Skip to main content

Privacy Policy

  • Updated

Last modified: April 21st, 2021

This privacy policy describes how Storykit AB (“Storykit"), with company registration number 556980-8404, process your personal data and what rights you have in connection with it.

We process personal data about individuals who:

  • uses our Storykit services (the “Services”);
  • are contact persons/employees at a company that is a customer or a potential customer of ours or who collaborates with us;
  • subscribes to our newsletters;
  • participates in our physical or digital events;
  • otherwise come into contact with us, for example, contacts our customer service or visits our website; or
  • applies to a job at Storykit.

You can also read about how we use cookies in our Cookie policy.

  1. What personal data do we process?
    1. Personal data in connection with using the Services and customer support errands in relation to the Services

Your right to access the Services is based on that an organization has purchased Storykit licenses from Storykit (the "Customer") and granted you a license to use the Services on behalf of the Customer or that you have received a license to use the Services through our self sign-up services. The Customer is the personal data controller for the processing of personal data on the user accounts that are linked to the Customer and any and all personal data that may be added to the Services by you or any other individual at the Customer when you use the Services to create content. The processing of this personal data is governed by the agreement between Storykit and the Customer.

You will also share certain information directly with us when creating a user account and when you are using the Services. Storykit is the personal data controller for such personal data that we collect, and this section describes the processing of such personal data. 

Categories of personal data:

  • User account data: The Services requires you to create a basic Storykit user account. Thus, we need to collect certain information about you such as name, a unique username of your choice, a password, and an email address.
  • Information about use of the Services: When you use our Services, we collect information about which of these Services you use and how you use them, for example:
    • Interactions with the Services, for example, promotions, sites and work created and how these are distributed and edited over time.
    • Information regarding device, for example, information regarding your hardware and software such as hardware model and operating system version, browser, language, and time zone.
    • Information collected by cookies and other technology. Like most online services and mobile applications, we may use cookies and other technologies such as web beacons, to collect information regarding your activities, browser and device. To learn more about how we use cookies and your options, read our Cookie policy. To learn more about how third-parties use this technology in our Services, see section 5 of this privacy policy.
    • Log data, for example, detailed information regarding your use of our Services, information regarding the device such as the browser type and language, time for access, pages displayed, IP address, identification related to cookies or other technology that can identify your device or browser, pages you visited before or after browsing one of our Services.
    • Information from third party sources. We may also obtain information from third-party sources and combine it with the information we collect through our Services. Information that has been obtained from third parties is protected by us in accordance with the methods described in this policy and in accordance with any additional restrictions that apply to the source of the information. Such third-party sources may vary over time but have previously included: (i) social networks, when providing Storykit access to your information to one or more networks, (ii) partners we collaborate with to offer services or participate in joint marketing activities, (iii) publicly available sources, such as government databases or other data available to the public.

 

    1. Personal data in connection with agreements, other collaborations or when we contact new potential customers

Categories of personal data:

Contact information: e.g. name, phone number, email address and job title. Sometimes, before we reach out to new potential customers, we obtain contact information from search results using generally available online search engines and records. Such information is e.g. employer, job title, name, email and/or job telephone number.

    1. Personal data in connection with physical or digital events, our newsletter, or alumni events

Categories of personal data:

Contact information: In order to register and/or send out invitations to our events or in order to send out our newsletter we process e.g. name, phone number, email address and place of work. If an alumni wants to enrol in alumni events we process personal data such as name, email and previous work title at Storykit. 

Personal information: In order to prepare food for physical events we may process personal information regarding food preferences. 

