- Background and purpose
Apostille24, operated by Prellwitz & Partners AB, protects your personal privacy and this privacy protection policy explains how your personal data is processed. The easiest way to contact us is via support@apostille24.se The policy has the following content:
- Background and purpose
- Your rights
- In which situations do we need to process your personal data?
- How do we get information about you?
- Who may we share your information with?
- Contact details
According to current data protection legislation, personal data may only be collected for “specific, explicitly stated and justified purposes.” Whoever collected the data must not later process it in a way that is incompatible with these purposes. In addition, the person who collected the data must have legal support for their processing, a so-called legal basis. Our processing of your personal data rests on one or more of the following legal grounds:
- the processing is necessary for us to be able to fulfill our agreement with you (“agreement”),
- the processing is necessary for us to be able to fulfill an obligation we have under another law (“legal obligation”),
- the processing is necessary for our legitimate interests and your interests in the protection of your personal data do not outweigh (“balancing of interests”), or
- in some specific cases, after you have given your consent to the processing in question (“consent”).
In the vast majority of cases, the legal basis is an agreement, legal obligation or balancing of interests. In some cases, however, our processing requires your consent. In such cases, we will collect your consent for the current treatment before it begins.
You can always contact us if you have questions about privacy and data protection issues by sending us an email at support@apostille24.se
Below we explain partly the “legitimate purposes” for which we collect your personal data, partly according to which legal basis we do this.
- YOUR RIGHTS
According to current data protection legislation, you have the right to receive information about when and how we process your personal data. You also have the right in some cases to access your personal data or have it moved, corrected or deleted. More information about your rights can be found here:
- Right to information
- Correct information
- Right to erasure (“the right to be forgotten”)
- Right to limitation of treatment
- Data portability
- Right to object
- Complaint
- Damages
2.1 Right to information
You have the right to receive free of charge information about which personal data about you we process (a so-called register extract). The request for such an extract must be made in writing and be signed by you. Please note that we only give out information that we know for sure belongs to you.
To make sure that the register extract is not sent to the wrong person, we send them to your civil registry address.
2.2 Correct information
We constantly try to ensure that your personal data is correct and up-to-date. If we discover incorrect or incomplete information, we will try to correct it or remove it.
If information is corrected at your request, we must inform those with whom we have shared your information about the correction. However, this does not apply if it turns out to be impossible or involves an overly onerous effort for us. Your right to information means that you have the right to know with whom we have shared your information.
2.3 The right to be forgotten
We save your personal data as long as you are a customer with us. When the customer relationship has ended, we will delete your personal data within 12 months, except when we are obliged by law to save it for a longer period of time (for example according to the Accounting Act).
As a customer, you always have the right to contact us and ask that your personal data be deleted. We are obliged to delete the data in the following cases:
- If the data is no longer needed for the purposes for which it was collected
- If the processing is based on your consent and you withdraw the consent
- If the processing takes place for direct marketing and you object to the data being processed
- If the individual objects to personal data processing that takes place after a balancing of interests and there are no justified reasons that outweigh your interest
- If the personal data has been processed illegally
- If deletion is required to comply with a legal obligation
If data is deleted following your request, we must inform those to whom we have disclosed the data about the deletion. However, this does not apply if it turns out to be impossible or involves an overly onerous effort for us. You also have the right to request information about to whom information has been disclosed.
2.4 Restricted Access
In some cases, you may have the right to demand that the processing of your personal data be restricted. Restriction means that the data is marked in our systems so that it may only be processed for certain limited purposes in the future.
The right to restriction applies, among other things, when you believe that the information is incorrect and have requested correction. In such cases, you can also request that the processing of the data be restricted while the accuracy of the data is investigated.
When the restriction ends, you must be informed.
2.5 Data Portability
Those who have provided their personal data have, in certain cases, the right to obtain and use their personal data elsewhere (data portability). Whoever has received the personal data is obliged to facilitate such a transfer of personal data. A prerequisite for data portability is that the recipient processes the personal data with the support of a consent from you or to fulfill an agreement with you and this only applies to such personal data that you yourself have provided.
2.6 Right to restriction of treatment
In some cases, you may have the right to demand that the processing of your personal data be restricted. Restriction means that the data is marked in our systems so that it may only be processed for certain limited purposes in the future.
The right to restriction applies, among other things, when you believe that the information is incorrect and have requested correction. In such cases, you can also request that the processing of the data be restricted while the accuracy of the data is investigated.
When the restriction ends, you must be informed.
