Privacy Policy
Last Updated: December 22, 2023
All defined terms in this Privacy Policy shall have the meaning as assigned to them in the Terms of Service unless expressly provided herein to the contrary.
1. General
1.1. This Privacy Policy ("Policy") explains how Precode AB and its affiliates ("Precode", "we", "our", "us" or "our") processes personal data i) in connection with the use of our website, ii) of persons that direct inquiries to us, iii) of contact persons with suppliers and business partners, iv) in connection the provision of our online services found at superoga.com and precode.ai ("Services") and as further defined in the Terms of Services to be found at superoga.com/terms-of-service and precode.ai/terms-of-service to customers, and v) of visitors to our social media platforms, and vi) in connection with the Precode Partner Program.
1.2. In this Policy you can read more about the personal data we collect, how we handle your personal data and how long we will retain your personal data etc.
2. Data Controller
- ● Precode AB
- ● Dalagatan 86D
- ● 11343 Stockholm
- ● Sweden
- ● email: support@precode.ai
2.2. All questions concerning this Policy, the exercise of your rights or any suspected non-compliance should initially be directed to support@precode.ai
2.3. The general legal processing framework is Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, and the attendant rules (the "GDPR").
3. Data Retention Periods
| Data Subject | Personal Data | Purpose | Retention period |
|---|---|---|---|
| Visitors to the website. | IP address, operating system, language setting, browser type, equipment type, etc. | Make the website available, optimize the website and user experience, ensure the functionality of the website, compile statistics and conduct targeted, relevant marketing. | 2 years for the purpose of understanding how visitors engage with the Precode Services. |
| Individuals that contact Precode or otherwise communicate with us. | Contact details and content of any communication. | Communication, and customer support. | Up to 5 years after the year which the personal data were collected unless it is necessary to store the data for a longer period of time e.g., for purposes of defending any legal claims. |
| Contact persons with suppliers and business partners. | Contact details, company name and content of any communication. | Communication, administration of business relationship, payment, documentation of orders, audit/records trail. | Up to 5 years after the year which the personal data were collected unless it is necessary to store the data for a longer period of time e.g., for purposes of defending any legal claims. |
| Potential customers / contact persons with potential customers. | Contact details and content of any communication. | Communication | Up to 5 years after the year which the personal data were collected unless it is necessary to store the data for a longer period of time e.g., for purposes of defending any legal claims. |
| Customers / contact persons with customers. | Contact details, company name, content of any communication and relevant billing details and credit card information. | Communication, administration and documentation of customer relationship, billing and dispute handling purposes. | Up to 5 years after the year which the personal data were collected unless it is necessary to store the data for a longer period of time e.g., for purposes of defending any legal claims. |
| Partner program contact persons. | Partner IP, contact details, company name and content of any communication, financial information; and/or certain information about Partner's end users (such as IP address and device identifier). | Communication, administration of business relationship, documentation of transactions, analytics purposes, audit/records trail. | Up to 5 years after the year which the personal data were collected unless it is necessary to store the data for a longer period of time e.g., for purposes of defending any legal claims. |
| All of the above. | All of the above. | Compliance with legal obligations, implementation and maintenance of organisational and technical security measures, handling enquiries or complaints, handling disputes and when necessary for the establishment, exercise or defence of legal claims. | Up to 5 years after the year which the personal data were collected unless it is necessary to store the data for a longer period of time e.g., for purposes of defending any legal claims. |
4. Sharing of Personal Data
4.1. We may share your personal data with our third-party service providers such as, for example, our IT hosting services providers, our providers of technical support, etc.
4.2. We may also share your data with our group companies/entities to the extent that we are entitled to do so under the law.
4.3. In addition, we will share your data to the extent that we are required to do so, for example as a result of requirements to report information to public authorities.
