The policy concerns the data controller Samnytt with the organization number 802474-0410.

Basic Principles We at Samnytt are committed to respecting your personal privacy and protecting your personal data in accordance with the terms and procedures set out in this document. You also have statutory rights under the EU’s General Data Protection Regulation (“GDPR”), which replaced the Swedish Personal Data Act on May 25, 2018. Under the section “Correction, Access, and ‘Right to be Forgotten'” below, we describe how you can exercise some of the key rights the regulation grants you against us.

According to the GDPR, we cannot process personal data without your explicit consent, unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or if it is for the establishment, exercise, or defense of legal claims. A complete list of the processing that you consent to by accepting this policy can be found under the section “Use of Personal Data” below.

In summary, this policy means that you agree to processing that enables or facilitates the delivery, sale, marketing, or payment of our own products, as well as the processing of personal data and cookies for login and statistical purposes on our websites.

Nothing in this policy means that you agree to us selling your personal data to third parties to market anything other than our own products to you.

Collection of Information Through our websites, you can access free daily news content. In applicable cases, a third-party service may ask you to provide your name, billing address, email address, or other details necessary for donations to the association. If you order or pay for a product or service, we will process information about the transaction and the personal data associated with it, in accordance with the Swedish Accounting Act and good accounting practice in Sweden. We also continuously collect information about visits to our website, including technical information such as browser type and device, for statistical purposes. Your email address and the message you write to us are also recorded when you email our customer service and are saved as long as there might be a need to follow up on your case. We may use your email address to inform you about our services or your relationship with us, for example, to tell you about upcoming changes or improvements.

Third-Party Processing of Personal Data When you visit our websites or use our services, we hire subcontractors to provide content, receive payments, or communicate with you, as well as for statistical purposes. We commit not to pass your personal data to any party not covered by the GDPR unless satisfactory protection for the data can be guaranteed in another way, for example, through equivalent legislation or confidentiality agreements with us. Below we report how your personal data is processed by our main subcontractors.

Samnytt manages our invoice administration and accounts receivable. The company is fully covered by this privacy policy and by the GDPR.

Bankgirocentralen BGC AB mediates donation payments via bank giro to Samnytt. The company is based in Sweden and is covered by the GDPR. The data in each payment is further protected according to the rules on personal data and confidentiality in the Swedish law (2010:751) on payment services. Our technical environment achieves the highest protection level (A+) in Qualys SSL Labs’ grading of server security for SSL and TLS.

Skandinaviska Enskilda Banken AB (publ) is a Swedish bank where Samnytt is an account holder. SEB may receive information about payments made via bank giro or direct transfer to a bank account through the bank giro. The information is covered by the GDPR and by Swedish banking secrecy according to the law (2004:297) on banking and financing operations.

Paypal S.à r.l. is an electronic payment intermediary based in Luxembourg whose operations are covered by the GDPR. The company mediates customer payments via account and credit cards. Your personal data is further protected in accordance with the company’s privacy policy for PayPal services.

Stripe Inc. is an electronic payment intermediary based in the USA whose operations are covered by the GDPR. The company mediates customer payments via account and credit cards. Your personal data is further protected in accordance with the company’s privacy policy for Stripe services.

Swish is a mobile application for transferring money, launched in December 2012 by Getswish AB. Your personal data is processed in accordance with the Personal Data Act (PUL) and, from May 2018, in accordance with Regulation 2016/679 (EU)(“GDPR”) and banking secrecy.

Google, Inc. is an American company that handles statistics on visitors to our websites. As a result, Google gains access to technical information that your computer and its software can emit, such as IP address, browser type, cookie content, browser plugins, installed fonts, and so forth. The company’s handling of personal data is governed by Google’s privacy policy. Furthermore, through a standardized additional agreement with us, Google has declared itself bound by the GDPR and committed to deleting information about you upon your request, even if we do not offer a technical solution to delete information from Google directly through us.

Cookies A cookie is a piece of text that, with your permission, can be placed on your computer. If you agree to this, your browser will add the text in a separate file. Samnytt may use cookies to facilitate traffic analysis on our websites by knowing who has visited a certain site at a given time. Cookies are also used to store your settings and manage logins if you have an account on any of our websites. You can set in your browser settings whether you accept cookies to be placed on your device or not. You can also choose to delete cookies that have been placed on your device at any time.

