Last modified: April 21st, 2021
Introduction
This is the privacy policy for Storykit and its related services and applications (our "Services"). Storykit is provided by Storykit AB (the "Company"), with company registration number 556980-8404.
Your right to access the Services is based on that an organization (the "Customer") has purchased Storykit licenses from the Company and granted you a license to use the Services on behalf of the Customer. The Customer is the personal data controller for the processing of personal data on the user accounts that are linked to the Customer and any and all personal data that may be added to the Services by you or any other individual at the Customer when you use the Services to create content. The processing of this personal data is governed by the agreement between the Company and the Customer.
You will also share certain information directly with us when using Storykit and we will collect certain data about you and the content you create. The Company is the personal data controller for the personal data that we collect, and this policy describes the processing of such personal data. With this policy, we aim to be clear about the information we collect, how we use it, with whom we may share it with and the choices we offer you to monitor, access and update your information.
We use the information that we collect regarding our Customers and users for three main reasons:
- to conduct our business and provide, improve, and adapt the Services,
- to personalize the Services for individual users,
- to communicate, including sending promotions to our users.
Our goal has been to formulate this policy in a comprehensible manner and without bureaucratic language, which often makes it difficult to understand this kind of document. Should you still have questions regarding the policy, you are welcome to contact us.
Information that we collect
There are three basic categories of information that we collect:
- Information that you choose to provide us.
- Information we receive when you use our Services.
- Information we receive from third parties.
You can make choices regarding the information we collect. When you are asked to provide personal data, you may decline. If you chose to not provide personal data that are necessary to access a product, service or feature, there is a risk that you may not be able to use that specific product or feature.
Information that you choose to provide to us
We collect the information you choose to provide to us when you interact with our Services. The Services requires you to create a basic Storykit account. Therefore, we need to collect certain important information about you such as name, a unique username of your choice, a password, and an e-mail address.
It probably goes without saying, but when you contact our customer support service or communicate with us in other ways, we collect the information you voluntarily provide to us.
Information we receive when you use our Services
When you use our Services, we collect information about which of these Services you use and how you use them. The following is a more detailed explanation of what sort of information we collect when you are using our Services:
- Information regarding use. We collect information regarding your activities through our Services. We may for example collect information about:
- how you interact with the Services, for example, promotions, Sites and work created and how these are distributed and edited over time.
- Information regarding device. We collect information regarding the devices you use. We collect for example:
- information regarding your hardware and software such as hardware model and operating system version;
- browser, language, and time zone.
- Information collected by cookies and other technology. Like most online services and mobile applications, we may use cookies and other technologies such as web beacons, to collect information regarding your activities, browser and device. To learn more about how we use cookies and your options, read our cookiepolicy. To learn more about how third-parties use this technology in our Services, read the section "Analysis Services" in our privacy policy.
- Log data. We also collect log data when you use our Services. This information includes:
- detailed information regarding your use of our Services.
- information regarding the device such as the browser type and language.
- time for access.
- pages displayed.
- IP address.
- identification related to cookies or other technology that can identify your device or browser.
- pages you visited before or after browsing one of our Services.
Information we collect from third parties
We may also obtain information from third-party sources and combine it with the information we collect through our Services. Information that has been obtained from third parties is protected by us in accordance with the methods described in this policy and in accordance with any additional restrictions that apply to the source of the information. Such third-party sources may vary over time but have previously included:
- Social networks, when providing the Company access to your information to one or more networks.
- Partners we collaborate with to offer services or participate in joint marketing activities.
- Publicly available sources, such as government databases or other data available to the public.
This is how we use the information
As mentioned above, we use the information we collect regarding our Customers and user for three main reasons:
- to conduct our business and provide, improve, and adapt the Services,
- to personalize the Services for individual users,
- to communicate, including sending promotions to our users.
