PRIVACY POLICY FOR SOFTWARE & LOGISTICS NORDIC SOLUTIONS AB
Last updated: June 04. 2024
This privacy policy applies for processing of personal data when Software & Logistics Nordic Solutions AB («Softlogs«, «we» or «us«) processes personal data in the capacity of data controller, for instance related to visitors of our websites and contact information to contact persons of our customers and suppliers.
This Privacy Policy does not apply to the cases where Softlogs processes personal data in the capacity of data processor on behalf of our customers when they use our services. For this processing of personal data there will be entered into a separate data processing agreement between Softlogs and the customers in question.
Below you will find information about the personal data we collect, why we do this and your rights in relation to the processing of your personal data.
1 WHO WE ARE
Softlogs is a provider of automation systems for invoice checking, cost allocation and freight deposition. With the help of advanced algorithms and machine learning we analyze deviations over time and find unprofitable processes. Our solutions are aimed at those who work with transport and logistics with the purpose of simplifying everyday life for transport buyers and carriers.
Softlogs acts as the data controller for the processing of personal data described in this Privacy Policy.
Our contact information is:
Software & Logistics Solutions Nordic AB
Häljeboda Solåsen
673 91 Charlottenberg
Sweden
Business registration number: 556910-1511
For any questions regarding our processing of your personal data, please contact our CEO at os@softlogs.net You can also contact us if you want to exercise your rights in accordance with the GDPR, as described below in section 7.
2 WHO WE PROCESS PERSONAL DATA ABOUT
The Privacy Policy addresses the processing of personal data about the following persons:
- Contact persons at our customers
- Contact persons at our suppliers
- Recipients of our newsletters
- Visitors to our website www.softlogs.net
3 PURPOSE, CATEGORIES OF PERSONAL DATA, LEGAL BASIS AND RETENTION PERIOD
All processing of personal data is carried out in accordance with the applicable data protection rules, including the Norwegian Personal Data Act and the General Data Protection Regulation (GDPR).
Below you will find an overview of the purposes for which Softlogs processes personal data, what personal data is processed, the legal basis for the processing and retention periods.
Creation, administration and fulfillment of customer and supplier agreements
When entering into agreements with suppliers and customers, we collect personal data about the contact person or representative at the customer or supplier. This includes their contact information. The purpose of this is to fulfill the agreement with our customers and suppliers.
The personal data is processed on the basis of GDPR Article 6 (1) (f). The processing of the personal of contact persons at customers or suppliers will be based on our legitimate interest and purpose of being able to manage our contractual offer, contractual relationship or communication in connection with the contractual relationship, towards our customers and suppliers.
The data processed for this purpose is as a main rule deleted after 3-5 years, in accordance with the rules of the Norwegian Bookkeeping Act.
Inquiries through contact form and social media
When you contact Softlogs through the contact form on our website and in social media, we process information about your name, username, email address and any personal data you provide through free text fields.
The legal basis for the processing is Softlogs’ legitimate interest in responding to inquiries, cf. Article 6(1)(f) of the GDPR.
The personal data we receive in connection with this processing will be deleted one month after the request has been submitted.
Sending out newsletters
In order to send newsletters to subscribers, we process the following personal data:
- Name
- Email address
The legal basis for the processing is your consent, cf. GDPR Article 6(1)(a).
Your personal data will be deleted when you withdraw your consent to receive the newsletter.
Use of Cookies
When you visit our website, we may collect personal data about your visit through the use of cookies. This includes your IP address, information about which operating system you use, browser ID, browsing activity and other data about how you have interacted with our website or other websites.
Certain cookies are used for certain essential functions to make our websites work. These are referred to as «first-party cookies» and are used, for example, to provide access to secure areas. First-party cookies/necessary cookies cannot be refused without affecting the functionality of our websites.
The legal basis for the processing of first-party cookies/necessary cookies is Softlogs’ legitimate interest in processing personal data to optimize the operation of our websites, cf. GDPR Article 6 (1) (f).
In addition, cookies are used to create anonymous user profiles using Google Analytics and Robin. These are referred to as «third-party cookies«. Third-party cookies will not be linked to other personal data we process about you. We do not use third-party cookies for advertising.
The legal basis for the processing using third-party cookies is your consent, pursuant to Article 6(1)(a) of the GDPR. The personal data will be deleted when you withdraw your consent.
