Last updated and effective as of May 1, 2024.

Introduction

Hartic AB, Corporate ID No. 559480–6217, Teknikvägen 3, 961 50 Boden, Sweden, (hereinafter “the Company” or “we”) respects your privacy and your right to control your personal information.

This Privacy Policy describes what personal data we collect, the purposes for which it is collected, the legal basis for our processing, how you can exercise control over your personal data, and how you can contact us. This Personal Data Policy applies when you use our websites (https://app.hartic.se/ and https://www.hartic.se/) and when you use our services and/or purchase our products provided by the Company (hereinafter referred to collectively as “the Service”).

The company is responsible for personal data in accordance with these terms and conditions and is responsible for processing in accordance with current legislation. It is important that you read and understand our Privacy Policy before you purchase or use the Service. All processing of personal data within the Company is conducted in accordance with applicable data protection laws. Within the EU/EEA, the General Data Protection Regulation (GDPR) applies.

Key concepts

Personal data is information that can be linked, directly or indirectly, together with other data, to a living individual. Examples of personal data include name, address, telephone number, social security number, and email address. Information regarding IP addresses and your user behavior when using the Service may also constitute personal data. The processing of personal data includes all handling of personal data, such as collection, analysis, modification, recording, and storage. The data controller is the person who, alone or jointly with others, determines the purposes and means of the processing of personal data and who is responsible for ensuring that such processing is carried out in accordance with applicable law.

Data processed

The personal information the Company collects and processes about you as a user of the Service is:

Identification number (name, Social Security number, national ID, etc.).
Contact information such as address, phone number, email address, etc.
Profile data (such as age, age range, gender, role, or similar).
Location data.
Order information, such as the customer number.
Payment information such as card details, phone number (e.g., for Swish or similar), billing address, etc.
IP address, device information, access data.
Other information that you may provide yourself as part of the Service.

The company needs the above information in order to fulfill its agreement with you to process an order or provide services. If you choose not to provide certain personal information, this may prevent the company from processing the requested order or providing the requested service.

If you, as a customer or employee, choose to create a user account with the Company, the Company will also store the above personal information about you for this purpose. Certain information is automatically collected when you use the Service or create a user account, including:

Information about your use of the Service, such as how often you use the service,
Technical data about the devices you use to access the Service, such as IP address, hardware type, operating system, and browser version, etc.

In order to keep your personal information up to date and accurate, we may also update your information using public records, primarily in Sweden, such as SPAR.

Purpose of the treatment

We process personal data for the purposes listed below, as well as for any additional purposes specified at the time of collection:

If you have a user account for the Service, we will collect the data you submit when using the Service,
In order for you to use the Service, we may disclose your personal information to a subcontractor or a third party for the purpose of fulfilling your request for services or products (such as to process payment for the service provided),
In order for us to be able to communicate with you via mail, telephone, electronic communication (such as text messages, emails, email forms, or social media accounts), or by other means—for example, when you contact customer service—to send notifications and inform you about updates to the Service and our Terms of Use,
To ensure the technical functionality of the Service,
To improve and develop the Service and new services and products, to continuously enhance the security of our networks and information systems, and to analyze how you and other users use the Service (e.g., which mobile device or equipment you use) in order to better understand how our customers interact with and use the Service,
To send you newsletters via email,
To invite you to participate in contests. When you participate in such a contest, we may ask you to provide your name, address, email address, and phone number,
To manage marketing activities such as contests and giveaways,
For marketing purposes, including the promotion of our products and services, via email and SMS/MMS (which you can opt out of by clicking a link in each email or SMS/MMS message),
To monitor, prevent, investigate, or take other measures in connection with misuse of the Service; in connection with the use of the Service in violation of the Terms of Service; or in connection with legal proceedings, suspected fraud, or potential threats to the Company’s or others’ rights,
To comply with a legal obligation.

Legal basis

Processing necessary to fulfill our agreement with you:

The company processes your personal data in order to fulfill our agreement with you (e.g., for the purposes stated in the points above).
Processing necessary for purposes related to the legitimate interests of the Company or third parties (balancing of interests).

In cases where processing is necessary for purposes related to the Company’s or third parties’ legitimate interests, the Company may process personal data based on a balancing of interests. Such interests include the Company’s commercial interest in maintaining a good customer relationship with you, providing you with information relevant to your use of the Service, improving and further developing the Service, and marketing the Company’s products and services (e.g., for the purposes stated in the points above). By “legitimate interests” we mean our interest in conducting and managing our business to enable us to provide you with the best possible Services and a positive and secure user experience. For example, we have a legitimate interest in ensuring that the marketing is relevant to you; therefore, we may process your personal data to tailor the marketing to your interests, such as based on your use of the Services. Legitimate interests may also refer to processing that is in your own interest or the interest of a third party.