Below is a more detailed explanation of what this may imply:
Provide and improve our products and Services. We use information to provide and improve the products we offer and to perform necessary business operations. This includes managing the products, maintaining and improving product performance, developing new features, conducting research and providing customer support. Examples of such usage include the following:
- Provide products and services. We use information to be able to provide the Services to you.
- Customer support. We use information to provide support services so that you can use our Services.
- Product improvement. We use data to improve our existing products and services, including by updating features. For example, we use bug reports to improve security features, user behavior, search queries, usage data to determine which new features to prioritize, content on the Services, and placement of relevant content for you on the Services.
- Security. We use data to protect the security of our products, services, and customers, to detect and prevent fraud and to resolve disputes, and enforce our agreements. We may also block the delivery of a message or remove the content if it violates our terms.
Personalized services. The Services may include customized features that automatically tailor your experience based on information regarding your activities and, with your consent or when permitted by law or contract, your location. The data is linked to one or more markers concerning the type of adaption of the Services and the marketing communication directed at the user, so-called personalization.
Communication. We use data to communicate with you. For example, we may contact you by e-mail, telephone, or by other means to inform you when security updates are available, update you on a support matter, inform you that you are required to take steps to keep your account active, or to inform you about an offer that may be of interest to you. To read more about how to manage your contact details, e-mail subscriptions and promotional messages, please see the section "Control over your personal data" in this privacy policy.
Other purposes. If we intend to use personal data for a new purpose, in addition to what is described in this privacy policy, you will be informed of such use before, or in connection to the collection of the personal data and we will ask for your permission or, when required, your consent. Alternatively, we will ask for your permission and/or consent after such collection but before we use your personal data for a new purpose.
How we share information
Sometimes we need to share your information with a third party. In case we share information about you with others, we make sure that these companies comply with our data protection requirements and they are not allowed to use any personal data received from us for any other purposes. The reasons we might need to share information about you are:
- You have given your consent to us sharing the information.
- With third parties. We can share your information with the following third parties:
- With service providers, dealers and partners. We can share information about you with service providers that carry out services on behalf of us, dealers which provide goods through our Services and business partners which provide us services and functions. You can find more information below about the data collected through our Services by third parties.
- With third parties for legal reasons. We can share information about you if we have a reason to believe that it is necessary in order to:
- comply with a valid legal obligation, a request by a public authority or applicable laws, rules or regulations.
- investigate, remedy, or enforce potential violations of the terms of use.
- protect the rights, properties and safety of us, our users and others.
- With third parties in the event of a merger or acquisition. If the Company gets involved with another company in a merger, transfer of assets, loan financing, liquidation or bankruptcy, or an acquisition of the whole or parts of our company, we can share your information with that other company before and after the completion of the transaction.
Observe that the Services may include links to products from third parties with policies different from this policy. If you disclose personal data in any of these products, your data will be processed in accordance with these respective policies. Where you are using our Services and have chosen to connect any of your social network accounts to the Services, or if you authorize any third-party services to access your account, you are agreeing to provide information about you to the social networks and the third-party services under their respective privacy policies. For example, if you choose to connect your YouTube account to our Services, this connection uses YouTube’s API services, and the Google Privacy Policy located at http://www.google.com/policies/privacy will apply to you.
Control over your personal data
We strive to let you access, update and erase your personal data that we have collected. If you cannot access certain data by yourself, you can get our help to update your data by contacting us. Since your integrity is important to us, we may ask you to verify your identity or give us additional information before we let you access and update your personal data.
If you have authorized us to access a social network account of yours, you may revoke this access at any time by following the instructions here. For example, if you have authorized us to access your information via the YouTube API services, in addition to our normal procedure for deleting stored data, you may revoke our access to your data via the Google security settings page, located at https://security.google.com/settings/security/permissions.
Analysis Services
Delivered by others
We can let other companies, on our behalf, use cookies, web beacons and other similar techniques in our Services. These companies may collect information about how you use our Services over time and combine that information with similar information from other services and companies. This information can be used to inter alia analyze and trace data, decide the degree of use for certain functions/modules and to better understand your online activity.
