Data Protection and Privacy Policy

This data protection and privacy policy (the “Policy”) describes how Skillspark AB (“us”, ”we” or ”our”) collects and processes personal data relating to the general use of our website.

Data controller

Skillspark AB
22 Västergatan
211 21 Malmö

Sweden

Company registration number: 559328-2824

1. Introduction

1.1 This data protection and privacy policy (the “Policy”) describes how Skillspark AB (“us”, ”we” or ”our”) collects and processes personal data relating to the purchase of services, membership, products or general use of our website.

1.2 The Policy is prepared and made available to comply with the EU general data protection regulation (2016/679 of 27 April 2016) (the ”GDPR”) and the rules included herein on information to be provided to you.

 

2. Collecting personal data with cookies

2.1 By visiting and using our website(s), cookies are collected and used on the basis of consent. Information in these cookies include browser type, search terms on our website(s), search terms on other website(s), IP address. We also collect the type of computer and technical information about means of connection to our website, such as the operating system and the Internet service providers’ utilized and other similar information (hereinafter "Cookiedata").

2.2 Cookiedata is used for improvement of the website(s) and the user experience, to deliver our products, services or goods, administration of customer relationships in general (orders, purchase history, invoicing etc.), customer support and targeted marketing.

2.3 If you wish to limit or decline the cookies placed on your computer when visiting our website, you can do so at any time by changing your consent in the cookie box. You will find a shortcut to the cookie box in the left corner of the website. However, you should be aware that if you decline or reject cookies it may impact the functionality of the website. Any browser also allows that you delete cookies collectively or individually. How this is done depends on the used browser. Remember to delete the cookies in all browsers if you use several different browsers.

2.4 How long the cookies are stored on your computer varies according to the following information:​

Name of the cookie / Purpose / Duration / Cookie type

fedops.logger.sessionId / Used for stability/effectiveness measurement / 12 months / Essential

wixLanguage / Used on multilingual websites to save user language preference / 12 months / Functional

bSession / Used for system effectiveness measurement / 30 minutes / Essential

TS* / Used for security and anti-fraud reasons / Sessions / Essential

smSession / Used to identify logged in site members / Session / Essential

consent-policy / Used for cookie banner parameters / 12 months / Essential

XSRF-TOKEN / Used for security reasons / Session / Essential

hs / Used for security reasons / Session / Essential

svSession / Used in connection with user login / 2 years / Essential

SSR-caching / Used to indicate the system from which the site was rendered / 1 minute / Essential

 _wixCIDX / Used for system monitoring/debugging / 3 months / Essential

 _wix_browser_sess / Used for system monitoring/debugging / Session / Essential

3. Types of personal data processed

3.1 We process personal data about you when this is necessary and in accordance with the applicable legislation, including: IP Address, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform or other identifiable personal data only when it is voluntarily submitted.

Furthermore, we collect technical information about your visit including Uniform Resource Locators (URL) clickstream, length of visits to certain pages and page interaction information (such as scrolling, clicks, and mouseovers).

3.2 We do not collect sensitive personal data (so-called "special categories of personal data"), and we therefore only process such data if you send them to us on your own initiative.

3.3 As a general rule, we only collect personal data about you from you. If specific circumstances allow or require us to collect personal data about you from someone else than you, we will inform you hereof, which may be done by updating this Policy.

3.4 If we need to collect more personal data than what is specified above, we will inform about this. Such information may be provided by our updating of this Policy.

 

4. Purposes for processing the personal data

We only process personal data for legitimate purposes in accordance with the GDPR. Depending on the circumstances, the personal data is processed for the following purposes:

  • To deliver products or services to a user, customer or member.

  • To answer enquiries or complaints from users, customers or members.

  • To give support and service messages, including answering questions and complaints and send updates about our products and services.

  • To improve our products, services or website.

 

5. Legal basis for processing personal data

We only process your personal data when we have a legal basis to do so in accordance with the GDPR. Depending on the specific circumstances, the processing of personal data is done on the following legal basis:

  • If we have asked for a consent for the processing of specific personal data, the legal basis for such personal data is a consent, cf. article 6(1)(a) of the GDPR, as the consent can always be withdrawn by contacting us via the contact details provided at the end of this Policy, and, if the consent is withdrawn, the personal data processed on the basis of consent is deleted, unless it can or must be processed, for example, in order to comply with legal obligations.

