Privacy Policy

Version Last Updated
1.0 2020-04-21

1. General

1.1 The Privacy Policy applies when Addlevel provides services and products related to purchases, customer service matters and other contact with Addlevel, such as website visits. The Privacy Policy also encompasses any interaction with nodeProtect, such as visiting nodeProtect.com and purchasing and utilizing the product nodeProtect. The term “Addlevel’s websites” refers to both addlevel.se and nodeProtect.com.

1.2 You should always be able to feel safe when you provide your personal data to us. With this Privacy Policy, we want to demonstrate how we ensure that your personal data is processed in accordance with applicable personal data and privacy laws.

2. Personal Data Controller

Addlevel is the personal data controller for Addlevel’s processing of your personal data. We are responsible for ensuring that processing is carried out in accordance with applicable law.

3. When do we collect and process your personal data?

3.1 When you visit our website or in order to purchase our services, products, trainings, event tickets or contact us for information or service, we may collect personal information about you, as set out below:

3.2 Addlevel collects and processes personal data about you when you visit any Addlevel website, make a purchase on Addlevel’s websites, use Addlevel’s support or participate in an event organized by Addlevel. The information collected from you for bookings and purchases is required for you to enter into an agreement with Addlevel and for Addlevel to provide its services and offers.

3.3 Information that Addlevel collects about you is how you interact with Addlevel’s websites, your purchase history, what events you participated in and what offers you have been interested in by reading an email or clicking on a link.

3.4 Personal data is stored in our CRM, billing, e-mail and web analytics systems. The current web analytics tools being used are Google Analytics for addlevel.se and nodeprotect.com, and Azure Application Insights for users of nodeProtect Cloud (Free and Business Plan).

4. What personal data do we process?

4.1 If you are a customer of Addlevel Addlevel collects and processes personal data about you as a customer who makes a purchase of our services, products, events or training and uses our services and products:

  • First and last name
  • E-mail
  • Phone number
  • Company registration number (this is personal data only if the company is a sole trader business)
  • Billing address
  • Payment details
  • Order history
  • Professional title
  • Allergies (this data is deleted from the register no later than 7 days after the event has taken place)
  • IP-address (for customers and users of nodeProtect)

4.2 If you have shown interest by filling out our web forms Addlevel collects and processes the following personal data about you:

  • First and last name
  • E‑mail
  • Company registration number (this is personal data only if the company is a sole trader business)
  • Professional title
  • Billing address
  • Phone number
  • Area of interest, i.e. which offers you are interested in and which of our events you have signed up for.

4.3 If you are a newsletter subscriber Addlevel collects and processes the following personal data about you:

  • First and last name
  • E-mail
  • Area of interest
  • How you interacted with our newsletters, information about which offers you are interested in and which links you click on.

4.4 If you visit our websites Addlevel collects and processes your IP address and your use of Addlevel’s websites. To see how the use of the websites is tracked, see section 12 on Cookies.

5. Why do we process your personal data?

We only use the personal data for the original purpose for which it was collected, unless subsequent consent has been obtained.

5.1 If you are a customer of Addlevel Addlevel processes your personal data for the purpose of:

  • Fulfil our obligations to you as a customer, such as administration, processing and execution of purchases, invoicing and provision of support.
  • Administer the customer account for bookkeeping and invoicing
  • Enable general customer care and customer service, such as answering questions and correcting incorrect information.
  • Enable communication with you, provide information, offers, event invitations and targeted marketing by email, SMS and telephone regarding Addlevel’s products and services, and ask you to participate in voluntary marketing research.
  • Continuously be able to manage customer relations and provide our services.
  • Provide you with relevant information and personalized offers in newsletters, on the web and on social media.
  • Improve our customer offering, such as development of services, products and features.
  • Comply with applicable legislation, such as bookkeeping laws.
  • Improve our customer offering, such as the development of services, products and features by being able to contact you in case of problems in ordering or performing services.

