1. Introduction
SecuraPilot ("we", "us", "our") respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, and protect your personal data when you use our platform.
We comply with the EU General Data Protection Regulation (GDPR) and Swedish data protection legislation to ensure that your information is handled securely and responsibly.
2. Data Controller
SecuraPilot is the data controller for the processing of your personal data.
Company name: SecuraPilot
Organization number: [Org.nr]
Address: [Company Address]
Email: privacy@securapilot.se
3. What personal data do we collect?
We collect the following types of personal data:
Contact Information
- Name (first and last name)
- Email address
- Phone number
- Employer information
Company Information
- Organization number
- Company name
- Billing information
- Industry and business area
Usage Data
- Logins and sessions
- Platform activity
- Feature usage
- Security logs
Technical Information
- IP address
- Browser type and version
- Device information
- Operating system
- Screen resolution
4. How do we use your personal data?
We use your personal data for the following purposes:
Service Delivery
- Provide and maintain the SecuraPilot platform
- Manage your user account
- Process and fulfill your requests
- Provide technical support
Communication
- Send important service notifications
- Respond to your inquiries
- Inform about updates and changes
- Send security alerts
Improvement and Development
- Analyze usage patterns
- Improve user experience
- Develop new features
- Detect and prevent abuse
Compliance
- Fulfill legal obligations
- Protect our rights and property
- Prevent fraud
5. Legal basis for processing
We process your personal data based on the following legal grounds under GDPR:
- Performance of contract (Article 6.1.b)
- Processing necessary to fulfill the contract with you, such as providing the service and managing your account.
- Consent (Article 6.1.a)
- When you have explicitly consented to specific processing activities, such as newsletters or marketing.
- Legitimate interest (Article 6.1.f)
- To improve our service, ensure security, and conduct normal business operations.
- Legal obligation (Article 6.1.c)
- When processing is necessary to comply with legal requirements, such as accounting and tax legislation.
6. How long do we store your personal data?
We store your personal data only as long as necessary for the purposes stated in this policy. Specific retention periods:
- Account information
- Throughout the time your account is active, plus 12 months after closure for potential disputes.
- Billing data
- 7 years in accordance with accounting legislation.
- Usage logs
- 12 months for security and analysis purposes.
- Marketing data
- Until you withdraw your consent or request deletion.
8. Your rights
Under GDPR, you have the following rights regarding your personal data:
- Right of access (Article 15)
- You have the right to obtain a copy of the personal data we process about you.
- Right to rectification (Article 16)
- You can request that we correct inaccurate or incomplete data.
- Right to erasure (Article 17)
- You can request that we delete your personal data under certain circumstances.
- Right to restriction (Article 18)
- You can request that we restrict the processing of your personal data.
- Right to object (Article 21)
- You can object to processing based on legitimate interest.
- Right to data portability (Article 20)
- You can request to receive your data in a structured, machine-readable format.
- Right to withdraw consent
- When processing is based on consent, you can withdraw it at any time.
- Right to lodge a complaint with a supervisory authority
- You have the right to file a complaint with the Swedish Authority for Privacy Protection (IMY).
To exercise your rights, contact us at privacy@securapilot.se. We will respond to your request within 30 days.
9. Security
We take the security of your personal data very seriously and use industry standards to protect it:
Technical Measures
- Encryption: End-to-end encryption (AES-256) for data at rest and in transit
- Access control: Strict authorization system with two-factor authentication
- Backups: Regular automatic backups in geographically separated data centers
- Monitoring: 24/7 security monitoring and intrusion detection
- Patching: Regular security updates for all systems
Organizational Measures
- Confidentiality agreements: All staff are bound by confidentiality agreements
- Training: Regular security training for all personnel
- Incident management: Documented processes for security incidents
- Certifications: ISO 27001-certified information security management system
Data Storage
All data is securely stored in data centers located in Sweden and within the EU/EEA, ensuring compliance with GDPR and Swedish legislation.
11. Changes to the privacy policy
We may update this privacy policy from time to time to reflect changes in our operations or legal requirements.
For significant changes, we will:
- Notify you via email to your registered address
- Display a notice on the platform
- Update the "Last updated" date at the top of this page
We recommend that you regularly review this policy to stay informed about how we protect your data.
12. Contact us
If you have questions about this privacy policy, want to exercise your rights, or have other privacy-related questions, please contact us:
Data Controller
VER&IT AB
Organization Number: 556985-1206
Email: privacy@securapilot.se
Data Protection Officer: dpo@securapilot.se
Website: verit.se
We typically respond to inquiries within 2 business days and complete processing within 30 days.
Supervisory Authority
If you are dissatisfied with how we handle your personal data, you have the right to file a complaint with:
Swedish Authority for Privacy Protection (IMY)
Box 8114, 104 20 Stockholm
Phone: +46 8-657 61 00
Email: imy@imy.se
Website: www.imy.se