    1. Personal data in connection with visits on our website 

Categories of personal data:

  • Information about use of our website: We use cookies on our website to collect certain information about your use of our website. The processed information does not identify you directly, however the IP address of your device is processed. See our Cookie Policy for more information.
    1. Personal data in connection with recruitment

Categories of personal data:

  • Contact information: we collect the information a candidate provides to us. These include name, employer, address, CV, personal letter, information regarding education and language skills. If applied through a LinkedIn account, we will also collect the information available on that LinkedIn account. 
  • Personal information: If provided to us in an application, we may process pictures of a candidate. If we proceed with a candidate, we may request the person to conduct personality and logic reasoning tests and we process results of such tests during the recruitment process. If we proceed to signing an employer contract, we also request that the candidate provide us with date of birth/personal identification number. Further, we may also collect information about previous income from publicly available sources, such as government databases, and process such information during the recruitment process. 
  1. What are the purposes of our processing of personal data?
    1. Personal data in connection with using the Services and customer support errands in relation to the Services

We process data to provide and improve the services we offer and to perform necessary business operations. This includes managing the products, maintaining and improving product performance, developing new features, conducting research and providing customer support. Examples of such usage include the following:

  • We use information to be able to provide the Services to you.
  • We use information to provide support services so that you can use our Services.
  • We use data to improve our existing products and services, including by updating features. For example, we use bug reports to improve security features, user behavior, search queries, usage data to determine which new features to prioritize, content on the Services, and placement of relevant content for you on the Services.
  • We use data to protect the security of our products, services, and customers, to detect and prevent fraud and to resolve disputes, and enforce our agreements. We may also block the delivery of a message or remove the content if it violates our terms.

The Services may include customized features that automatically tailor your experience based on information regarding your activities and, with your consent or when permitted by law or contract, your location. The data is linked to one or more markers concerning the type of adaption of the Services and the marketing communication directed at the user, so-called personalization.

We use data to communicate with you. For example, we may contact you by email, telephone, or by other means to inform you when security updates are available, update you on a support matter, inform you that you are required to take steps to keep your account active, or to inform you about an offer that may be of interest to you. 

Further, if we intend to use personal data for a new purpose, in addition to what is described in this privacy policy, you will be informed of such use before, or in connection to the collection of the personal data and we will, when required, request your consent. Alternatively, we will request your consent after such collection but before we use your personal data for a new purpose.

 

    1. Personal data in connection with agreements, other collaborations or when we contact potential new customers

We process the personal data to administer Storykit’s business relation with the contracting party or the collaboration party. We also process personal data to be able to reach out to new potential customers in order to create new business contacts. 

 

    1. Personal data in connection with physical or digital events, our newsletter or alumni events

We process the personal data to be able to send out invitations to physical or digital events hosted by Storykit or to send out our newsletter that you have subscribed to. Further we process the data to be able to administer events. 

 

    1. Personal data in connection with visits on our website

We process the personal data with the purposes to ensure that our website operates as intended and to optimize the user experience and/or to detect and prevent fraud and other abuse on our website.

 

    1. Personal data in connection with recruitment

The purpose of processing personal data is to administer and evaluate the applicants in our recruitment processes and to be able to contact applicants of future career opportunities, provided that the applicant has consented to such processing.

  1. what is the legal basis of the processing?

We process data on our legitimate interest to fulfill our purposes described under section 2 above and in accordance with what is further described below. 

    1. Personal data in connection with using the Services and customer support errands in relation to the Services

The legal basis is our legitimate interest to (i) carry out our business, (ii) perform and fulfill our contractual and legal obligations with our Customers, (iv) otherwise to administer and commit to obligations that follow from the agreement i.e. in order to be able to provide the products you use, (v) protect our systems and Customers, or (vi) with your consent, if required.

 

    1. Personal data in connection with agreements, other collaborations or when we contact new potential customers

We process the personal data on our legitimate interest to fulfill our contractual obligations with our Customers and otherwise to administer obligations that follow from the agreement (in order to be able to provide the products you use).

Processing of personal data relating to suppliers, or their representatives, and other external parties is based on our legitimate interest in administering the relationship and performing our contractual obligations. 

When we contact potential new customers, we process data on our legitimate interest to conduct our business and build new business relations. If the recipient would not consent to such contact, we will immediately delete that recipient’s personal data and not make any further contact without prior consent. 

