Last update: 13/11/2023
Please read the following carefully to understand our views and practices regarding your personal information.
1. Who are we?
For the purposes of applicable data protection laws, the data controller is Getstoix AB, with registered office at Industrigatan 4b, 2nd floor, 112 46 Stockholm, Sweden, with organization number 559308-3842
This Privacy Notice covers all personal information processed by Stoix which means information that (either in isolation or in combination with other information) enables you to be identified directly or indirectly.
2. What information do we collect from you?
We may collect information about you from the following sources:
2.1 Information we receive from you
We may collect personal information, such as your name, postal address, e-mail address, job title, telephone number, and all other personal information that may be provided by you. This personal information is provided to us when you:
- Sign up on getstoix.com or any other company websites (“our websites”) to access our resources (such as white papers, newsletters, case studies, and webinars)
- Create an account in our websites to use functionality we make available
- Contact us
2.2 Information we collect about you
- Technical information, including your IP address, your login information, browser type and version, device identifier, location and time zone setting, browser plug-in types and versions, operating system and platform, page response times, and download errors.
- Information about your visit, including the websites you visit before and after visiting our websites and products you viewed or searched for
- Device data, for example the type and model of the device you are using, its operating system and version, its unique identifier, crash data (if applicable), and what settings you´ve enabled. Your device and software settings affect what information your device makes available to us.
- Log data, which is automatically recorded by our servers based on data sent by your app or browser. This typically includes the date and time you visited, the browser or app version you used (and its settings), the URLs you came from and go to, your IP address and protocol, and how you used the functionality we make available;
- Cookie data, which comes from “cookies” (small data files stored on your computer or mobile device) and similar technologies. Cookie data helps us recognize you, remember your preferences, and learn more about you; some, but not all, cookie data is associated with the functionality we make available. You can configure your browser to reject cookies, but doing so will prevent you from logging into our website.
- Information from third parties and public sources.
- Email addresses
3. How do we use your personal information?
|We process the following information:||For the following purpose:||Based on the following justification:|
|Name, address, email address, company, job title||To verify your identity To set up and manage your account To protect the security and integrity of our websites and functionality we make available To contact you when necessary or appropriate||We may use your information in these ways as this is necessary for us to perform our contractual obligations towards you. We also have a legitimate interest in processing your information to maintain our relationship with you.|
|Personal information you disclose in emails sent by you to Stoix||To respond to your comments and questions||We may process this information because it is necessary for us to perform our contractual obligations towards you and respond to your enquiries.|
|Name, email address||To ensure that we do not contact you if you have asked us not to. We understand that you may prefer for us not to contact you with details of our products and services. We keep records of your preferences in order to do this.||We have a legitimate interest in processing this information to ensure that we do not send you marketing material if you do not want to receive it.|
In addition to the above, we may process any of the information relating to you in order to comply with legal requirements that apply to us (such as tax and financial reporting requirements).
4. Do we use your personal information for direct marketing?
With your permission, we may send you carefully selected information about our products and services. You have the right to opt out of receiving direct marketing at any time. We do not sell your data or use your data for advertising purposes.
5. With which third parties do we share your personal information?
Your personal information is intended for Stoix but may be shared with third parties in certain circumstances:
Stoix´s group of companies: We may share your personal information among our group of companies, including our parent company, subsidiaries, our head office and branches, in order to open your account with us, administer our services and products, provide you with customer support, understand your preferences, provide, maintain and improve functionality we make available, send you information about our products and services that may be of interest to you and conduct the other activities described in this Privacy Notice.
Our service providers: We use other companies, agents or contractors to perform services on our behalf or to assist us with the provision of Stoixs’ services and products to you. We may share personal information with the following categories of service provider:
- infrastructure and IT service providers, including for email archiving.
- external auditors and advisers.
In the course of providing such services, these service providers may have access to your personal information. However, we will only provide our service providers with personal information which is necessary for them to perform their services, and we require them not to use your information for any other purpose. We will use our best efforts to ensure that all our service providers keep your personal information secure.
Third parties required or permitted by law: In certain circumstances, we may be required to disclose or share your personal information in order to comply with a legal or regulatory obligation (for example, we may be required to disclose personal information to the police, regulators, government agencies or to judicial or administrative authorities).
We may also disclose your personal information to third parties where disclosure is both legally permissible and necessary to protect or defend our rights, matters of national security, law enforcement, to enforce our contracts or protect your rights or those of the public.
