You have the right to object to our processing of personal data in certain respects, read more below under the respective purposes. It is important that you read and understand our privacy policy before using our services.
Explanation of personal data
A personal data is information that can be linked directly or indirectly, together with other data, to a living physical person. Some examples of personal data include name, address, telephone number, social security number and email address.
Personal data processing includes all processing of personal data, such as collection, analysis, modification, registration and storage.
The controller is the person who, alone or jointly with others, determines the purposes and means of processing the personal data and is responsible for ensuring that such processing takes place in accordance with applicable law
Information we collect and why
From what sources do we collect your personal data?
In addition to the data you provide to us, we also collect data from the SPAR register as well as the credit information obtained for the company you have chosen to register with Dicopay via Creditsafe AB (credit reporting company).
Registration in the Dicopay mobile app
Purpose:
To be able to provide Dicopay's simple billing app. In order for Resurs Bank to offer its services
Treatments performed
Identity check. Registration about user account. Analysis of data on business involvement, as well as data in credit control. Forwarding of data for registration to Resurs Bank AB, which we cooperate with in accordance with Resurs Bank's basic requirements for entrepreneurs. PEP control (person in political position) on behalf of Resurs Bank AB. Control against EU and UN sanctions lists on behalf of Resurs Bank AB. Contact via email, SMS and, where applicable, telephone.Verify identity with BankID. Customer Service Management.
Categories of personal data
Name, Social Security Number, Mobile Number, Address, Email, IP Number, Corporate Involvement Information, Account Number and Bankgiro. Information from credit control (only verification of the company to be registered)
Legal basis:
Legitimate interest in maintaining customer security and preventing fraud. We do this processing on the basis of a so-called balance of interests where we assess that the processing does not significantly violate your privacy.
Your right to object to the processing:
This processing of your personal data is necessary for Dicopay to perform its service in cooperation with Resurs Bank AB. If you wish to object to this type of treatment, we are unfortunately unable to offer our service.
Storage period:
We process your data for this purpose as long as you have an active registration with Dicopay or through Dicopay an active transaction with Resurs Bank AB or former partner Intrum Finans AB. We assess a user who registered or started the registration in Dicopay using BankID to be inactive 36 months after the last opening of the app. We delete all information 36 months after your relationship with Dicopay is deemed to have ended. This also includes telephone customer service and support requests made via email for ongoing use of the service.
Other customer service by phone, email and chat history will be deleted on an ongoing basis.
Marketing:
Purpose:
To be able to promote Dicopay's service and ancillary services
Treatments performed.
Segmentation
Email mailing from Dicopay
SMS mailing from Dicopay
Direct-addressed letters
Marketing analysis
Categories of personal data
Name
Mobile number
E-mail address
Geographical area
Legal basis:
Legitimate interest in promoting our services. We do this processing on the basis of a so-called balance of interests where we assess that the processing does not significantly violate your privacy.
Your right to object to the processing:
We protect your privacy and promise not to process your personal data for this purpose if you no longer wish to. Contact us at support@dicopay.com and we will remove your information.
Storage period:
We process your data for this purpose as long as you have an active registration with Dicopay or through Dicopay an active transaction with Resurs Bank AB or our former partner Intrum Finans AB. We assess a user who registered or started the registration in Dicopay using BankID to be inactive 36 months after the last opening of the app. We delete all information 36 months after your relationship with Dicopay is deemed to have ended.
We delete the processing of address for direct mail 36 months after the end of your relationship with Dicopay.
Purpose:
To promote Dicopay's service on Facebook and Google's advertising network
Treatments performed.
Creation of “lookalike” audiences and custom audiences on Facebook.
Creation of “Similar audience” on the Google Adwords advertising network.
Categories of personal data
E-mail address
Which other companies may have access to your personal data?
Facebook Inc, HubSpot and Google Inc.
Legal basis:
Legitimate interest in promoting our services. We do this processing on the basis of a so-called balance of interests where we assess that the processing does not significantly violate your privacy. Dicopay AB | Linnégatan 26, 114 47 Stockholm | Org No: 559108-7787
Your right to object to the processing:
We protect your privacy and promise not to process your personal data for this purpose unless you wish to. Contact us at support@dicopay.com and we will remove your information.
Storage period:
We process your data for this purpose as long as you have an active registration with Dicopay or through Dicopay an active transaction with Resurs Bank AB or former partner Intrum Finans AB. We assess a user who registered or started the registration in Dicopay using BankID to be inactive 36 months after the last opening of the app. We delete all information 36 months after your relationship with Dicopay is deemed to have ended.
Countering fraud
Purpose
Treatments performed
Treatments performed
To be able to ensure the safety of the customer and prevent fraud. Analyze data against data for suspicious activities.
Categories of personal data:
Name
Social Security Number
IP number
Phone number
Address
E-mail address
Legal basis:
Legitimate interest in maintaining customer security and preventing fraud. This processing of your personal data is carried out on the basis of a so-called balance of interests where we consider that the processing does not significantly violate your privacy.