 

    1. Personal data in connection with physical or digital events, our newsletter or alumni events

The processing of personal data that takes place for physical or digital events or to be able to send out our newsletter is based on our legitimate interest in maintaining our business contacts, communicating with business contacts about our business and our events, and to arrange and administer those events and newsletters. The processing is also based on consent. Consent can be revoked at any time by contacting us at privacy@storykit.io.

 

    1. Personal data in connection with visits on our website 

We are processing the personal data based on our legitimate interest to manage and operate visits on our website.

 

    1. Personal data in connection with recruitment

The legal basis of the processing is our legitimate interest to manage the recruitment by e.g. administer the recruitment process and to be able to evaluate the candidates. Also, to manage certain legal aspects of recruitment.

The processing of a previous canditate’s personal data regarding future career opportunities is based on consent. Consent can be revoked at any time by contacting us at privacy@storykit.io or by unregistering from emails. 

  1. For how long do we store personal data?

We do not save personal data longer than is necessary given the purpose of the processing, unless the data may or must be saved for a longer period under applicable law.

Personal data collected by us are stored and processed mainly in the region where you live, in Sweden, or in other countries where we, our partners, subsidiaries or suppliers are active. The storage locations are selected with the intention to work efficiently, improving performance, and creating redundancy in order to protect data in the event of a power failure or if other issues occur. We take measures to ensure that the data we collect under this privacy policy is processed in accordance with the provisions of this privacy policy and applicable law. You can find more information about our sub-processors here.

    1. Storing personal data in connection with using the Services and customer support errands in relation to the Services

We retain personal data for as long as it is necessary to provide the Services, carry out the transactions you have requested and approved, or for other necessary purposes, such as complying with our legal obligations, resolving disputes and enforcing our agreements, exercise our rights and perform our obligations in relation to Customers, or for as long as is required or permitted under applicable law. Since these purposes can be different for different kinds of data, products, services and contexts, the actual retention period may vary. If, for example, a Customer has terminated its contract with us we delete their data after six months. The back-up of that database is stored for up to ten months. If a previous Customer would want its data to be deleted prior to six months after its termination we are able to accommodate such request manually.

    1. Storing personal data in connection with agreements and/or other collaborations or when we contact new potential customers

Your personal data in relation to agreements and/or other collaborations is only stored for as long as it is required to fulfill the purposes of the processing, e.g. as long as the agreement lasts and/or we have obligations under the agreement and you are the correct contact person for a company with which Storykit has an agreement and/or other collaboration. Further, in order to resolving disputes and enforcing our agreements, exercise our rights, perform our obligations in relation to the supplier or other external parties, or for as long as is required or permitted under applicable law.

Personal data in relation to new potential customers are stored for as long as it is necessary due to ongoing business contacts and always deleted upon request from the recipient. 

    1. Storing personal data in connection with physical or digital events or our newsletter

Your personal data is only stored for as long as it is a business contact or if it is otherwise required to fulfill the purposes of the processing, e.g. until the event has been held. We may also store your personal data to be able to invite you to future events.

In relation to newsletters, your personal data is only stored for as long as it is required to fulfill the purposes of the processing, e.g. for as long as you are subscribed to our newsletter.

    1. Storing personal data in connection with a case being handled by customer service or visits on our Storykit website 

In relation to visits on our website, please see our Cookie Policy.

    1. Storing personal data in connection with recruitment

Personal data of job applicants are stored during the recruitment process and are then saved for a further 90 days after completion of the process, or for as long as is required or permitted under applicable law. 

We continue to store the personal data if a candidate has consented to such storage so that Storykit can contact the candidate in relation to future career opportunities and events. The applicant can unregister at any time.

In relation to results of personality and logic reasoning tests we may access such results for one year in order for us to assess whether anything should be adjusted in the tests in order for the tests to be as successful as possible. In these cases, the candidate has been informed of such processing before submitting the tests. If requested by the candidate, we can delete such results earlier.

