Cadcraft GDPR Policy

Privacy Policy

 

At Cadcraft, we collect and use some of your personal data. In this policy we explain how and why we collect, store, process and share your personal data. In this policy we also inform you of your rights in relation to the personal data which is collected or given to us from you.

For more information on which cookies we use and allow from third parties, please see our Cookie Policy. For more information about the Services we provide, please see our Terms and Conditions.

 

1.      About the Privacy Policy

This Privacy Policy applies to all of the services from Cadcraft, whether you visit our website, purchase and/or use our products and/or services (hereinafter the “Services”) or any other contact with us.  

Our use of personal data is regulated by the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, also known as the General Data Protection Regulation (hereinafter referred to as “GDPR”).

In this Privacy Policy, the terminology shall have the same meaning as in article 4 of GDPR.

Terms starting with a capital letter, such as the term “Agreement”, are defined in our Terms and Conditions and have the meaning assigned to them also when appearing in this Privacy Policy, and, when not already defined, defined herein.

 

2.      Our Use of Your Personal Data

The Services are provided by Cadcraft AB, 556703-7113, [address], Sweden (hereinafter the “Provider”). The Provider is the “data controller” of any personal data Cadcraft may collect, process and hold about you, unless we inform you otherwise.

In order to provide the Cadcraft-services, we collect, use and share your personal data. Some of our use can be regulated by you in your chosen privacy settings in your browser.

 

2.1.   What Personal Data Do We Process?

We will process personal data about you and, if applicable, your physical representatives such as:

  • personal name, personal ID-number, user name, passwords, email address, telephone number, technical data and metadata relating to any other personal data that You or the physical representative provide us with;
  • voice recordings, or chat conversations;
  • data related to your orders and other information connected therewith; and
  • data sent by your device, device data such as date/time, authentication state and error.

 

2.2.   Why and for How Long Do We Process Data?

We process personal data for the following purposes:

  • to provide and administer Your account and the Services and to otherwise fulfil the Agreement with You;
  • to personalize and improve Your experience with the Services and to send You alerts or messages by e-mail or otherwise, including promotional alerts and messages;
  • to enable your participation in interactive features of our Services;
  • to inform You via e-mail or otherwise about updates of the Services, including updates of the Agreement;
  • to provide customer care and support;
  • development, analysis and research to improve the Services;
  • to monitor and prevent use of the Services in breach of the Agreement;
  • to detect, prevent and address technical issues;
  • to fulfil requirements by law, and
  • to provide You with marketing of products and Services.

We will keep your personal data for as long as required by law or, if applicable, for the period of time we need it for the purpose it is being processed for. After that time has passed, your personal data will be deleted or anonymized.

 

2.3.   Legal Grounds for Processing Personal Data

Our processing is lawful due to the following legal grounds, which are each applicable either on its own, or together with other grounds:

  • When processing is necessary for ours and your performance of the agreement;
  • For compliance with our legal obligations;
  • When found necessary in order to protect the vital interests of you or another natural person;
  • When found necessary for the purpose of our or a third-party legitimate interest; or
  • Your given consent to our processing for the above-mentioned purposes (section 2.2), where the Provider does not rely on another legal ground.

 

2.4.   With Who and Where Do We Share Your Personal Data?

We share your personal data internally and with selected third-parties, for example service providers, sub-contractors and other third-parties as well as in case of business transfers or legal disclosure.

We may need to transfer your personal data to countries outside the European Economic Area (EEA). The EEA consists of countries in the European Union, Switzerland, Iceland, Liechtenstein and Norway: they are considered to have equivalent laws when it comes to data protection and privacy.  This kind of data transfer may happen if our servers (i.e. where we store data) or our suppliers and service providers are based outside the EEA, or if you use our services and products while visiting countries outside this area.

Currently, we share data with:

  • Partners;
  • Service providers (such as providers of technical infrastructure, analyzing tools, customer services, surveys or financial assistance); and
  • Law enforcement or due to legal requests

 

3.      Security of Your Personal Data

We continuously review and improve our measures of protection for your personal data from unauthorized access, accidental loss, disclosure or destruction. 

