Privacy Policy

Valid from 2020-07-03
  1. INTRODUCTION
    1. This Privacy Policy (“Policy”) applies to all processing of Personal Data carried out by Nudgd AB, reg. no. 559188-6477, Frigångsgatan 4, 413 01 Gothenburg, (“Nudgd”). “Personal Data” refers to any kind of information that can be directly or indirectly attributed to a living individual.
    2. The purpose of this Policy is to ensure that you feel confident that Nudgd handles your Personal Data in accordance with applicable data protection legislation. Below, we describe how Nudgd processes Personal Data, what rights you have, and how you can contact Nudgd if you have any questions or wish to exercise your rights.
    3. If Nudgd makes changes to this Policy, an updated version will be published on Nudgd’s website https://nudgd.se.
  2. PERSONAL DATA PROCESSING, PURPOSE, AND LEGAL BASIS
    1. Nudgd collects and processes Personal Data only to the extent necessary to provide, market, perform, and evaluate its services. Collection and processing of Personal Data is done only with consent, under an existing agreement, or due to legal obligations (e.g., accounting rules requiring Nudgd to store data). Exceptions apply when prior consent is not possible for practical reasons, processing is otherwise permitted by law, and Nudgd has a legitimate interest in doing so—such as for marketing, service follow-up, or to exercise or defend Nudgd against legal claims (so-called balancing of interests).
    2. Nudgd may process Personal Data collected for its own purposes, in which case Nudgd is the data controller. Examples include collecting Personal Data via the website to send newsletters, or when Nudgd’s support service saves Personal Data needed to manage support and complaint cases. The legal basis in such cases is either explicit consent or a balancing of interests. Processing may also be required to comply with legal obligations under laws, court rulings, or authority decisions.
    3. Nudgd may also process Personal Data on behalf of a third party, in which case Nudgd acts as a data processor. For example, when a municipality or company uses Nudgd’s services to send SMS or other targeted messages. The legal basis is then either the contractual relationship between the data subject and the third party, the third party’s legal obligation, or a balancing of interests by the third party.
  3. SENSITIVE PERSONAL DATA
    1. Sensitive Personal Data includes information revealing ethnic origin, political opinions, religious beliefs, trade union membership, as well as data concerning health or sexual life.
    2. Nudgd generally does not process sensitive Personal Data about users.
  4. COOKIES
    1. Nudgd uses cookies on its websites to tailor content to visitors. Cookies may also be shared with Nudgd’s partners.
    2. Cookies are stored on a visitor’s device only if strictly necessary to use the website or if the visitor has given consent. The specific cookies in use are disclosed on each website.
  5. DISCLOSURE TO THIRD PARTIES
    1. Nudgd does not share your Personal Data with third parties other than as described in this Policy, unless required to do so by law or as part of ongoing legal, administrative, or collection proceedings where you and Nudgd are parties.
    2. Nudgd uses subcontractors for services related to Nudgd’s offerings (so-called data processors). These providers may process Personal Data collected by Nudgd. Personal Data may also be stored using such providers’ services.

    3. Nudgd may share Personal Data you provide in the service, including your email address, with our clients so they can respond to your feedback.

    4. Nudgd will always restrict such providers’ access to the Personal Data necessary to provide services, protect rights, and fulfill obligations. Nudgd also requires these providers to (i) protect your Personal Data in line with this Policy or Nudgd’s other instructions, and (ii) not use or disclose Personal Data for any purposes other than those stated.
  6. STORAGE OF PERSONAL DATA
    1. Personal Data processed by Nudgd is stored on an external server provided by Nudgd’s data processor within the EU/EEA.
    2. Personal Data is not stored longer than necessary for the purposes of processing (typically three months) and Nudgd’s legal obligations such as accounting rules. Data is never stored longer than required by applicable law, and data is deleted in line with current regulations.
  7. TRANSFERS TO THIRD COUNTRIES
    1. As a rule, Nudgd does not transfer Personal Data to countries outside the EU/EEA. If Nudgd must do so—for example, by using a service provider based outside the EU/EEA—data will only be transferred if the country ensures an adequate level of protection under applicable data protection law.
    2. We use Google Maps to display location information attractively and make it easier for visitors to find places. Google Maps is used via an API, meaning your IP address may be stored when you use the map. This information is usually sent to a Google server in the USA and stored there. The legal basis is GDPR Article 6.1(a).

      Information on how Google handles user data can be found in Google’s Privacy Policy.

      If you do not want data transferred to Google via Google Maps, you can deactivate the Google Maps web service by disabling JavaScript in your browser. Please note that this will make map features unavailable, and other website features may also stop working.

