-US Privacy Shield, which means that they meet the requirements of GDPR for managing personal data in third countries.
Communication between the employees and customers takes place via Slack. https://slack.com/gdpr
Slack is affiliated with the EU-US Privacy Shield, which means that they meet the requirements of GDPR for handling personal data in third countries.
Communication is also done through the Skype application. Skype is also affiliated with the EU-US Privacy Shield, which means that they meet the requirements of GDPR for handling personal data in third countries. More info here: https://www.microsoft.com/en-us/TrustCenter/Privacy/ gdpr / default.aspx
In cases where we use personal identifiable information, Facebook has access to personal data. They then act as Personal Data Counselor under the following conditions: https://www.facebook.com/business/gdpr#Facebook-som-Person-Consumer-contract-personalbitbit%C3%A4de Facebook INC is affiliated with the EU-US Privacy Shield which means they meet the requirements of GDPR for the handling of personal data in third countries. https://m.facebook.com/about/privacyshield
9.10. Our role as a personal information officer
Some of our clients instruct us to work with material containing personal data. We are then a personal information officer for these clients. Then we create a personal data agreement with the customer. Because we do not know in advance whether the material from our customers contains personal information or not, it is up to the customer to inform us when the material contains personal information and that a personal data grant agreement must be established. We always inform our new clients about this in order not to risk that we work with personal data without establishing a personal data grant agreement. We may use one of our templates as the basis for a personal data agreement, or use a template provided by the customer.
It is personally responsible (our customers) who collect personal data. We handle them only according to the instructions we receive from the person responsible.
9.11. during assistants
The personal data we handle as personal information assistants on behalf of our customers is stored in the services described above under section 9.9. In the case of personal data that our customers are responsible for, our personal information assistants act instead as subservients. As a customer, you agree that we use these sub-services as described under the heading “Who is the personal data available to (Section 9.9).
The personal data will not be disclosed to anyone other than the subordinates described above. We will never use subcontractors to transcribe the material that our customers send to us.
9.12. Security routines in our role as personal information assistant
We are very concerned that the personal information contained in our customer’s materials is handled in a safe manner.
Our staff are bound by confidentiality agreements where they undertake not to disclose any information at all from the material they are dealing with, nor information about which clients we work with or what topics the materials deal with. We only work in places where nobody can see the screen or hear the sound from the headphones.
Once we have finished working with the material, we will delete it from our own computers and from our cloud service, after which only the customer has access to the material. If there are indications from customers that we need to reuse the material, it is stored in our cloud service for more efficient management. However, material is only stored for a maximum of one year.
In the unlikely event of a personal data incident that consists the personal data stored in our customer’s material would be handled incorrectly we will report it to the personal data controller, that is, our customer who, in turn, reports this to the data inspection and may inform the data subject. A personal information incident may be due to improper handling by us, one of our subcontractors, or because of a data violation.
Mattias Persson (CEO)
+46 72 322 44 01
Last updated 2018-10-17