  • The processing is necessary for the purposes of the legitimate interests where such interests are not overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, cf. the GDPR, article 6(1)(f).

 

6. Disclosure and transfer of personal data

6.1 We only pass on personal data to others when the law allows it or requires it. Our company is part of a concern/company group where personal data is shared between the group companies depending on the circumstances.

6.2 We transfer personal data to the following recipients from the EU/EEA:

  • (a) Banks (for example in connection with payments etc.).

  • (b) Data processors.

  • (c) Suppliers.

  • (d) Collaborators.

6.3 We may transfer personal data to affiliate or subsidiary companies, as well as employees and service providers in charge of or involved in the operation of the Website (administration, sales, marketing, legal, system administration), as well as agents, and professional advisors. Furthermore, we may transfer personal data to external business partners, vendors, suppliers in order to deliver a service to us or on the behalf of us, such as third party technical service providers, mail carriers, hosting providers, IT companies, communications agencies in order to assist in processing the personal data.

6.4 From time to time we use external companies as suppliers to deliver assist us in delivering our services. The external suppliers will not receive or process personal data unless the applicable law allows for such transfer and processing. Where the external parties are data processors, the processing is always performed on the basis of a data processor agreement in accordance with the requirements hereto under GDPR. Where the external parties are data controllers, the processing of personal data will be performed based on said external parties’ own data privacy policy and legal basis which the external parties are obligated to inform about unless the applicable legislation allows otherwise.

6.5 We transfer personal data to countries or international organizations outside the EU/ EEA.

6.6 If personal data is transferred outside of the EEA we ensure an adequate level of security by transferring to countries approved by the European Commission as having an adequate level of protection, or by entering into appropriately-drafted contract between us and the non-EEA entity receiving the data.

 

7. Erasure and retention of personal data

We ensure that the personal data is deleted when it is no longer relevant for the processing purposes as described above. We also retain personal data to the extent that it is an obligation from applicable law, as is the case with for example accounting and bookkeeping materials and records. If you have any questions about our retention of personal data, please contact the email mentioned at the bottom of this Policy.

 

8. Data subject rights

8.1 Data subjects have a number of rights that we can assist with. If a data subject wants to make use of his or her rights, he or she can contact us. The rights include the following:

8.1.1 The right of access: Data subjects have a right to ask for copies of the information that we process about them, including relevant additional information.

8.1.2 The right to rectification: Data subjects have a right to ask for rectification of inaccurate personal data concerning him or her.

8.1.3 The right to erasure: In certain circumstances data subjects have a right to obtain the erasure of personal data concerning him or her before the time when erasure would normally occur.

8.1.4 The right to restrict processing: Data subjects have, in certain situations, a right to have the processing of his or her personal data restricted. If a data subject has the right to have the processing of his or her personal data restricted, such personal data shall, with the exception of storage, only be processed with the data subject’s consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest in the European Union or of a European member state.

8.1.5 The right to object: Data subjects have, in certain situations, a right to object to the legal processing of his or her personal data. Objection can also be to the processing of personal data for the purpose of direct marketing.

8.1.6 The right to data portability: Data subjects have, in certain situations, a right to receive his or her personal data in a structured, commonly used and machine readable format and have the right to transmit those data to another data controller without hindrance from the data controller to which the personal data has been provided.

8.2 More information about data subject rights can be found in the guidelines of the national data protection authorities.

If a data subject wishes to make use of his or her rights as described above, the data subject is asked to use the contact details provided at the end of this Policy.

We strive to do everything to meet wishes regarding our processing of personal data and the rights of data subjects. If you or others despite our endeavors wish to file a complaint, this can be done by contacting the national data protection authorities.

 

9. Changes to this Policy

9.1 We reserve the right to update and amend this Policy. If we do, we correct the date and the version at the bottom of this Policy. In case of significant changes, we will provide notification in the form of a visible notice, for example on our website or by direct message.

 

10. Contact

10.1 If you have questions or comments to this Policy or if you would like to invoke one or more data subject rights, please contact us at info@skillspark.com.

This is version 1, last updated 16.01.2022.

 

Yours sincerely,
Skillspark AB