Read more about our use of cookies in our cookie policy on our website.
4 RECIPIENTS OF YOUR PERSONAL DATA
In some cases, Softlogs may disclose personal data to others to the extent necessary for the administration of our operations and to carry out our business.
Softlogs may, among other things, share your personal data with our supplier of IT systems and technical assistance. These parties process personal data about our customers and suppliers by virtue of their role as data processors, and their processing is subject to a data processing agreement. The suppliers are required to act according to documented instructions from Softlogs and may not use personal data for their own purposes.
In addition, we may in some cases disclose your personal data to other companies who will themselves be responsible for how they process your personal data. For example, we may disclose your personal data to partners who handle payment services and public authorities if this is required by law or by a legally enforceable judgment or order.
If Softlogs sells or buys any business or assets, Softlogs may transfer your personal data to a prospective seller or buyer of such business or assets.
If Softlogs or a significant part of Softlogs’ assets are sold to another company, the personal data of our customers and suppliers may also be shared in connection with the sale.
We always implement appropriate technical and organizational security measures in accordance with applicable data protection legislation to ensure that your personal data is handled in a secure manner when transferring or sharing personal data with a third party.
5 TRANSFERS OF YOUR DATA TO COUNTRIES OUTSIDE THE EU/EUROPEAN UNION
Generally, we process your personal data within the EU/EEA. If the personal data is processed outside the EU/EEA, there is either an adequacy decision from the European Commission in place, which ensures that the third country in question guarantees an adequate level of protection, or we ensure that appropriate safeguards are in place to ensure that your rights under the GDPR are safeguarded. Examples of such appropriate safeguards are that the data transfer is subject to the European Commission’s Standard Contractual Clauses (SCC’s) or that the relevant third party follows approved standards of conduct.
If you would like more information about the security measures we have implemented, please contact us using the contact details set out at the beginning of this Privacy Policy.
6 SECURITY OF THE PROCESSING
All our processing of personal data is secured by necessary technical and organizational measures.
We handle personal data so that it is accurate, accessible and processed in accordance with the degree of sensitivity of the data. We also use a range of security technologies and information security procedures to protect personal data from unauthorized access, use or disclosure.
We restrict access to personal data to the staff or third parties who will process the data on our behalf. These parties are subject to a duty of confidentiality.
7 YOUR RIGHTS WHEN WE PROCESS PERSONAL DATA ABOUT YOU
Below is information about your rights in relation to the processing of your personal data. To exercise your rights, you can contact our CEO at os@softlogs.net
Your inquiry will be answered as quickly as possible, and within one month at the latest. If it takes longer than one month, you will be notified.
The Right to Information and Access
You have the right to receive information about the personal data we process about you. Through this statement, we inform you about our processing of personal data. For further information, please contact us by using the above-mentioned email address.
You also have the right to demand access to the personal data processed about you.
The Right to Erasure and Rectification
You can also ask us to correct inaccurate information we hold about you or ask us to delete personal data. We will, as far as possible, comply with a request to delete personal data.
The Right to Restriction and Object
In certain cases, you have the right to have the processing restricted, see GDPR article 21:
- You contest the accuracy of the personal data – processing is suspended for a period of time that allows us to verify the accuracy of the personal data.
- The processing is unlawful and you object to the erasure of the personal data and instead request that the use of the personal data is restricted.
- We no longer need the personal data to fulfill the purpose of the processing, but you need it to establish, exercise or defend legal claims.
You may also object to processing under Article 21(1) of the GDPR pending the verification of whether our legitimate interests override your privacy.
The right to data portability
For data that you have provided to us and that is necessary for the performance of a contract with us and that is processed automatically, you may request that your personal data be disclosed or transferred to another provider in a structured, commonly used, and machine-readable format.
8 COMPLAINANT
If you feel that our processing of personal data does not comply with what we have described here or that we are otherwise in breach of the data protection regulations, you can complain to the Norwegian Data Protection Authority:
Datatilsynet
Postboks 458 Sentrum
0105 Oslo
E-mail: postkasse@datatilsynet.no
You can find more information about complaints to the Norwegian Data Protection Authority on their websites.
9 CHANGES
If there are changes made in how we process your personal data, we will update or change our Privacy Policy. In the event of major changes, we will inform you of this.