  8. EXTERNAL LINKS
    1. This Policy applies only to Personal Data that Nudgd processes within its services and digital channels. Nudgd’s websites may contain links to websites not controlled by Nudgd. Nudgd is not responsible for Personal Data handling or collection on such websites, which are not covered by this Policy.
  9. RIGHT TO REQUEST INFORMATION
    1. You have the right to request, free of charge, information about what Personal Data Nudgd, as data controller, processes about you (a so-called register extract). When making a request, you need to specify what information you are interested in (unless you want all information). This helps Nudgd provide relevant details.
    2. If you request register extracts multiple times, Nudgd may charge a fee or, in some statutory cases, refuse your request. Extracts are provided within 30 days of Nudgd receiving your request. If extensive, Nudgd may need more time or, in some cases, be unable to fulfill it.
  10. RIGHT TO RECTIFICATION
    1. To ensure Personal Data is always correct and relevant, Nudgd systematically maintains its registers. If you notice that Nudgd, as data controller, has incorrect or missing Personal Data about you, you have the right to request correction. Simple corrections are usually made without consideration, but in special cases, Nudgd may need to evaluate your request. Requests may be denied if impractical or requiring unreasonable effort.
    2. If your Personal Data is corrected, Nudgd will notify any subcontractors or partners to whom the data was disclosed. Upon request, Nudgd will also inform you of which parties received the corrected data.
  11. RIGHT TO BE FORGOTTEN
    1. You may request that Nudgd, as data controller, deletes your Personal Data if:
      • it is no longer needed for the purposes collected,
      • processing is based on your consent and you withdraw it,
      • processing is for direct marketing and you object,
      • processing is based on a balancing of interests and no overriding interests exist,
      • deletion is required to comply with legal obligations, or
      • another valid legal basis exists for deletion.
    2. Nudgd may refuse deletion if it must retain the data to fulfill legal obligations or to exercise or defend legal claims (e.g., in a dispute).
    3. För det fall Nudgd mottar en begäran enligt ovan, kommer Nudgd att göra en bedömning om det finns skäl att radera dina Personuppgifter. Du kommer därefter meddelas Nudgds bedömning. För det fall Nudgd raderar dina uppgifter på din begäran, kommer Nudgd informera eventuella leverantörer och samarbetspartners som Nudgd lämnat ut Personuppgifterna till om att dessa har raderats. Nudgd kommer dock inte göra detta om det är praktiskt ogenomförbart eller kräver en orimligt stor arbetsinsats.
  12. RIGHT TO RESTRICTION OF PROCESSING
    1. You may request restriction of your Personal Data processed by Nudgd when:
      • you contest its accuracy (for the time needed to verify it),
      • processing is unlawful but you oppose deletion and request restriction instead,
      • Nudgd no longer needs the data but you require it to establish or defend legal claims, or
      • you object to processing pending verification of whether Nudgd’s legitimate interests override yours.
    2. Restriction means the data is marked and may only be processed for limited, critical, or legal purposes.
  13. DATA RETENTION
    1. Personal Data will not be stored longer than necessary for processing purposes (usually not longer than three months). Nudgd will otherwise delete Personal Data in line with applicable legislation, assessing retention case by case.
  14. RIGHT TO OBJECT
    1. You have the right to object to Nudgd’s processing of your Personal Data when based on a balancing of interests. Such objections must specify which processing you oppose. Nudgd may only continue processing if it can demonstrate overriding legitimate grounds.
    2. If your data is processed for direct marketing, you always have the right to object at any time.
  15. RÄTTEN TILL DATAPORTABILITET
    1. If you have provided Personal Data to Nudgd, you may in certain cases request to obtain and transfer your data to another company. This right applies to data processed by Nudgd as data controller on the basis of your consent or an agreement with you. It does not apply when processing is based on legitimate interests or legal obligations, or if transfer is technically unfeasible or requires disproportionate effort.
  16. RIGHT TO COMPLAIN
    1. If you have complaints or objections regarding Nudgd’s handling of your Personal Data, Nudgd asks you to first contact them (see section 18 below) so they can help you. You always have the right to lodge a complaint with the supervisory authority for data protection matters, the Swedish Authority for Privacy Protection (IMY).
  17. SECURITY
    1. Nudgd takes all appropriate technical and organizational measures required by law to protect Personal Data from unauthorized access, alteration, or destruction. To ensure safe and confidential processing, Nudgd uses networks protected by firewalls and passwords in line with industry standards. Encryption may also be used when transferring data digitally. Security routines are continuously updated in line with technological developments.
  18. GOVERNING LANGUAGE
    1. This privacy policy may be available in several languages. In the event of any difference in interpretation or content between the language versions, the Swedish version shall prevail.
  19. CONTACT DETAILS
    1. If you wish to exercise your rights under this Policy, please submit a written request via the form on Nudgd’s contact page or by email to [email protected]. To ensure data is not disclosed to unauthorized parties, Nudgd asks that, where possible, you sign your request and include a copy of a valid ID (passport or driver’s license).
    2. If you have any questions about this Policy or Nudgd’s processing of Personal Data, you can contact Nudgd at [email protected].

PRIVACY SETTINGS

We collect and process your data on the website to better understand how it is used. We always ask for your consent before doing so. You can change your privacy settings here.

Access your data

Fill in the form to request access to your data. We only use your email address to process this request.

Message
Send
Delete my data
Edit my data