2.7 Complaints
If you believe that we are processing your personal data in violation of applicable data protection regulations, you are requested to report this to us as soon as possible. You can also contact the Swedish Data Protection Authority directly and submit your complaint.
2.8 Damages
A person who has suffered damage because his or her personal data has been processed in violation of the data protection regulation may be entitled to compensation from the person or persons responsible for personal data who participated in the processing.
3 In which situations do we need to process your personal data?
We may process your persons in the following situations:
- When you make inquiries about our services
- When you order our services
- Visit our website
- Analysis of behavior
- Cookies
- Contact via social media
3.1 Provision of Services
In order for us to be able to provide our services to you, we must process your personal data to the extent necessary for us to be able to:
- answer questions via email,
- identify you as a customer,
- fulfill our agreement with you regarding the delivery of services,
- to handle any complaints,
- otherwise to safeguard our rights and fulfill our obligations according to our agreement with you.
The information we may process is contact information (name, address, e-mail address and telephone number) and social security number.
The treatments described above are a prerequisite for us to be able to provide the service you purchased. The legal basis for the processing is therefore the fulfillment of the contract with you.
We will process your personal data as long as you are a customer and twelve months thereafter.
3.1.1 Complaints
If you contact us due to a complaint, we need to be able to identify you as a customer and we will in many cases need information about you. The information we may process is the information you yourself provide to us in connection with the contact, such as contact information such as name, address, e-mail address and telephone number.
Our obligation to remedy errors may be partly apparent from contracts, partly from law including consumer protection legislation. The legal basis for the processing can therefore be both the fulfillment of an agreement and a legal obligation.
3.1.2 Information security and prevention of abuse.
We process personal data in order to provide security for all services, to detect or prevent various types of illegal use or use that otherwise contravenes the terms of the services we provide. We also process this data to detect and prevent fraud. The data that may be processed for this purpose are, for example, IP addresses and information about your computer or mobile device.
The processing described above is a prerequisite for us to be able to provide the services, which is why the legal basis is the fulfillment of an agreement.
We will save this data for three months.
3.2 Visiting our website
When someone visits our website, www.apostille24.se, we use third-party services to collect information and details about the visitors’ behavior patterns. We do this to find out the number of visitors to the different parts of the website. This information is processed without identifying anyone. We do not make any attempt to find out the identity of those who visit our website and we do not allow third party services to do so. If we wish to collect personally identifiable information through our website, we will provide advance notice. In that case, we will explain when we will collect personal data and explain what we intend to do with it.
4 How do we get information about you?
4.1 Information You Share
We collect personal data from you in several different ways. This can happen, for example, when you provide your information yourself when you send an e-mail or place an order in the web shop. We may collect the following personal data from you:
- contact details (name, address, e-mail address and telephone number)
- social security number
- information about your purchases of our services (settings and purchase history).
4.1.1 Sensitive information
We do not collect information relating to sensitive personal data (data relating to racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership and personal data relating to health or sexual life).
Social security numbers do not constitute sensitive personal data according to current legislation, but to the extent that social security numbers are stored by us, we treat them as particularly worthy of protection.
5 Who can we share your information with?
In order to protect your rights when we share your information with our service providers, all sharing takes place in accordance with written agreements that regulate the recipient’s rights and obligations regarding the processing of your personal data.
We will never sell your personal data to third parties. We will also not share your personal data with third parties so that they can use them for their marketing purposes.
5.1 Our service providers
We may share your personal data with our suppliers who, in relation to you, are third parties. In order to perform the services we purchase, our suppliers must in several situations process your personal data.
In the agreements we enter into with our suppliers, there are clear regulations on how they may process your personal data that we share with them. If you have questions regarding a supplier’s use of your personal data, you can contact us at support@apostille24.se to get information about which suppliers have processed your personal data.
5.2 Third Party Applications
When you use apps and other software-based services connected to your purchase in our webshop, these may be provided by third parties and by accepting the terms of such service, personal data may be transferred to such third parties, for example when using payment solutions such as Klarna. We cannot take any responsibility for such a third party’s processing of your personal data. We therefore urge you to familiarize yourself with the terms of use for such services and especially any conditions relating to their handling of your personal data. We are unable to answer questions about a particular third party’s use of your personal data and we must therefore ask you to contact such party directly.
6 Where do we process your personal data?
We will process your personal data in Sweden. However, we cannot comment on where your personal data is processed when you use apps or other software-based services provided by third parties (third-party applications). If you have questions regarding this, we therefore ask you to contact such party directly.
7 CHANGES
We will notify you before we make material changes to this policy and give you an opportunity to review the revised policy.