5. Sharing Your Personal Data With Non-EU/EEA Recipients
5.1. Some of our service providers are located outside the EU/EEA. We therefore may share your personal data with non-EU/EEA recipients. However, this will require:
- ● That an adequacy decision has been issued by the European Commission for the level of protection offered by the country or the international company in question;
- ● That the standard contractual clauses on data protection adopted by the European Commission have been entered into between us and the recipient of your personal data;
- ● That the recipient in question is certified in accordance with Article 42 of the GDPR; or
- ● That the recipient in question has adopted a set of binding corporate rules.
5.2. We may also sometimes ask for your consent to transfer your personal data to non-EU/EEA recipients, or such transfer may sometimes be necessary for the performance of an agreement with you, or the implementation of pre-contractual measures taken at your request. Such exemptions for specific situations are governed by Article 49 of the GDPR.
5.3. You are entitled to information about or a copy of any appropriate safeguards which form the basis of the transfer of personal data to non-EU/EEA recipients or — in the case of exemptions provided under Article 49 of the GDPR — the exemptions which serve as the basis for such transfer.
6. Your Rights
6.1. The list below includes an overview of your rights.
- ● Access: You have the right to access the personal data we process about you. You may request access to the personal data we hold about you, including the purposes for which the data were collected.
- ● Rectification and erasure: You have the right to request rectification, supplementary processing, erasure or blocking of the personal data we process about you.
- ● Restriction of processing: In certain circumstances, you have the right to restrict the processing of your personal data.
- ● Data portability: You have the right to receive your personal data (only data about you which you yourself have provided to us) in a structured, commonly used and machine-readable format (data portability).
- ● Right to object: You have the right to ask us not to process your personal data in cases where our processing is based on Article 6(1)(f) (legitimate interests). The extent to which we process your personal data for such purposes is described in this Policy.
- ● Withdrawal of consent: If the processing of your personal data is based on your consent, you have the right to withdraw such consent at any time.
6.2. Your exercise of the above rights may be subject to conditions or restrictions.
7. Secure Processing
7.1. At Precode, our processing of personal data is governed by our Information Security Requirements, which is implemented to ensure that all data is handled in a manner that complies with information security best practices.
8. Cookies Policy
8.1. Cookies are small text files that are placed on your computer or mobile device when you visit a website, mobile app or use an online product. We use cookies to enhance your user experience when using the Precode Services, and to show you ads related to Precode online.
8.2. You can decide to delete non-essential cookies at any time. Deleting cookies or similar technologies means that any preference settings you have made on a particular website will be lost and the functionality of the Precode Services may be impaired. You can use the preference settings in your web browser to:
- ● See what cookies or other similar technologies have been stored on your device;
- ● Block cookies or similar technologies;
- ● Clear cookies or similar technologies from your browser.
Moreover, you may opt out of advertising partners targeted advertising using the following links:
- ● https://www.aboutads.info/choices/ and https://www.networkadvertising.org/choices/ if located in the United States
- ● https://www.youronlinechoices.eu/ if located in the European Union.
