Document Version: 2.1
Last Update: 25th of March, 2018
Definitions and terminology
The term “Site” refers to Trackado’s website and “Service” refers to Trackado’s service for contract management. In short you are using our “Site” when you are visiting our website and you are using our “Service” when you actively sign up or sign in to get access to the contract management application provided by us.
“Personal Data” means any information relating to an identified or identifiable natural person.
“GDPR” stands for the EU General Data Protection Regulation.
Responsibility for processing Personal Data
Trackado is responsible for the processing of the Personal Data and is data controller in the sense of GDPR.
What kind of Personal Data is processed and for what purpose?
When you visit our Site or Service we will collect information your browser sends to us. This may include the name of your internet service provider, the website from which you visited us from, the parts of our Site or Service you visit, the date and duration of your visit, and information from the device (device type, operating system, screen resolution, language, country you are in, and web browser type) you used during your visit.
We process this usage data to facilitate your access to our services (e.g. to adjust our services to the device you are using), and to recognize and stop any misuse. We also process usage data in an anonymized form for statistical purposes and to improve our Site and Service.
Cookies are stored on your individual device and you have full control over their use. You may deactivate or restrict the transmission of cookies by changing the settings of your web browser. Cookies that are already stored may be deleted at any time. Should you visit our site with cookies deactivated, you may possibly not be able to use all of the functions on our Site and Service to the full extent.
For more info about the cookies we make use of, please visit our Cookie Information.
Contact with us through email, chat or contact forms
On our Site and Service, you can contact us, for example via email, a chat function or contact forms. We will ask you for your contact information (e.g. name, email address etc.). We use this data solely in connection with answering the queries we receive.
If you receive emails from us, we may use certain analytics tools, to capture data such as when you open our email or click on any links or banners our email contains. This data helps us to gauge the effectiveness of our communications and marketing campaigns.
If you sign up for a free trial, you are not required to enter your credit card information unless and until you decide to continue with a paid subscription. We are using third-party providers manage the credit card processing and we never receive or store your full credit card information.
You can sign in to your account using Single Sign-on (SSO) services like your Google or Microsoft account. You can also connect to their cloud storage from within our Service. When using this functionality, these services will authenticate your identity and provide you with the option to share certain personal information with us such as your name and email address. We solely use this information to verify and configure your account.
Embedded content from other websites
Our Site may include embedded content (e.g. videos, images, articles, etc.) from other websites. Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
The legal basis for the processing of Personal Data
The processing of your Personal Data as described above is permitted under GDPR based upon the following legal basis:
- We have your consent to do so (you have the right to withdraw or decline your consent at any time).
- We need the Personal Data to perform a contract with you.
- We need to process the Personal Data due to a legal obligation.
- The processing is in our or a third party’s legitimate interests (and not overridden by your data protection interests or fundamental rights and freedoms).
Access and disclosure to third parties
We use a select number of trusted external service providers for certain technical data analysis, processing and/or storage offerings. These service providers are carefully selected and meet high data protection and security standards. We only share information with them that is required for the services offered and we contractually bind them to keep any information we share with them as confidential and to process Personal Data only according to our instructions.
If we are involved in a merger, acquisition, or sale of all or a portion of our assets, you will be notified via email and/or a prominent notice on our Site of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
We will never sell your data. If not explicitly mentioned above will only pass your data on to third parties without your express consent if we are obliged to do so by statutory law or an instruction by a public authority or court.
We want to communicate with you
We may occasionally send you notification emails about updates to our product, legal documents, offer customer support or marketing emails. Except for cases where we are required to do so by law (e.g. notifying you of a data breach), you shall have the opportunity to unsubscribe from receiving these messages free of charge.
Your data, your rights
You have a right to be informed of Personal Data processed by Trackado, a right to rectification/correction, erasure and restriction of processing. You also have the right to receive from us a structured, common and machine-readable format of Personal Data you provided to us.
We can only identify you via your email address and we can only adhere to your request and provide information if we have Personal Data about you through you having made contact with us directly, and/or you by using our Site and/or Service.
Where you have provided consent, you may withdraw it at any time, without affecting the lawfulness of the processing that was carried out prior to withdrawing it. Whenever you withdraw consent, you acknowledge and accept that this may have a negative influence on the quality of the Site and/or Service. You further agree that Trackado shall not be held liable with respect to any loss and/or damage to your Personal Data if you choose to withdraw consent.
Where Personal Data is processed for the above purposes on the basis of Trackado’s legitimate interests, under the GDPR, you may object to such processing at any time. To do so please contact: firstname.lastname@example.org.
Trackado falls under the authority of Swedish Data Protection Authority (Datainspektionen). For any inquiries or complaints, please contact the Swedish Data Protection Authority directly using the following contact details: email@example.com, Datainspektionen, Box 8114, 104 20 Stockholm, Sweden.
Duration of processing
We will store your usage data until such time when you withdraw your consent for us to do so. All other data as specified above will be retained for as long as is necessary for the purpose(s) for which we originally collected it for. We may also retain information as required by law.
How we protect information
We implement security measures designed to protect your information from unauthorized access. Your account is protected by your account password and we urge you to use a strong password, to change the personal passwords at regular intervals and to take steps to keep your personal information safe by not disclosing your password and by logging out of your account after each use.
We have implemented certain technological security measures including firewalls, secure socket layer technology and file encryption. When using our Service, we protect all communication between your browser and our servers by HTTPS/SSL and all uploaded files to our Service are encrypted.
These measures reduce the risk for unauthorized access, use, disclosure and destruction of your information. However, they do not guarantee that your information will not be accessed, disclosed, altered or destroyed by breach of such firewalls and secure server software. By using our Service, you acknowledge that you understand and agree to assume these risks.
International transfers of information
Your Personal data may be processed, stored, and used outside of the country in which you are located in. Our Site and Service are hosted within the EU, but your Personal data may be processed, stored, and used outside of the EU by one of our external service providers.
We reserve the right to change this policy from time to time. The most current version of this policy can always be found on our Site. You should periodically check the Site and this privacy page for updates.
All changes or modifications automatically take effect on the sooner of the day You use the Site and/or Service, or 30 calendar days after they are initially published on the Site.
174 41 Sundbyberg