We may also process your personal data in order to:

to comply with a legal obligation or a court order,
when negotiating the sale of our business or assets, provide a potential buyer with the necessary information regarding our customer records (in such cases, a potential buyer will not have the right to use the information for any purpose other than the valuation of our business),
transfer them to a third party that has acquired our business or a significant portion of our assets, and personal data is included as part of the sale, or
it is necessary to enforce our Terms and Conditions, or to protect our rights, assets, security, customers, or other persons.

You can opt out of receiving marketing communications from us and/or our partners at any time by clicking “unsubscribe” in an email we send you. We may process your personal data to protect you (and other customers, suppliers, and partners) against fraud, unauthorized access, and other irregularities in the use of our Services, and to ensure that our Services and systems are secure. When we process personal data based on a balancing of interests, we ensure that we take into account and balance the potential impact of the processing on you (both positive and negative) as well as your interests and rights under applicable data protection laws.

Treatment with express consent:

The company may also process personal data with your express consent as a customer or employee (e.g., for the purposes stated above).

Processing necessary to comply with a legal obligation.
The company may need to process personal data in order to comply with legal obligations, such as for accounting purposes or in response to a court or government order.

It may happen that the same personal data is processed for multiple purposes and/or on the basis of more than one of the legal grounds listed above.

Security and Transfer of Personal Data

Transfer of personal data to third parties

We will not share, sell, transfer, or otherwise disclose personal information beyond what is stated in this Personal Data Policy, unless we are required to do so by law or as a result of a court order, or if we have obtained your consent to such disclosure. The Company may disclose personal information to third parties, such as law enforcement or other authorities, if it relates to the investigation of suspected criminal activity or if we are otherwise required to disclose such information based on law or a government decision. The Company may engage external suppliers to perform tasks on its behalf, such as providing IT services, updating address information, or assisting with marketing and analytics. The performance of these services may result in the Company’s suppliers, both within the EU/EEA and outside the EU/EEA, gaining access to personal data. These providers process the information on our behalf in accordance with written data processing agreements and our instructions. Data processors who gain access to your personal data (e.g., when we use a third party to collect address data or store information on a server) are not granted any right to use your personal data for purposes other than those stated in this Privacy Policy, but will primarily use it to the extent necessary to provide the Service.

Transfer of personal data to third countries

The company may collaborate with partners who process personal data within and outside the EU/EEA. In the event that the Company chooses to engage suppliers outside the EU/EEA, such as cloud service providers, the Company will, in such cases, implement special safeguards, such as entering into agreements that include standardized model clauses for data transfers adopted by the European Commission and available on the European Commission’s website, or working with companies that maintain the same level of protection as within the EU/EEA.

Security for the protection of personal data

The company safeguards your privacy and ensures a high level of security for your personal information. The company has implemented appropriate security measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction. All processing of your personal data is conducted with strict confidentiality.

Storage and Deletion of Personal Data

The processing is carried out in accordance with current legislation, which means that personal data is not stored for longer than is necessary for the purposes of the processing. We will store your personal information for as long as you choose to maintain a user account with us or, if you do not have a user account, until the service you have chosen to use is completed. Once the personal data no longer serves its purpose, it will be deleted. The same personal information may be stored in several different locations for different purposes. This may mean that information deleted from one system because it is no longer necessary may remain in another system where it is stored on a different legal basis or for another purpose where the personal data is still required. If you subscribe to our newsletter, your contact information will be retained as long as you choose to continue receiving the newsletter. In practical terms, this means that data is thinned out and deleted when it is no longer relevant or necessary for analysis or direct marketing for the purposes for which it was collected. Some information may be retained longer when required by other legal obligations, such as the Accounting Act.

Your rights and choices

With regard to the processing of your personal data, you have a number of rights under applicable data protection laws. To exercise your rights, please contact the Company using the contact information provided at the end of this Privacy Policy.

Right of access

You have the right to request and receive confirmation of whether the Company processes personal data about you. If so, you have the right to receive information about the processing free of charge and a copy of the personal data being processed. For any additional copies, the Company is entitled to charge a reasonable fee based on the Company’s administrative costs for such copies. If the request is manifestly unfounded or unreasonable, the Company may, in accordance with the provisions of applicable data protection legislation, charge a reasonable fee for such a request or refuse to comply with such a request.

Right to correct inaccurate personal data

You have the right to have inaccurate personal information about you corrected without undue delay. Depending on the purpose of the processing, you also have the right to have incomplete personal data supplemented.

Right to erasure (“the right to be forgotten”)

In some cases, you have the right to have your personal data deleted, e.g.

if the personal data are no longer necessary for the purposes for which they were collected;
if the processing is based on your consent, you have the right to withdraw your consent at any time and, thereafter, the right to have the data deleted (provided that there is no other legal basis for the processing);
if you object to processing based on a balancing of interests and there are no legitimate grounds for the processing that outweigh your objection (however, you always have the right to have personal data used for direct marketing deleted on the basis of a balancing of interests);
if the personal data has been processed unlawfully or must be deleted due to a legal obligation;

However, the right to erasure does not apply in certain cases, such as when the processing is necessary for the Company to comply with a legal obligation or to establish, assert, or defend legal claims.

