GDPR Compliance

Coursio AB, corp. ID 556751-3212, Tegnérgatan 1 SE-111 40 Stockholm, Sweden, info@coursio.com, ("the Company"), is the personal data controller and responsible for ensuring that the processing of your personal data is carried out in accordance with applicable privacy laws.

If you have any questions or would like additional information about the processing of your personal data, please contact: Christoffer Elings-Pers, info@coursio.com

Personal data includes all type of information that can be directly or indirectly attributed to a physical person who is alive. Examples of personal data are names, personal ID numbers, e-mail addresses, and phone numbers. However, they can also include customer numbers, encrypted data, and various electronic identities, such as IP numbers, etc. if they can be linked to a physical person.

We collect personal data about you in several ways. They may, for example, be collected when you sign up to use one of our services, when you sign an agreement with us for the use of our services, or when you want to know more about our services via, for example, newsletters or demos. We may also collect data about you from your employer, if your employer is one of our customers or vendors.

We process the following personal data about you:

Processing of your personal data takes place for the following purposes:

• in order for us to provide, perform, and improve our services to you
• in order for us to fulfil our obligations under applicable laws and regulations, such as required reporting
• in order for us to communicate and send marketing materials and other information about our services to you

The legal bases for our processing of your personal data are:

• that processing is necessary in order for us to fulfil our agreement with you or your employer
• that processing is necessary in order for us to fulfil our legal obligations, such as required reporting
• your consent to process your personal data for communication and marketing purposes

Your personal ID number is processed to obtain a secure identification.

We may process your personal data to market and inform you of our services. You may notify us at any time if you no longer wish to receive marketing information by unsubscribing from mailings in a current e-mail.

The Company's starting point is to not disclose your personal data to third parties. However, in certain situations it will be necessary. Your personal data may, for example, be disclosed to vendors with which the Company works in order for them to perform the services we depend on to run our business and provide our services to you.

This mainly concerns the following vendors:

Furthermore, we process customer and vendor information via the system PE Accounting. Other internal systems include Trello and Zendesk as well as marketing through social media, such as Facebook, Twitter, and Instagram.

The Company always takes appropriate steps to ensure that the recipients of your personal data do not process them for purposes other than those set out in this appendix, and that processing is carried out in a secure manner.

Our goal is to make sure that processing of your personal data takes place within the EU/EEA. However, in some cases, for example because we use cloud service providers, your personal data may be transferred to and processed in a country outside the EU/EEA.

If your personal data are processed outside the EU/EEA, we will take all reasonable legal, technical, and organisational steps required to ensure that your personal data are handled and protected in an adequate manner, comparable to the protection offered within the EU/EEA.

The Company will process your personal data as long as the contractual relationship exists and then as long as processing is necessary in order to fulfil the purpose of the processing.

• Customer and vendor information: we retain data for 7 years after termination of the agreement
• Students or course participants: data is erased 5 years after the last active course on the account
• Training materials: erased within 2 years of termination of the agreement
• Maximum retention: your personal data will be retained for a maximum of 10 years from the termination of the agreement. After that, the data will be erased.

Under the General Data Protection Regulation and Swedish law, you have the following rights with respect to your personal data:

Cookies are used on the Company's website. Cookies are small text files stored on the visitor's computer and used to improve your website experience, its functionality, and to analyse how the website is used. For more information on how we use cookies, please visit our privacy policy page.

In your browser settings, you can choose to not allow websites to save and read data in cookies. You can also choose to delete previously stored cookies in your browser. If you choose to restrict the use of cookies on our website, it may affect your experience and its functionality.

We keep this privacy policy constantly updated. Updates to the privacy policy will be available on this website. This privacy policy was last updated on 15/5/2018.