Provided by us
We can collect information about your activities in services from third parties that use cookies and other technology provided by us. We use this information to improve our platforms and the Services offered.
Your individual rights
The Company complies with relevant data protection legislation in the European Union which includes, if applicable, the following rights:
- If the processing of personal data is based on your consent, you have the right to withdraw your consent for future processing of personal data at any time.
- You have the right to request a register extract (in accordance with the definition in the legislation) free of charge and to get access to a copy of your personal data, request rectification and, under certain circumstances, erasure of your personal data.
- You have the right to object to the processing of your personal data.
- You have the right to request that we transmit your personal data to another organization which are responsible for the processing of your personal data (data controller) in case our processing of your personal data is based on either your consent or the performance of an agreement with you.
- You have the right to lodge a complaint with a data protection supervisory authority. The Swedish Authority for Privacy Protection is the public authority in Sweden which supervises how we as a company comply with the legislation.
When we process your personal data we do it on a basis of need, in order to be able to provide the products you use, carry out our business, perform our contractual and legal obligations, protect our systems and customers or to perform other legitimate interests in accordance with the sections "This is how we use the information" and "How we share information" above, or with your consent, if required. When we transfer personal data from the European Union and/or the European Economic Area, we do it based on a number of legal mechanisms in accordance with the section "Data storage and processing of personal data" below.
Security of your personal data
We use a range of security techniques and methods to protect your personal data from unwanted access, use and disclosure. For example, the personal data that you provide is stored on computer systems with limited access and located on protected premises. When transferring sensitive personal data (such as credit card numbers and passwords) via the internet, we protect such data by encryption.
Data storage and processing of personal data
Personal data collected by us are stored and processed mainly in the region where you live, in Sweden, or in other countries where we, our partners, subsidiaries or suppliers are active. The storage locations are selected with the intention to work efficiently, improving performance, and creating redundancy in order to protect data in the event of a power failure or if other issues occur. We take measures to ensure that the data we collect under this privacy policy is processed in accordance with the provisions of this privacy policy and applicable law.
If we were to transfer your personal data to any third countries, i.e. countries outside the EU/EEA, we will enter into agreements and take other measures in accordance with applicable legal requirements.
How long we retain personal data
We retain personal data for as long as it is necessary to provide the products and services, carry out the transactions you have requested and approved, or for other necessary purposes, such as complying with our legal obligations, resolving disputes and enforcing our agreements. Since these purposes can be different for different kinds of data, products, services and contexts, the actual retention period may vary. The criteria's determining the retention period are for example:
For how long is the personal data required to provide the products and services?
This includes maintaining and improving the performance of existing products and services, protecting our systems, and administering necessary business and accounting information. This is the general rule that serves as a basis for calculating most retention periods.
Is the personal data of a particularly sensitive nature?
If so, a shorter retention period is usually used.
Did the users approve the use for a longer retention period?
If so, we store the data in accordance with your permission.
Did the Company legally, contractually or in any other way undertake to store the data?
Examples are mandatory legislation on the retention of information in certain jurisdictions, government decisions to retain information relevant to investigations, or information that must be retained in order to resolve a dispute.
Your personal data is erased or anonymized when it is no longer relevant for the purposes for which it was collected in accordance with the section "This is how we use the information".
Children/minors
The Services are not intended for, and we do not target, people under the age of 13. We do not knowingly collect personal data from anyone under the age of 13.
Amendments to the privacy policy
We will update our privacy policy when needed to reflect customer feedback and changes made to our Services. When a policy is updated, the "last modified" date is changed at the top of the policy, after which the amendments take effect.
If there are any major amendments to the policy or changes regarding the Company's use of your personal data, you will be notified via a notice on the website or via an e-mail before the amendments take effect, if required by law. Please read this privacy policy from time to time to stay informed about how the Company protects your personal data and your privacy.
Contact us
Should you have any questions regarding this privacy policy, your personal data or the information on our website, please contact us at privacy@storykit.io