| Provider | Name | Purpose | Expiration |
|---|---|---|---|
| Google Analytics | _ga | We use Google Analytics, which is a web analytics tool that helps us understand how users engage with the Precode Services. Like many services, Google Analytics uses cookies to track user interactions, as in our case, where they are used to collect information about how users use the Precode Services. This information is used to compile reports and to help us improve our Services. The reports disclose website trends without identifying individual visitors. For more information on Google Tag Manager, see here. For more information on Google Analytics, see here. If you want to opt out of Google Analytics across all websites you use, see here. | 2 years |
| Google Analytics | _gat | Used by Google Analytics to throttle the request rate. | 1 day |
| Google Analytics | _gid | Used to generate statistical data on how the visitor uses the website. | 1 day |
| Google AdWords | ads/ga-audience s | Used by Google AdWords to re-engage visitors that are likely to convert to customers based on the visitor's online behaviour across websites. | Session |
| Meta (Facebook and Instagram) | tr | We use the pixel function of Facebook Custom Audiences to identify users who have landed on certain pages for the purposes of target group-orientated remarketing and advertising. The Facebook pixel stores a cookie, which means that information about your visit to the Precode Services will be shared with Facebook. These cookies, and the information collected, are used to help Facebook deliver advertising on our behalf to users who have previously visited our Services when they are on Facebook or another platform powered by Facebook Advertising, and to track advertising success. To modify your Facebook Ad settings to restrict these advertisements and to learn more, see here. | Session |
| _fbp | Used by Facebook to deliver a series of advertisement products such as real time bidding from third party advertisers. | 3 months | |
| bscookie | Used by the social networking service, LinkedIn, for tasks the use of embedded services. | 2 years | |
| lang | Set by LinkedIn when a web page contains an embedded "Follow us" panel. | session | |
| lidc | Used by the social networking service, LinkedIn, for tasks the use of embedded services. | 1 day | |
| bcookie | Used by the social networking service, LinkedIn, for tasks the use of embedded services. | 2 years | |
| UserMatchHistory | Used to track visitors on multiple websites, in order to present relevant advertisement based on the visitor's preferences. | 29 days | |
| personalization_i d | This cookie is set by Twitter — The cookie allows the visitor to share content from the website onto their Twitter profile. | 2 years | |
| Amazon Web Services | AWSALB | Registers which server-cluster is serving the visitor. This is used in context with load balancing, in order to optimize user experience. | 6 days |
| Amazon Web Services | AWSALBCORS | Registers which server-cluster is serving the visitor. This is used in context with load balancing, in order to optimize user experience. | 6 days |
9. Complaints to Supervisory Authority
9.1. Any complaint about our processing of your personal data may be submitted to The Swedish Authority for Privacy Protection, https://www.imy.se/en/ .
10. Amendments and Updates
10.1. We reserve the right to amend this Policy as and when needed. We encourage you to periodically review this page for the latest information on the Policy.
Detailed information on third party services
11. Google Api Services: User Data Policy
Accessing Google User Data
Authorization and Consent: Our service accesses Google user data only after obtaining explicit consent from the user. We use OAuth 2.0 protocol for authorization, ensuring that users are fully aware of the types of data we access.
Scope and Limitation: The data accessed is limited to what is necessary for using the Precode service. This includes accessing workspaces, requesting stakeholder feedback, and approving documents.
Use of Google User Data
Purpose and Processing: User data obtained through Google APIs is used solely for enhancing user experience and providing personalised services. We ensure that the processing of this data is in line with the consent provided by the user and for the intended purpose only.
Data Minimization: We adhere to the principle of data minimization, ensuring that only the data necessary for the intended service is processed.
Storage of Google User Data
Security Measures: We implement robust security measures to protect stored data. This includes industry standard encryption and limited access control from our employees.
Retention Policy: Data is retained only for as long as is necessary for the provision of our services or as required by law. Our data retention policy is to retain up to 5 years. Details are also described in this document earlier.
Sharing of Google User Data
No Unauthorized Sharing: We do not share Google user data with third parties unless necessary for the provision of our service or as required by law. When data is shared, it is done under strict contractual terms that respect the confidentiality of the information.
Sub-processors and Partners: In cases where third-party service providers (sub-processors) are used, we ensure they comply with GDPR and uphold the same standards of data protection.
User Rights and Control
- Access, Correction, and Deletion: Users have the right to access, correct, or delete their data. Our service provides easy-to-use tools for users to exercise these rights.
- Data Portability: Users have the right to data portability. We provide mechanisms by which users can download their data in a structured, commonly used, and machine-readable format.
- Revocation of Consent: Users can revoke their consent at any time. Upon revocation, we will cease processing their data and take steps to delete it, unless required to retain it by law.
Compliance and Cooperation
Data Protection contact: To know more about the data protection contact.
Regulatory Cooperation: We are committed to cooperating with EU data protection authorities and adhere to the advice given by such authorities with respect to our data processing.