Security Samnytt protects your personal data through technical and organizational security measures. To prevent unauthorized access and ensure the accuracy of the information, we use various forms of encryption technology when processing sensitive information, such as credit card details. Our payment partners, PayPal Inc and Stripe, meet the security requirements of PCI-DSS (Payment Card Industry Data Security Standard), which is a global concept for mandatory data security standards for handling card information, developed by the payment card industry. Access to a personal account on the websites provided by Samnytt requires a personal username and password. You are responsible for keeping your password secure to prevent unauthorized access. If you share a computer with others, you should always log out to protect your information relative to other users of the computer.

Use of Personal Data By registering and/or ordering, you consent to Samnytt processing data about your use of the service and the contact details you provide. You also understand that companies that Samnytt may collaborate with, such as providers of telephony and internet connections, can access your personal data, such as your IP number or telephone number, in connection with your use of our services. When or if such data is made available to an organization that Samnytt collaborates with, Samnytt ensures that the disclosure of the data to the provider does not violate the GDPR.

The data is stored and used for Samnytt to fulfill its obligations to you and to better meet your needs as a customer and provide you with better service, including by making the website as personalized as possible. When you are a customer of ours, your personal data is also collected and processed to document that we and our staff comply with current consumer protection legislation and to be able to follow up when we have the right to be paid in applicable cases. For example, data is saved to document that we handle sales, customer service issues, complaints, and payments in the way we have agreed with you, and to follow up on billing and reminder management.

On the websites provided by Samnytt, material from, among others, Twitter, Facebook, and other companies is used. It occurs both that the material can be opened directly on our websites (so-called “embedded material”) and in the form of clickable links (“linked material”). When the material is provided directly from these companies’ websites, whether it is linked or embedded material, the companies have the opportunity to collect technical data about you, such as IP numbers, beyond Samnytt’s control. This privacy policy does not regulate how providers of linked or embedded material handle your personal data. In most cases, however, embedded material is prevented, through the default settings in your browser, from setting cookies that can track you on other websites. However, it is not possible to prevent your IP address from being visible to those providing embedded or linked material. Since we want to be able to use all kinds of material, even those published outside the EU, in our news reporting, we may also use embedded or linked material from third parties not covered by the GDPR. If you do not accept this, you should set your browser to not allow embedded material on our websites and not click on links leading out from our website, or alternatively refrain from visiting the websites we provide.

Any data that Samnytt itself collects is also stored and used for information and marketing purposes, but only as far as our own products and services are concerned. This means that Samnytt may, unless you have written to the contrary, use your personal data to contact you through direct marketing or market research regarding our own products.

Samnytt and its affiliated companies will not, without your consent, pass on information about you other than if required by legislation, if it is necessary in connection with your ordering a product or service, or if Samnytt considers it necessary to protect and defend the rights or property belonging to you, Samnytt, or our affiliated companies.

In the event of non-payment, where Samnytt or AltM Consulting has sold a product or service, Samnytt has the right to send a free reminder via SMS if your mobile number is registered with us, or to other numbers registered in your name with Eniro or equivalent services. When reminders, demands, or invoices are sent by post, Samnytt is indicated as the sender. If payment is not made despite demands and reminders, Samnytt has the right to obtain a credit report and to take legal action to get paid, even though your name, personal identification number, and contact details will then appear in public documents. That our processing of personal data in this case is allowed follows from Article 9, paragraph f, of the GDPR.

Correction, Access, and “Right to be Forgotten” Samnytt, Box 5385, Stockholm is the data controller in accordance with the GDPR. The GDPR gives you the right to request access to a copy of the data we process about you for free.

If such data is processed, written information will be provided about which personal data about you are processed, from where these data have been obtained, the purposes of the processing, and to which recipients or categories of recipients the data have been disclosed.

Samnytt is also obliged, upon your request, to correct, block, or delete such personal data that has not been processed in accordance with the GDPR. You also have the right to withdraw your consent at any time. Further personal data about you that requires consent will then not be processed.

If you want to access these data or have other questions regarding our processing of personal data, please contact us at the following address:

Samnytt
Box 5385
102 49 Stockholm
Sweden

Note that you should provide contact details that enable us to quickly verify your identity, so that the disclosure of the data is not delayed.

Personal Identification Number We do not process information about your personal identification number, except in the few cases where it is necessary for us to securely identify you. We do not process any sensitive personal data about you (such as health information) and other protected data (such as about your finances) are only processed when needed for specific purposes (for example, to grant you credit).

Policy Changes This policy may be updated by us by announcing changes on our website samnytt.news or by email to you. Depending on what the change entails, it may either require your explicit approval or, if it is compatible with the GDPR and other legislation, 14 days to pass from when we first announce the change or email it to you. You always have the right to object to the policy change by contacting us within 14 days from when the update was first announced on the website or sent to you.