Who is responsible for your personal data?
Compilator AB, 556548-9555, Södergatan 22, 2×11 34 Malmö, is a program provider of web-based applications that include: accounting, nvoicing, bookings and order processing, hereinafter referred to as “the Service”. Compilator is the data controller for the processing of the personal data you share with us when:
- you sign up for the Service.
- you get login information and become a user of the Service.
- you sign up for one of our courses.
- you have a question and / or contact us.
- you visit our website and accept cookies.
Compilator is the data processor that processes your personal data in the Service as described on the Compilator website. The data controller for the processing of your personal data in the Service is the “Customer”, which is the registered company at Compilator. As a user with your own login for the Service, you are known as the “User”. In the Service, the “System Administrator” role represents the Customer in the Service, and is responsible for administering users.
What personal data does Compilator process?
Why do we process your personal information?
Compilator collects and processes personal information about you as a user and customer in order to provide the Service, to fulfil our commitments to you, and to provide you with the best possible experience of both the Service and our website. This is necessary so that we can identify you, administer your account, for statistical purposes and for direct marketing (which you can unsubscribe from). The personal data collected when ordering is required to process the order, to invoice and to send your login details. Your personal data is required to give you access to the Service, to use the Service, to create history for you as a customer, to identify you, and to know which users and customers are using the Service.
When using the Service’s image upload feature, you agree that Compilator will have access to your mobile’s camera and image gallery, to upload and process your images in the Service, for example when registering receipts and vehicle registration plates. See below for examples of why we collect and process personal data:
- Contact information, company information, and information about course participation are required for us to fulfil our obligations for educational services, such as managing your application and invoicing.
- We also process the data in order to send out evaluations and follow-ups that you agree to.
- When you contact us through any of Compilator’s communication channels, your information is used to manage the case, to contact you and help improve our service by saving the case for further issues.
- When you visit Compilator’s website, you agree to cookies for the processing of data.
With whom do we share your personal data?
Your data is processed primarily by Compilator. However, we may also share your information with selected partners, suppliers or other stakeholders, according to the below. When using certain programmes or features of the programmes, we may share personal data with Compilator’s subcontractors, both inside and outside the EU/EEA. A complete overview of recipients and venues for the processing of personal data in the Service is available on the Compilator website. Suppliers have equivalent obligations regarding the processing of personal data that you as a customer have agreed with us, and appear in the Data Processor Agreement. See below for examples of whom we share personal information with:
- When administering training and when you contact us, we use subcontractors. Their agents and their processing venues are set out in the table view.
- Your data as a customer may be collated with a third party’s registry to collect more information about you as a customer. If you as a customer use EDI invoices (electronic invoices) in the Service, personal data is provided to Compilator’s subcontractor for EDI invoice services. This is to inform your customers and suppliers that you are available for sending and/or receiving EDI invoices.
- We may need to share personal data with other companies within the group, in order for us to provide the Service and to fulfil our commitments to you.
- We share personal information about users and customers between the companies within the group when you open a case with us, if the information is required in order to assist you.
- If you choose to activate an integration in the Service, we will share the personal data required by that integrator, which will be done at your request.
|Contact via e-mail||Zendesk||USA (Privacy Shield)|
|Contact via e-mail||Hubspot||USA (Private Shield)|
|Personal data connected with external registers.||Creditsafe||Sverige, Storbrittanien|
How do we protect your personal information?
We, and, where applicable, our partners, have implemented various security measures to protect the personal data being processed:
- We have redundant firewalls with intelligent intrusion protection that protects against external threats, to protect and prevent unauthorized access to our networks and systems.
- Physical access to data is protected through diversified shell protection, where only authorized personnel have access. If data is moved outside our backup data centre, the information is encrypted.
- Our employees have strict instructions to handle all information in accordance with applicable laws, rules and policies.
- Only those persons who need access to systems where personal data are stored are given access, and all data is protected by access rules.
- Analyses are conducted on a regular basis, both internally and externally, to identify and rectify possible vulnerabilities.
We and our partners generally process your personal data only within the EEA. In cases where information is processed outside the EEA, this occurs only in accordance with applicable data protection legislation.
For how long do we save your personal data?
Depending on the reason for processing your personal data, Compilator stores your personal data for different periods, but never for longer than allowed by mandatory law and practices.
Compilator saves personal data about you as a customer as long as there is a customer relationship, or for as long as is required to meet the ends described in this policy. Upon termination of the agreement, Compilator will delete or anonymize your information within a reasonable period of time, unless otherwise dictated by Swedish or European law, or by a court or authority. Your data may also be saved if there are security or economic considerations.
The length of time your personal data is stored by us varies depending on the purpose of their collection. Information stored in the Service is deleted by the system administrator, but in those cases where there is no technical delete function, your system administrator will need to contact us.
Information collected when you contact us is stored for as long as you are our customer, so that we can fulfil our commitments. Upon termination of the customer relationship, we may store data if we consider it necessary as evidence, in case of possible future problems. The data storage is then restricted to a single system with controlled permission management.
How can you influence our processing of your personal data?
- You have the right to request an extract of the information contained on you in the registry.
- In some cases, you also have the right to data portability of your personal data. You are entitled to have your personal data corrected if they are incorrect, incomplete or misleading, and you may limit the processing of personal data until they are changed.
- You have the right to be forgotten, but deletion of personal data cannot occur if it is required to fulfil the agreement, of if Swedish or European law, court or government decisions dictate otherwise, as well as if there are other legitimate balances of interest to consider.
- You also have the right to withdraw your consent, make complaints related to data processing at the Information Commissioner’s Office, to oppose automatic decision making, profiling and to opt out of direct marketing.