Third parties connected with business transfers: We may transfer your personal information to third parties in connection with a reorganization, restructuring, merger, acquisition or transfer of assets, provided that the receiving party agrees to treat your personal information in a manner consistent with this Privacy Notice.
We will not sell your personal information to third parties.
Please note our websites may, from time to time, contain links to and from the websites of our partners or affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we have no control over how they may use your personal information. You should check the privacy policies of third party websites before you submit any personal information to them.
App’s) use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy , including the Limited Use requirements.
6. International Transfers
The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by subcontractors or staff operating outside the EEA who work for us, or for one of our suppliers. The third-party subcontractors and suppliers may, for example, be software and data storage providers, business consultants. There could also be third-parties engaged in the development of the Services, provision of payment processing services and the provision of support services.
We ensure that an adequate level of protection is maintained, and that suitable safeguards are adopted in line with applicable data protection legislation requirements, such as the GDPR, when we transfer your data outside the EU/EEA. These safeguards consist of ensuring that the third party country is subject to an adequacy decision by the European Commission, implementing the European Commission’s standard contractual clauses or ensuring that the recipient is registered with the US Privacy Shield (or any replacement thereof).
By using the Services and by submitting your personal data, you consent to the transfer, storage or processing of your personal data with our business partners located outside of the EEA.
7. What are your rights?
You have the following rights available to you:
- Access the information we hold about you. We’ll usually share this with you within 30 days of you asking us for it.
- Correction or deletion of the information we hold about you. If your information is incomplete or inaccurate, or you would like us to delete your information, please contact us using the details set out below. However, if we need to retain such data to comply with a legal obligation or to establish, exercise or defend legal claims, we will have to keep it.
- Restriction of our processing of your personal information. You can do this where you believe such data to be inaccurate; our processing is unlawful; or that we no longer need to process such data for a particular purpose, or because you do not want us to delete it.
- Right to object. Where the legal justification for our processing of your personal information is our legitimate interest, you can object to such processing on grounds relating to your particular situation. We will stop processing your data unless we have compelling legitimate grounds for the processing which override your interests and rights, or if we need to continue to process the data for the establishment, exercise or defense of a legal claim.
- Right to withdraw consent. If you have consented to our processing of your personal information, you can withdraw your consent at any time, free of charge This includes cases where you wish to opt out from marketing messages that you receive from us.
You can make a request to exercise any of these rights in relation to your personal information by sending an email to firstname.lastname@example.org.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response. We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
You also have the right to lodge a complaint with the local data protection authority if you believe that we have not complied with applicable data protection laws. If you are based in, or the issue relates to, the UK, you can contact the Information Commissioner’s Office here.
If you are based in, or the issue you would like to complain about took place, elsewhere in the EEA, please click here for a list of local data protection authorities in the other EEA countries.
8. How do we protect your personal information?
We have implemented technical and organisational security measures to safeguard your personal information in our custody or control. Such measures include, for example, limiting access to personal information only to employees and authorised service providers who need to know such information for the purposes described in this Privacy Notice, as well as other administrative, technical and physical safeguards.
In using some of the functionality we make available, you may come across links to websites and services operated by third parties (for example, a link to a video on YouTube or a display of a restaurant on Yelp). These third parties have their own privacy policies, which will apply to your activity if you click on the link or access their website or service. We do not accept any responsibility or liability for such external sites’ privacy and security practices.
While we endeavour to protect our systems, sites, operations and information against unauthorised access, use, modification and disclosure, due to the inherent nature of the Internet as an open global communications vehicle and other risk factors, we cannot guarantee that any information, during transmission or while stored on our systems, will be absolutely safe from intrusion by others, such as hackers.
9. How long do we keep you personal information?
We keep your information only so long as we need it to provide the Stoix´s services to you that you require and fulfill the purposes described in this policy. This is also the case for anyone that we share your information with and who carries out services on our behalf. When we no longer need to use your information and there is no need for us to keep it to comply with our legal or regulatory obligations, we’ll either remove it from our systems or anonymise it so that we can’t identify you.
10. How can you contact us?
If there are any questions or concerns regarding this Privacy Notice, please contact us:
By email: email@example.com
11. Which version of this Privacy Notice applies?
This Privacy Notice is written in English and may be translated into other languages. In the event of any inconsistency between the English version and the translated version of this notice, the English version shall prevail.
We reserve the right to change our Privacy Notice from time to time. If we decide to change our Privacy Notice we will notify you of these changes via email and post an alert on our websites.