5.2 If you are a newsletter subscriber or have shown interest by filling in our web form, or initiating dialog through other channels such as bot communication, Addlevel processes your personal data in order to:

  • Enable general customer care and customer service, such as answering questions and correcting incorrect information.
  • Enable communication with you, provide information, offers, event invitations and targeted marketing by email, SMS and telephone regarding Addlevel’s products and services, and ask you to participate in voluntary marketing research.
  • Provide you with relevant information and personalized offers in newsletters, on the web and on social media.
  • Troubleshoot and optimize technology Data may also serve as a basis for market and customer analyses, market research and statistics related to demonstrated interest in Addlevel’s products, services and events.

5.3 If you visit our website Addlevel processes your personal data for the purpose of:

  • Analyze how you behave on our website, in order to make changes to improve the experience and ease of use.
  • Analyze which of our pages and services/products are most interesting for visitors.

We base the processing of your personal data on the legal grounds described below.

6.1 Performance of contracts: If you are a customer, Addlevel processes your personal data in order to fulfil the contract with you as a customer, make bookings and purchases, simplify administration and order history.

6.2 Consent: For data collected via cookies and email address, we rely on consent as a legal basis. For e-mail address, consent is collected by you having to accept our privacy policy in order to become a subscriber. For cookies, consent is given through a pop-up banner that informs about our handling of cookies.

6.3 Legitimate interest: In order to be able to send you offers about our services, products and events and to make limited segmentation of customers, e.g. based on geography or knowledge area, a small part of the processing of personal data is based on the legitimate interest of the personal data controller. Addlevel does not process sensitive personal data on the basis of a legitimate interest and does not carry out any processing that constitutes profiling on the basis of a legitimate interest e.g. allergies at events.

6.4 Legal obligation: In some cases, Addlevel may have a legal obligation to process your personal data. This applies, for example, to the processing of personal data that we perform in order to comply with the requirements of the Bookkeeping Act.

7. Profiling

7.1 Addlevel can process your personal data through profiling. If you are a visitor, customer or newsletter subscriber, information is analyzed - about how you use Addlevel’s websites, - about which of our products, services and offers you have demonstrated interest in, - about the newsletters you have interacted with and events you have signed up for, - about purchases to provide personalized offers that we think suit you, - in order to invite you to events we think you would like to attend.

7.2 You may object to the processing of personal data through profiling at any time. You can do this by calling us at Addlevel + 46 8 10 40 00 or by contacting info@addlevel.se or by sending your request to Addlevel AB, Odengatan 81, 113 22 Stockholm. Once we receive your notification, we will without undue delay cease processing your personal data for this purpose.

8. How long do we keep your personal data?

8.1 Personal data is only stored as long as there is a need to retain it in order to fulfil the purposes for which the data was collected in accordance with this Privacy Policy. Addlevel may store the data longer if it is necessary to comply with legal requirements such as the Bookkeeping Act.

8.2 Data Erasure Policy Your personal data is stored in our CRM, billing and data analysis tools as long as you have purchased, interacted or shown interest in Addlevel or until consent is revoked by the customer, or if the customer objects to the processing. See section 12. In our chosen e-mail system, we store information about our customers that has been automatically created as an e-mail as a part of web interaction, i.e. filling in a form, or communicating with a chat program, for a maximum of 24 months. The data is then deleted from the system.