  1. Who has access to the personal data we are processing?

We use a range of security techniques and methods to protect your personal data from unwanted access, use and disclosure. For example, the personal data that you provide is stored on computer systems with limited access and located on protected premises. When transferring personal data (or any data) via the internet, we protect such data by encryption. 

In case we need to share information about you with certain third parties, we make sure that these companies comply with our data protection requirements, and they are not allowed to use any personal data received from us for any other purposes. We can share your information with the following third parties.

We can share information about you with service providers or business partners that carry out services on behalf of us, dealers which provide goods or services through our Services and/or partners which provide us services and functions. Such as e.g. digital marketing service providers, for the provision of IT services, administrative services, or to arrange events. Such service providers and business partners may only process personal data in accordance with our instructions, and may not use personal data for their own purposes. 

We can let other companies, on our behalf, use cookies, web beacons and other similar techniques in our Services. These companies may collect information about how you use our Services over time and combine that information with similar information from other services and companies. This information can be used to e.g. analyze and trace data, decide the degree of use for certain functions/modules and to better understand your online activity.  Also, we can collect information about your activities in services from third parties that use cookies and other technology provided by us. We use this information to improve our platforms and the Services offered. You can read more about how we use cookies in our Cookie policy.

We may also share personal data to a third party if we have an obligation to do so in order to:

  • comply with a valid legal obligation, a request by a public authority or applicable laws, rules or regulations;
  • investigate, remedy, or enforce potential violations of the terms of use; and/or
  • protect the rights, properties and safety of us, our users and others.

Further, if we would get involved with another company in a merger, transfer of assets, loan financing, liquidation or bankruptcy, or an acquisition of the whole or parts of our company, we may share your information with that other company before and after the completion of the transaction.

If we were to transfer your personal data to any third countries, i.e. countries outside the EU/EEA, we will enter into agreements and take other measures in accordance with applicable legal requirements.  

Observe that the Services may include links to products from third parties with policies different from this policy. If you disclose personal data in any of these products, your data will be processed in accordance with these respective policies. Further, if you are a job applicant you will see that we use third party sources when you submit certain personal data during the recruitment process and in these cases their privacy policies will apply. 

  1. what rights do you have as a data subject?

The Company complies with relevant data protection legislation within the EU which includes, if applicable, the following rights:

  • If the processing of personal data is based on your consent, you have the right to withdraw your consent for future processing of personal data at any time.
  • You have the right to request a register extract (in accordance with the definition in the legislation) free of charge and to get access to a copy of your personal data, request rectification and, under certain circumstances, erasure of your personal data.
  • You have the right to object to the processing of your personal data.
  • You have the right to request that we transmit your personal data to another organization which are responsible for the processing of your personal data (data controller) in case our processing of your personal data is based on either your consent or the performance of an agreement with you.
  • You have the right to lodge a complaint with a data protection supervisory authority. The Swedish Authority for Privacy Protection is the public authority in Sweden which supervises how we as a company comply with the legislation.
  1. amendments to this privacy policy

We will update our privacy policy when needed to reflect customer feedback, changes made to our Services and/or regulatory changes. When a policy is updated, the "last modified" date is changed at the top of the policy, after which the amendments take effect.

If there are any major changes regarding the Company's use of your personal data, you will be notified via a notice on the website or via an email before the amendments take effect, if required by law. Please read this privacy policy from time to time to stay informed about how the Company protects your personal data and your privacy.

  1. Contact details to the personal data controller 

We strive to let you access, update and erase your personal data that we have collected. If you cannot access certain data by yourself, you can get our help to update your data by contacting us. Since your integrity is important to us, we may ask you to verify your identity or give us additional information before we let you access and update your personal data.

Should you have any questions regarding this privacy policy, your personal data or the information on our website, please contact us at  privacy@storykit.io.

Related articles