Right to restriction

In certain cases, you have the right to request that the Company restrict the processing of your personal data, e.g., if you believe the personal data is incorrect so that the Company has time to verify it, or if the processing is unlawful and you do not want us to delete the data. If the Company no longer needs the information but you need it for legal claims, or if you object to the Company’s processing on the basis of a balancing of interests pending verification of whether the Company’s or third parties’ legitimate reasons outweigh your legitimate reasons.

Right to object

You have the right to object at any time to the processing of your personal data based on a balancing of interests, including profiling. The Company may not continue to process such personal data unless the Company can demonstrate compelling legitimate grounds for such processing that override your interests, rights, and freedoms. The Company may, however, continue processing for the purpose of establishing, exercising, or defending legal claims. If you object to processing for direct marketing that is based on a balancing of interests, the Company may no longer process your personal data for that purpose. You may opt out of receiving marketing communications from us at any time by clicking “unsubscribe” in the emails and text messages we send you.

Right to data portability

In some cases, you have the right to have your personal data transferred to another data controller, for example, if the processing is based on your consent or on a contract between you and the Company, provided that the processing is carried out by automated means. Where technically feasible, such a transfer shall be made directly from the Company to another data controller.

The right to file a complaint

If you believe that we are not respecting your rights, please feel free to contact us. You also have the right to file a complaint with the Data Protection Authority.

Cookies

To make visits to our website as enjoyable as possible and to enable certain features, we use cookies on various pages. Cookies are small text files that are stored in your browser. Some of the cookies we use are deleted at the end of a browser session, i.e., when you close your browser. Other cookies remain in your browser and allow us or a company affiliated with us to recognize your browser on your next visit. These are called persistent cookies. You can configure your browser to be notified about cookie settings and decide individually whether to accept cookies or not, either in specific cases or generally. If you do not accept cookies, this may limit the functionality of our website and our Service.

We divide cookies into three categories:

Required
Functional
Staff

Below you will find more information about your options and a detailed list of the cookies we use.

Mandatory cookies are required to navigate our website and use the services we provide. If these cookies are not used, the proper functioning of our website (for example, entering text) cannot be guaranteed when visitors browse pages on the website. These cookies also collect information about how visitors use our website, such as which pages they visit most often and whether they receive error messages from the website. These cookies collect aggregated, anonymous information that does not identify visitors. The cookies also allow our website to remember users’ preferences, such as language or region, to provide better features. By law, you are not required to take any action to accept them. We also use these cookies to store information about whether you have given your consent to use cookies or to temporarily store information that you have entered.

Functional cookies collect anonymous information. They cannot track your activity on other websites. They can also be used to send targeted ads or offers, or to measure the effectiveness of an advertising campaign. They can be used to determine which online marketing channels are most effective. With these cookies, we also store your login information in your browser so that you can log in automatically the next time you visit our website. Because we want to provide you with a website designed for optimal user-friendliness, functional cookies are usually activated when you visit our website. To enable the described measures, we also use third-party cookies in this category. By analyzing your anonymized usage, we can identify areas where our site can be improved.

We use cookies to display more targeted ads that are relevant to you and tailored to your interests. These cookies help us provide customized target audience lists to our marketing partners. We need your consent to enable these cookies.

Objection to the use of cookies

If you do not want us to collect and analyze information about your visit, you can object to this at any time with future effect (so-called opt-out, deregistration). To implement the objection technically, an opt-out cookie is set in your browser. This cookie is used solely to identify your objection. Please note that for technical reasons, an opt-out cookie can only be used for the browser in which it was set. If you clear your cookies or use a different browser, you will need to repeat the process (object again).

Links to websites and social media plugins

In cases where the Service refers (links) to a website or material belonging to a third party, such reference is intended solely as a convenience for the user, and the Company disclaims all responsibility for it and any processing of personal data that may occur. Within the Service, you may occasionally be offered the option to share data from the Service on social media platforms, such as Facebook or Twitter, via an integrated social media plugin (such as a “Like” button). We have no control over the information that social media platforms collect through these plugins if you choose to use them. We therefore urge you to stay informed about the purpose and scope of data collection via social media plugins.

Changes to the Privacy Policy

We reserve the right to change this Privacy Policy without prior notice. In the event of significant changes, we will announce them on our respective websites or notify you by email. The latest version is available on our website.

Choice of law and dispute resolution

The processing of your personal data in accordance with this Privacy Policy and your use of the Service shall be interpreted and governed by Swedish law. Disputes shall be resolved by a Swedish court of general jurisdiction unless otherwise required by mandatory law.

Contact information

For more information about personal data management, please feel free to contact us by email at info@hartic.se

Digitalize and simplify

Features

For Managers

For HR Professionals

For Employees

Welcome to Our Community

Security and Community

Teams that Have Fun and Perform

What is Hartic?

Training

Tools & Help

What's New in Hartic?

Learn more about us

Do you want to be part of our team?

Where passion and the work environment meet