9. To whom do we disclose personal data?

9.1 Third party Addlevel may disclose information to third parties, such as other companies within Truesec Group, partners and card and communication service providers. Addlevel never sells personal data to third parties. Third parties to which Addlevel discloses information about a customer may only use the information for the purpose of:

  • sell and market Addlevel’s and Truesec Group companies’ services and products
  • deliver services related to Addlevel’s contract with you as a customer

These third parties include:

  • Sobro AB (Investor)
  • Truesec Group AB and all its subsidiaries (Corporate Group)
  • Adekvator AB (Accounting)
  • Google (Analytics, Adwords)
  • Microsoft (Log Analytics, Azure, Office 365, Web hosting)
  • Pipedrive (CRM)
  • Sendgrid (Newsletter, Product Information)
  • Webflow (Web hosting)
  • Netlify (Web hosting)
  • ClearDB (Web hosting database provider)
  • Genesis Digital LLC (Webinar Platform – WebinarJam)
  • Eventbite (Event Registrations)

9.2 In order to comply with applicable legal or governmental requirements, to defend Addlevel’s legal interests or to detect, prevent or act on fraud and other security or technical issues, Addlevel may disclose personal data if necessary for these purposes.

9.3 Non-EU/EEA countries Addlevel may transfer data to countries outside the EU/EEA, if one of Addlevel’s suppliers is located there. If data is transferred outside the EU/EEA, Addlevel takes steps to ensure that the data is protected and takes steps necessary to legally transfer personal data to countries outside the EU/EEA.

10. Changes to Addlevel’s Privacy Policy

Addlevel has the right to change the Privacy Policy at any time and will subsequently make a new version available on the website. If the changes require your consent, this will be obtained before the changes take effect.

11. Your rights regarding personal data stored at Addlevel

11.1 Addlevel is responsible for ensuring that your personal data is processed in compliance with applicable legislation.

11.2 At your request or on its own initiative, Addlevel may correct, de-identify, delete or supplement personal data that is inaccurate, incomplete or misleading.

11.3 You have the right to request:

  • access to your personal data such as register extracts or a copy of your personal data;
  • once per calendar year, a register extract on the personal data registered about you, the purpose of the processing and to which recipients the data has been or is to be disclosed. Information on where the data was taken from, the presence of profiling and the predicted period during which the data are stored. You also have the right to receive information in the extract of the register mentioned in this paragraph;
  • your personal data at your request;
  • deletion of your personal data, unless it is necessary for the purpose for which it was collected, or otherwise prohibited for example by legal requirements that prevent us from immediately deleting your personal data; and
  • restriction of processing, if you believe that your data is incorrect, for a period of time that allows Addlevel to verify the accuracy of the personal data.

11.4 Data portability. You have the right, under certain conditions, to obtain and transfer your personal data in a structured, commonly used and machine-readable format to another data controller.

11.5 You have the right to object to personal data processing carried out on the basis of Addlevel’s legitimate interests. Addlevel will only continue processing if there is a legitimate interest for the treatment that overrides your interests. Pending the verification that Addlevel’s legitimate interest overrides your interests, you can request restriction of the processing of your personal data, as referred to in section 11.3 last paragraph.

11.6 If you do not want Addlevel to process your data for direct marketing purposes, you have the right to object to the processing by emailing info@addlevel.se. Once we receive your objection, we will cease processing the personal data for these marketing purposes.

11.8 You have the right to submit complaints regarding the processing of your personal data to the Swedish Data Protection Authority.

11.9 You have the right to withdraw your consent to the processing of personal data at any time, with immediate effect and free of charge. To do this, contact Addlevel by phone + 46 8 10 40 00 or info@addlevel.se.

12. Cookies

12.1 What are cookies?

A cookie is a small text file that the website requests to save on your device or computer in order to recognize you the next time you visit the website. The cookie is used to improve the web experience for you as a visitor. The information in the cookie is possible to use to follow a user’s browsing. There are two types of cookies:

  • Permanent cookies that store a file on your device in order for you to use the website and access various functions.
  • Session-based cookies that are used when you visit the web. This sends a session cookie between your computer and our web server to facilitate navigation. The cookie disappears when you end the visit. For more information about cookies, please visit The Swedish Post and Telecom Authority’s (PTS) website.

