1. Our core beliefs behind this policy
- User privacy and data protection are fundamental to everything we do. You can always get a full record of the information we have stored about you, and you can request this information to be corrected or deleted.
- We hate spam, probably even more than you do.
- We will never sell, rent or otherwise distribute or make public your personal information.
- You always have the right to change your mind about which data you allow us to keep about you, and to object if you feel we are processing your personal data in a way you disapprove of. You have the right to demand that any request you may have is reviewed manually instead of automatically, and you have the right to have your data transferred to any other data controller of your choice.
2. Relevant legislation
Along with our business and internal computer systems, this website is designed to comply with the EU General Data Protection Regulation 2018 (GDPR) and the Swedish Data Protection Authority’s Förklaring av Dataskyddsförordningen with regards to data protection and user privacy.
This site’s compliance with the above legislation means that this site is likely compliant with the data protection and user privacy legislation set out by many other countries and territories as well. If you are unsure about whether this site is compliant with your own country of residences’ specific data protection and user privacy legislation you can contact our data protection officer (details of whom can be found in section 8) for clarification.
3. Personal information that this website collects and why we collect it
This website collects and uses personal information such as your IP address, which browser you are using, your geographical location, and your email address, based on four lawful bases:
- Consent (when you add yourself to our list of interest),
- Contract (when you use our demo),
- Legal obligation (when we need to keep records of transactions for tax reasons),
- Legitimate interest (when we track site visits).
To be more specific, we collect your personal data for the following reasons:
3.1 Site visitation tracking
Like most websites, this site uses Google Analytics (GA) to track user interaction. We use this data to determine the number of people using our site, to better understand how they find and use our web pages and to see their journey through the website. This processing is done with legitimate business purpose as it enables us to enhance, modify, personalize or otherwise improve our services and communications for the benefit of our users. Your GA data will be saved until we no longer have legitimate interest to keep it or until you ask us to delete your information.
Although GA records data such as your geographical location, device, internet browser and operating system, none of this information personally identifies you to us. GA also records your computer’s IP address which could be used to personally identify you but Google do not grant us access to this. We consider Google to be a third party data processor (see section 5 below).
In addition to Google Analytics, this website may use third party services such as Facebook Pixel to collect user data. This can include usage of cookies, web beacons and other storage technologies to collect or receive specific types of information with the aim to analyze the sites internal visitor statistics and behavior. No personal information is contained in or collected as a result of using these cookies or pixels. If you would like to opt out of this data collection contact us at email@example.com
3.2 Contact forms and email links
Should you choose to contact us using the contact information on our website or through a an email link like this one, none of the data that you supply will be stored by this website or passed to/processed by any of the third party data processors defined in section 5. Instead the data will be collated into an email and sent to us over the Simple Mail Transfer Protocol (SMTP). However, not all mail servers can be considered secure, why we would suggest that you always consider email as an insecure medium and not include personal, confidential or otherwise sensitive information within an email.
3.3 List of interest
If you choose to sign up on our list of interest, the email address that you submit to us will be forwarded to MailChimp who provide us with email marketing services. We consider MailChimp to be a third party data processor (see section 5 below). The email address that you submit will not be stored within this website’s own database or in any of our internal computer systems.
Your email address will remain within MailChimp’s database for as long as we continue to use MailChimp’s services for email marketing or until you specifically request removal from the list. You can do this by unsubscribing using the unsubscribe links contained in any newsletter-style emails that we send you or by requesting removal via email. When requesting removal via email, please send your email to us using the email account that is subscribed to the mailing list.
While your email address remains within the MailChimp database, you will receive periodic newsletter-style emails from us.
3.4 Online demo
Connected to our website we also have the subdomain https://demo.ceretai.com where we allow users to test our technologies for a limited amount of trials. When you use this demo site you are asked to fill in your email address so we can send you the results of the analysis. When doing so, we also add your email to our list of interest (see section 3.3 above).
The video or audio clip that you upload for analysis is saved on our servers (see section 4 below) only until the analysis is complete, and is then permanently deleted. As stated in our Terms and Conditions, we do not take any responsibility for the content you upload.
4. About this website’s server
This website is hosted by Miss Hosting within a data center located in Stockholm, Sweden.
Full details of Miss Hosting’s data center can be found here.
All traffic (transferral of files) between this website and your browser is encrypted and delivered over HTTPS.
5. Our third party data processors
We use a number of third parties to process personal data on our behalf. These third parties have been carefully chosen and all of them comply with the legislation set out in section 2. All four of these third parties are based in the USA and are EU-U.S Privacy Shield compliant.
6. Data Breaches
We will report any unlawful data breach of this website’s database or the database(s) of any of our third party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.
7. Data Controller
The data controller (personuppgiftsansvarig) of this website is Ceretai AB, a Swedish limited company with registration number 559177-7403, whose registered address is:
191 43 Sollentuna
8. Data Protection Officer
The data protection officer (dataskyddsombud) is:
CEO Ceretai AB
Telephone: +46 707 35 15 32
9.1 Change log
May 29, 2019 – version 1.0