At Cadcraft, only authorized personnel who requires access to you personal data may use your personal data. We use encryption and are keeping track of recommended security measures with regard to our specific environment and are regularly reviewing our environment to make sure it is up to date with the latest version and patches.

If we transfer personal data to a country outside of the EEA, we will make sure that your information is properly protected. We will always ensure that there is a proper legal agreement that covers the data transfer. In addition, if the country is not considered to have laws that are equivalent to EU data protection standards then we will ask the third party to enter into a legal agreement that reflects those standards. If applicable, we utilize the standard contractual clauses approved by the European Commission and further rely on the European Commission’s recommendations on required measurements for transfer of personal data to certain countries outside the EEA.

We would like to inform you that, communications over the internet (such as e-mails) aren’t secure unless they’ve been encrypted. Your communications may go through a number of countries before being delivered, as this is the nature of the internet.

We would also like to inform you that no method of transmission of data over the Internet, or method of electronic storage is 100 % secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee absolute security.

We do not accept responsibility for any unauthorized access or loss of personal information that is beyond our control, including but not limited to, links to third-party websites, plug-ins or third-party content. We do not take responsibility for the security and content of any third-party websites. The same applies to any third-party websites or content you connect to using our products and services. Social plug-ins and social applications are operated by the social network themselves and are subject to their own terms of use and privacy and cookies policies. You are responsible for keeping your personal and account information secure and not sharing it with others.

 

4.      Changing Your Preferences

We want you to be in charge of your personal data and strive to make that possible.

Through the Profile Settings in your account at Cadcraft, you have the ability to […].

If you delete your account, we remove your personal data unless, it is required by any legal grounds mentioned above in section 2.3, and you won’t be able to recover that information at a later time.

 

5.      Children’s Privacy

Our Services does not address anyone under the age of 13 and we do not knowingly collect and/or use Personal Data which relates to children under the age of 13. If it comes to our knowledge, we will take action and remove this data.

If you want to use our services and are between the age of 13 – 18, please have your legal guardians contact us if you don’t fully understand this Privacy Policy.

 

6.      Your Rights Under GDPR

Under GDPR, you are entitled to:

  • have your data processed in a fair, lawful and transparent way;
  • be informed about how your personal data is being used, an example being this privacy policy;
  • access personal data we hold about you;
  • require us to correct any mistakes in your personal data;
  • require us to delete personal data concerning you in certain situations where we have no lawful ground for us to continue to process it;
  • request that we transfer your personal data to you or another service provider in a simple, structured format;
  • object at any time to processing of your personal data for direct marketing purposes;
  • object to automated decision making which produces legal effects concerning you or similarly significantly affects you;
  • object in certain other situations to our continued processing of your personal data; and
  • otherwise restrict or temporarily stop our processing of your personal data in certain circumstances.

You are entitled to, once a year, upon a written and signed request receive a copy of your personal data we process.

If you have any questions about this Privacy Policy, have a complaint or a request, or want to speak with us in relation to any of your rights, please contact us:

 

Address:

Cadcraft AB

Teknikgatan 2

504 62 Borås

Sweden

 

E-mail: gdpr@Cadcraft.com

 

If you are unhappy with our services, and we were unable to help you, you can lodge a complaint at the Swedish Data Protection Authority, which is the Swedish data protection regulator. Their details can be found at  https://www.datainspektionen.se, or contact them via e-mail at datainspektionen@datainspektionen.se or via mail at Datainspektionen, Box 8114, SE-104 20 Stockholm, Sweden.  

 

7.      Changes to This Privacy Policy

 

This Privacy Policy may be subject to change and updates from time to time. If any significant changes are being made, we will inform our registered users and the new version will be posted on this page. Please make sure to regularly check this Privacy Policy to ensure that you have the updated version. If you find that any of our changes or amendments are not acceptable you must stop using Cadcraft and inform us whether you would like to exercise any of your rights under GDPR.