12.2 How we use cookies on our web

12.2.1 The website uses permanent cookies and session-based cookies for the purpose of: – Measure and analyze visitors’ flow and navigation on the site to learn what visitors appreciate and how they use our web services – Allowing the system to recognize repeat users to make the experience as good as possible for you as a visitor. – Remembering the visitor’s choice of text size on the site and automatically fill out various form fields to facilitate the availability of services for the user and its revisits to our websites.

12.2.2 If you accept session-based cookies, you can fully use our website.

12.2.3 If you do not accept any cookies, you cannot fully use our website – you can only read information and view services, see prices and related information.

12.3 Website analytics tools We use Google Analytics to create an image of how you as a visitor use the site. The following cookies are created when you visit the web:

Category: Necessary

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

Cookie Name Provider Expiry Description
CookieConsent nodeprotect.com, addlevel.se 1 year Stores the user’s cookie consent state for the current domain
AspNetCore.Antiforgery login.nodeprotect.com Session Helps prevent Cross-Site Request Forgery (CSRF) attacks.
AspNetCore.Identity login.nodeprotect.com Session Session cookie containing your authentication information
ARRAffinity login.nodeprotect.com Session Used to distribute traffic to the web site on several servers in order to optimise response times.
AI_buffer login.nodeprotect.com Session Used in context with the “AI_sentBuffer” in order to limit the number of data-server-updates (Azure).
AI_sentBuffer login.nodeprotect.com Session Used in context with the “AI_buffer” in order to limit the number of data-server-updates (Azure).
ai_session login.nodeprotect.com Session Preserves users states across page requests.
idsrv.session login.nodeprotect.com Session The session cookie is only used by the session monitoring endpoint to detect if the current session has changed.
DSID doubleclick.net 1 month This cookie is set to note your specific user identity. It contains a hashed/encrypted unique ID.
SID google.com, google.se 2 years This is a very common cookie name but where it is found as a session cookie it is likely to be used as for session state management.
DSID doubleclick.net 1 month This cookie is set to note your specific user identity. It contains a hashed/encrypted unique ID.
SEARCH_SAMESITE google.com, google.se 4 months Used to prevent cross-site request forgery (CSRF) attacks.

Category: Preferences

Preference cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in.

Cookie Name Provider Expiry Description
CookieConsentBulkSetting-# cookiebot.com Persistent Enables cookie consent across multiple web sites

Category: Statistics

Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

Cookie Name Provider Expiry Description
_ga nodeprotect.com, addlevel.se 2 years Registers a unique ID that is used to generate statistical data on how the visitor uses the web site.
_gat nodeprotect.com, addlevel.se 1 day Used by Google Analytics to throttle request rate
_gid nodeprotect.com, addlevel.se 1 day Registers a unique ID that is used to generate statistical data on how the visitor uses the web site.
vuid vimeo.com 2 years Collects data on the user’s visits to the web site, such as which pages have been read.
ai_user login.nodeprotect.com 1 year Used by Microsoft Application Insights software to collect statistical usage and telemetry information.
OGP google.com 1 month This cookie enables the functionality of Google Maps.

Category: Marketing

Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third-party advertisers.

