PRIVACY POLICY FOR ESICS
- GENERAL INFORMATION
- This document describes how MAFI Group AB, Reg. No. 556679-4417 having its registered address at Seljavägen 15, 792 95 Mora (“Mafi” “we” or “us”) collects, uses, and processes personal data (“Privacy Policy”). This Privacy Policy is applicable when you are using the service ESICS (the “Service”).
-
- All definitions in this Privacy Policy shall be interpreted in accordance with applicable data protection laws which refers to the General Data Protection Regulation (Regulation no. 2016/679) and the Directive on Privacy and Electronic Communications (Directive 2002/58/EC), as well as the national implementations and related national legislation.
- DATA PROCESSED
- We will process the following personal data when you use the Service:
- name;
-
- address;
-
- email-address;
-
- telephone number;
-
- location data;
-
- information about your use of the Service;
-
- credit card information;
-
- details of the products and services we have provided to you or that you have enquired about, including any additional information necessary to deliver those products and services and respond to your enquiries;
- content that you post, upload and/or contribute to the Service; and
-
- technical data, which may include the URL you are accessing the Service from, your IP address, unique device ID, network and computer performance, browser type, language and identifying information and operating system.
-
- The processing of the personal data above is necessary to fulfil the agreement you have entered with us. Accordingly, we are unable to provide you with the Service unless you provide us with the personal data and agree to this Privacy Policy.
- PURPOSES OF PROCESSING
- We will process the personal data set out above for the following purposes:
- to administer your account, to enable and provide the Service and integration with third party services, and to provide, personalize and improve your experience with the Service, and to otherwise provide the Service according to the terms of service;
- to send you alerts or messages by email or otherwise, regarding updates of the Service, the terms of service, or this Privacy Policy;
- to ensure the technical functioning of the Service, and to prevent the use of the Service in breach of the terms of service;
- to enforce the terms of service, including to protect our rights, property, and safety and also the rights, property and safety of third parties if necessary;
- to improve and develop the Service or new services and products, and to analyse and create statistics regarding your use of the Service; and
- to fulfil requirements by law.
- LEGAL GROUND FOR THE PROCESSING
- The legal ground for the processing for the purposes under clause 1(a)-3.1(d) is fulfilment of contract. By accepting the “Terms of service for the Service”, you enter into an agreement with us (the “Agreement”). We process your personal data to be able to fulfil the Agreement with you.
-
- The legal ground for the processing for the purpose under clause 1(e) is legitimate interest. Our legitimate interest in the processing is a commercial interest to maintain and improve our Service and to develop new services.
-
- The legal ground for the processing for the purpose under clause 1(f) is to fulfil our legal requirements under law.
-
- DISCLOSURE OF PERSONAL DATA
We may share information for the purposes described in this privacy policy to the following parties, but we won’t sell it to advertisers or other third parties;
- our employees and related bodies corporate;
-
- third party suppliers and service providers (including providers for the operation of our websites and/or our business or in connection with providing our products and services to you – for example: our customer relationship management software, email marketing software, and help desk software);
- professional advisers, dealers and agents;
-
- account administrators from your company may have access and control of your account if it is associated to the organisation’s account. please review your company’s internal policies if you have questions about this;
-
- payment systems operators (e.g. merchants receiving card payments);
-
- our existing or potential agents, business partners or partners;
-
- anyone to whom our assets or businesses (or any part of them) are transferred;
-
- specific third parties authorised by you to receive information held by us; and/or
-
- other persons, including government agencies, regulatory bodies and law enforcement agencies, or as required, authorised or permitted by law – we will not provide your information to these agencies unless a court order requires us to do so, and will inform you should such a request be made unless we’re legally prevented from doing so.
- We may share and disclose your personal data to external processors which deliver a part of the Service to be able to provide you with the Service. Furthermore, the Service may be hosted by Amazon web services (“AWS”) or any other third party as a cloud service, as chosen by us from time to time in our sole discretion, and you shall read and approve the applicable AWS privacy policy (or the relevant cloud service provider privacy policy) prior to use of the Service. The AWS privacy policy can be found here: https://aws.amazon.com/privacy/.
Our processor AWS is located outside the EU/EEA and we are therefore applying the following safeguards for example:
- All network communication between us and your web browser is encrypted,
- Only specific staff members may access the data we store on your behalf, and the systems storing this data automatically log access,
- Sensitive information such as passwords are only stored in encrypted form,
- All user actions in the system are logged by user and IP enabling us to track down unauthorised access for as long as our logs are kept.
- You can acquire further information regarding the transfer by contacting us at info@mafigroup.com.
-
- When using the service, you may be directed to other websites where the personal data collected is not in our control. The privacy policy of the other website will govern the personal data obtained from you on that website.
- RESPONDING TO LEGAL REQUESTS AND PREVENTING HARM
We may access, preserve and share your personal data in response to a legal request (like a search warrant, court order or a subpoena or the like), or when necessary, to detect, prevent and address fraud and other illegal activity, to protect ourselves, you and other users, including as part of investigations.
- COOKIES, PIXELS AND OTHER SYSTEM TECHNOLOGIES
We collect information by using technology such as cookies, pixels and tags (on your browser or device). For information about how we use this type of technologies, please see our cookie policy (available here ).
- RETENTION
We store your personal data under the period for which you use the Service.
- CHILDREN
The Service is not directed to persons under the age of sixteen. If you are a parent or guardian of a person under the age of sixteen and you become aware of that the child has provided personal data to us without your consent, please contact info@mafigroup.com to exercise your access, rectification, erasure, limiting of processing and objection rights.
- YOUR RIGHTS
- You have the right to request access and further information concerning the processing of your personal data, or request that we correct, rectify, complete, erase or restrict the processing of your personal data. You have the right to obtain a copy of the personal data that we process relating to you free of charge once every calendar year. For any additional copies requested by you, we may charge a reasonable fee based on administrative costs.
-
- Since the processing is based on the legal ground fulfilment of contract, you have the right to data portability. Data portability means that you can receive the personal data that you have provided to us, in a structured, commonly used, and machine-readable format, and have the right to transfer such data to another data controller.
-
- CONTACT INFORMATION
- To exercise your rights, or if you have any questions regarding our processing of your personal data, please contact us at the following address: info@mafigroup.com, or MAFI Group AB, Seljavägen 15, 792 95. In your letter/email please state your full name and note the letter/email with “GDPR”. Note that you should sign the request to receive information of the processing of your personal data yourself.
-
- If you have any complaints regarding our processing of your personal data, you may file a complaint to the competent data protection authority. You can find out more about the local data protection authorities under the following link http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.
-
- Change of Control
If there is a change of control in our business, we may transfer your personal data to the new owners for them to continue to provide the Service. The new owners shall continue to comply with the commitments we have made in this Privacy Policy.
- NOTICE OF CHANGES TO THE PRIVACY POLICY
If we make changes to this Privacy Policy, we will notify you through our webpage. If your consent is required due to the changes, we will provide you additional prominent notice as appropriate under the circumstances and, ask for your consent in accordance with applicable law.
__________________________