Privacy Policy

Introduction

We at AY Plus AB, a Swedish company with address Tavastgatan 5, 118 24 Stockholm, Sweden (“Addyou”) respect your privacy and have therefore drawn up this privacy policy to inform you about how and what personal data we collect, and how it subsequently is used.

Regarding personal data that is collected and/or processed in accordance with this privacy policyAddYou is the personal data controller.

The purpose of this privacy policy is to explain how we collect, store, use, transfer, disclose or process your personal data. Personal data in this privacy policy refers to information that can be used to identify you, either directly or indirectly, such as your name, location data or various online identifying elements.

This privacy policy applies to the app and software solution that we at AddYou provide you with as a user, as well as to related services or products, such as specific websites or the like (the app, software solutions and related services hereafter collectively referred to as the"Services").

If within the Services you click on a link or any advertisement provided by a company other than AddYou, you will leave the Services, and any personal data you subsequently provide to other companies is not covered by this privacy policy.

AddYou reserves the right to change this privacy policy at such time as AddYou deems appropriate, by uploading an updated version either directly in the Services or online athttps://app.addyou.se/privacy-policy

You should therefore regularly read through this privacy policy to ensure that you have an up-to-date picture of our approach. If we make significant changes to this privacy policy, we will also notify you, either directly through the Services, or via another appropriate means of communication, such as e-mail.

Your rights regarding your personal data

The EU's data protection regulation ("GDPR" - General Data Protection Regulation) gives you certain rights in relation to your personal data. These rights are found, mainly, in chapter three (3) of the data protection regulation, and consist of:

  • Right of access - You have the right to request information regarding whether we process your personal data, and if we do, you have the right to know what personal data we process.
  • Right to rectification - You have the right to request that we correct or supplement incorrect or incomplete personal data relating to you.
  • Right to erasure (“the right to be forgotten”) - You have the right to request that we delete your personal data. Note that we may retain certain data that is necessary to handle disputes, enforce user agreements, protect our legal rights and to comply with technical and legal requirements, and restrictions in connection with the security and continued operation of the Services.
  • Right to restriction of processing - You have the right to request that we temporarily or permanently stop processing parts or all of your personal data.
  • Right to data portability - You have the right to request, and receive, a copy of your personal data for the purpose of moving the data to another service provider.
  • Right not to be subject to automated processing - You have the right not to be subject to decisions based solely on automated processing. This includes profiling that produces legal effects on you or otherwise has a significant effect on you.
  • Right to withdraw consent - You have the right at any time to withdraw such consent that you have given for the processing of personal data, without this affecting the legality of the processing of personal data carried out during such time when your consent was valid.
  • Right to object - You have the right to object to the processing of your personal data for a specific purpose, or to your personal data being used for direct marketing.
  • Right to lodge a complaint with a supervisory authority - If you believe that AddYou has restricted your rights or otherwise failed to comply with the Data Protection Regulation, you have the right to lodge a complaint with a supervisory authority, primarily an appropriate authority in the Member State in which you are located or are permanent resident of.

If you have questions regarding privacy, your rights or how to exercise your rights, you can contact us using the contact information provided under the “CONTACT US” section below. If you object to, or are concerned about, how we handle your personal data, we hope that you are willing to deal with such potential problems with us in the first instance. However, should it happen that you want to contact the relevant authority, you can investigate which supervisory authority is best suited to contact in your situation. If you are a Swedish citizen, or are in Sweden, you can contact the Swedish Privacy Protection Agency ("IMY"), which is the Swedish supervisory authority for privacy-related questions and complaints. You can reach IMY in the following way:

Telephone:

08-657 61 00

Post:

Integritetsskyddsmyndigheten, Box 8114, 104 20 Stockholm

E-mail:

imy@imy.se

The data we collect and use

Below, we have put out the categories of personal data we process in table form, a description of that category, the legal foundation we use for the processing of such data, and the purpose of that collection/processing. If you object to, or have further questions about, e.g. A purpose for a particular processing of personal data, or would like a more detailed description of any of the texts below, please contact us in accordance with the information specified under the section "Contact us". Personal data we collect from you

Categories of personal dataDescriptionLegal foundationPurpose
Voluntarily specified personal dataPersonal data such as your e-mail, your name, technical information regarding your hardware and other data that you voluntarily submit to us, either when you fill in information on a free text page, or when submitting a request for assistance (eg . Technical assistance) through the services.Consent (GDPR Art. 6 (1) (a)) legitimate interest (GDPR Art. 6 (1) (F))There are pages within the services in which you as a user are free to freely fill in information completely according to your own discretion. To the extent that such pages are filled in with personal data, we will have access to relevant personal data, and it will be processed and stored on the basis of your, adopted from us, consent. It is important to point out that there is no such page that requires you to fill in personal information about yourself. Furthermore, if you contact us for technical help, it may be necessary for us to collect a certain amount of data from the software and/or hardware you use, to deal with the problem in question. We do this partly on the basis of consent, but we also believe that we have a legitimate interest in there.

Personal data that we collect from sources other than you

In addition to what is described in this privacy policy, neither we collect nor receives personal data from any third party. If this were to change, we will make appropriate changes to this section.

Sharing your personal data

At the moment, we do not share any of your personal data to any third party, insofar as we receive personal data from you at all. If this would change, we will make appropriate changes to this section.

Transfer of data to third countries

We do not transfer any personal data to any third party. Any personal data stored/processed by us is processed within the EU/EEA, and thus is not transferred to any third country. Thus, the rules of the Data Protection Regulation on the transfer of personal data to third countries are not applicable.

Security measures

We implement appropriate technical and organizational security measures to ensure that your personal data is collected, processed and stored as safely as possible. However, it is important to point out that no security system is perfect, and you can never guarantee total security, and you should therefore be careful about what data you share online.

We rely, to the extent that the current, exclusively on total anonymization of all personal data we collect, processes or stores, as our approach to protecting your personal data.

Storage and deletion of personal data

Since we anonymize all personal data before we store such personal data in the long term, we have no internal policy for how long or in what way we store data. This is when anonymized data falls outside the applicability of the Data Protection Regulation and its possible regulation of the storage of personal data.

To the extent applicable, we will delete personal data that we process in order to fulfill an agreement with you or which we process on the basis of consent, in case you cancel the relevant agreement with us, withdraw your consent (to the extent that the current one, see Also "right to take back consent" above), or in the event you request that we delete your personal data in accordance with this privacy policy. However, we may retain some information in the event that we continue to have a legitimate interest in processing such personal data. For example, to manage disputes, the maintenance of user agreements, or to comply with legal requirements.

Google Health Connect

The Use of Information Received From Health Connect Will Adhere to the Health Connect Permaid Policy, Including The Limited Use Requirements.

The use of information received from Health Connect will comply with Health Connect Permissions policy, including the requirements for limited use.

AY Plus AB only stores if your set step goal is achieved. This is to be able to obtain a correlation between movement, goal fulfillment and mood. This correlation will not be linked to your personal data.

Contact Us

If you have questions, complaints, or comments on how we process your personal data or this privacy policy, please contact us as follows:

Jenny Åkesson

Tavastgatan 5, 118 24

Stockholm, Sverige

admin@addyou.se