Cookie Name Provider Expiry Description
_gcl_au nodeprotect.com, addlevel.se 3 months Used by Google AdSense for experimenting with advertisement efficiency across web sites using their services.
ads/ga-audiences google.com Session Used by Google AdWords to re-engage visitors that are likely to convert to customers based on the visitor’s online behavior across web sites.
em_cdn_uid cdn.embedly.com 1 year Measures the number of times an embedded element from a third-party service has been used.
1P_JAR google.com 1 month This cookie carries out information about how the end user uses the website and any advertising that the end user may have seen before visiting the said website
APISID google.com, google.se 2 years Used to build a profile of the website visitor’s interests and show relevant ads on other sites.
CONSENT google.com, google.se 18 years This cookie carries out information about how the end user uses the website and any advertising that the end user may have seen before visiting the said website.
HSID google.com, google.se 1 year This cookie is set by DoubleClick (which is owned by Google) to build a profile of the website visitor’s interests and show relevant ads on other sites.
IDE doubleclick.net 6 months This cookie carries out information about how the end user uses the website and any advertising that the end user may have seen before visiting the said website.
NID google.com, google.se 6 months This cookie is set by DoubleClick (which is owned by Google) to help build a profile of your interests and show you relevant ads on other sites.
SAPISID google.com, google.se 2 years This DoubleClick cookie is generally set through the site by advertising partners, and used by them to build a profile of the website visitor’s interests and show relevant ads on other sites. This cookie works by uniquely identifying your browser and device.
SIDCC google.com 1 year This cookie carries out information about how the end user uses the website and any advertising that the end user may have seen before visiting the said website.
SSID google.com, google.se 2 years This cookie carries out information about how the end user uses the website and any advertising that the end user may have seen before visiting the said website.
OTZ www.google.com 1 month Used by Google Analytics that provides an aggregate analysis of Website visitors
ANID google.com, google.se 1 year Used by for targeting purposes to build a profile of the website visitor’s interests in order to show relevant & personalized Google advertising
__Secure-3PAPISID google.com, google.se 2 years Used by for targeting purposes to build a profile of the website visitor’s interests in order to show relevant & personalized Google advertising
__Secure-3PSID google.com 1 years Used by for targeting purposes to build a profile of the website visitor’s interests in order to show relevant & personalized Google advertising
__Secure-3PSIDCC google.com, google.se 2 years Used by for targeting purposes to build a profile of the website visitor’s interests in order to show relevant & personalized Google advertising
__Secure-APISID google.com, google.se 2 years Used by for targeting purposes to build a profile of the website visitor’s interests in order to show relevant & personalized Google
advertising
__Secure-HSID google.com, google.se 6 months This cookie is set by DoubleClick (which is owned by Google) to build a profile of the website visitor’s interests and show relevant ads on other sites.
__Secure-SSID google.com, google.se 6 months This cookie carries out information about how the end user uses the website and any advertising that the end user may have seen before visiting the said website.

12.4 Remove cookie storage

If you do not want cookies to be stored on your computer, you can turn off the feature in your browser settings. No cookies will be stored, but please note that your personal settings will disappear. Learn how to remove cookies from browsers. https://support.google.com/chrome/answer/95647

If you don’t want your visits to our website to appear in google analytics statistics, you can use an add-on to your browser. See Google Analytics Opt-out Browser Add-on. https://tools.google.com/dlpage/gaoptout Legal Information: Electronic Communications Act (SFS 2003:389).

13. Email Address Management Policy

We manage your email address according to our Privacy Policy.

  • Your e-mail address will not be sold, lent or otherwise made available for use to another company not part of Addlevel AB or its affiliates.
  • All e-mailings are made using technology that does not make e-mail addresses visible to other subscribers.
  • When ordering e-mails such as newsletters, you agree that your personal data – e-mail, company, first name, surname, address, mobile and professional title – may be stored and used within Addlevel for ongoing and targeted direct marketing.
  • Data provided by using Addlevel’s digital services and offerings, along with data collected through the Google Analytics can be used to customize content, services, direct marketing, and advertising.
  • In each mailing you have the opportunity to unsubscribe from future mailings and the possibility to have your personal data deleted from the e-mail system.
  • The consent is valid until you as a subscriber terminate your subscription. Withdraw consent by contacting Addlevel on info@addlevel.se or by phone +46 8 10 40 00.

14. Addlevel Contact Information

Please contact us if you have questions about the Privacy Policy, the processing of your personal data or if you wish to request a register extract. Our contact information can be found below.

Addlevel

Odengatan 81

113 22 Stockholm

Phone: +46 8 10 40 00

info@addlevel.se

Data Protection Officer:

Phone: +46 8 10 40 00

dpo@addlevel.se