Your right to object to the processing:
We protect your privacy and you can question our processing at any time by contacting us at support@dicopay.com. Please note that for this purpose, we have the right to continue to assert that our legitimate interest in the processing outweighs the balance of interests.
Storage period:
We process your data for this purpose as long as you have an active registration with Dicopay or through Dicopay an active transaction with Resurs Bank AB or former partner Intrum Finans AB. We assess a user who registered or started the registration in Dicopay using BankID to be inactive 36 months after the last opening of the app. We delete all information 36 months after your relationship with Dicopay is deemed to have ended.
Where do we process your personal data?
We always strive for your personal data to be processed within the EU/EEA and all our own IT systems are located within the EU/EEA. When it comes to operation and maintenance, we use personal data processors based in Sweden.
However, in the case of systemic support and maintenance, we may be required to transfer the information to a country outside the EU/EEA, for example if we share your personal data with a data processor that, either by itself or through a subcontractor, is established or stores information in a country outside the EU/EEA. In these cases, the assistant may only access the information relevant to the purpose (e.g. log files). In these cases, we have entered into so-called personal data processing agreements that allow us to have control over our information assets.
Regardless of the country in which your personal data is processed, we take all reasonable legal, technical and organisational measures to ensure that the level of protection is the same as in the EU/EEA. In cases where personal data are processed outside the EU/EEA, the level of protection is guaranteed either by a decision of the European Commission that the country concerned ensures an adequate level of protection or the use of so-called appropriate safeguards. Examples of appropriate safeguards are the accepted code of conduct in the recipient country, standard contractual clauses.
What rights do you have as a data subject?
You have the right to receive a so-called register extract.
We are always open and transparent about how we process your personal data and if you want to gain a deeper insight into what personal data we process about you, you can request access to the data.
Right of restriction:
You have the right to request that our processing of your personal data be restricted. If you dispute the accuracy of the personal data we process, you can request a limited processing for the time we need to verify the accuracy of the personal data. If we no longer need the personal data for the purposes set out, but you need it in order to establish, assert or defend legal claims, you can request limited processing of the data from us. This means that you can request that we do not delete your data.
Right to object to certain types of treatment:
You always have the right to refrain from marketing and to object to any processing of personal data based on a balance of interests. See more about the specific legal bases under the respective purposes. If you object to direct marketing, we will cease processing your personal data for that purpose as well as cease all types of direct marketing measures.
Right to data portability:
If our right to process your personal data is based either on your consent or the performance of a contract with you, you have the right to request that the data concerning you that you have provided to us transferred to another controller (so-called data portability). A prerequisite for data portability is that the transmission is technically feasible and can be automated.
Right to erasure:
In some cases, you have the right to have your personal data erased, for example if the personal data is no longer necessary for the purposes for which it was collected. Please note that in some cases Dicopay is required to save certain information by law and thus may not delete information. See for more information under the respective purposes.
Right to rectification:
You have the right to have inaccurate personal data about you corrected without undue delay. Depending on the purpose of the processing, you also have the right to complete incomplete personal data. Dicopay AB | Linnégata 26, 114 47 Stockholm | Org no.: 559108-7787. You exercise your rights by contacting us. Send us a message to påsupport@dicopay.com and specify what purposes or treatments you would like us to end with.
What are cookies and how do we use them?
We use local data storage, which means that different types of data are stored locally on your device (e.g. computer, mobile phone or tablet) via your browser. One type of local storage of data is cookies. A cookie is a small text file stored on your device (e.g. computer, mobile phone or tablet) which enables us to recognise your browser. Cookies do not contain any directly identifiable information about you (such as name, address, telephone number, etc.) but only information about your browser and the activity that has taken place through the browser. We also use other similar technologies such as pixel tags. These are technologies that can recognize cookies and other identifiers and that allow third parties to place cookies on your device. In this document, the term “local data storage” is used as a collective name for cookies, pixel tags and other similar technologies.
Some local storage of data is necessary for you to use Dicopay's service. This applies, for example, to information about your preferences, which shows us how to present the questions in your browser. We also use various measurement tools that provide us with statistics and analyses regarding behavior on Dicopay's website. Furthermore, we use information we have collected and analyzed to develop and improve the Dicopay website and to verify that it is working properly.
Can you control the use of cookies yourself?
Yay! Your browser or device allows you to change the settings for the use and scope of cookies. Go to your browser or device settings to learn more about how to adjust your cookie settings. Examples of things you can adjust are blocking all cookies, accepting only first-party cookies, or deleting cookies when you close your browser. Please note that some of our services may not work if you block or delete cookies. You can read more about cookies on the Swedish Post and Telecommunications Administration's website, www.pte.se.
How is your personal data protected?
We use IT systems to protect the confidentiality, privacy and access to personal data. We have taken special security measures to protect your personal data against unlawful or unauthorized processing (such as unauthorized access, loss, destruction or damage). Only those persons who actually need to process your personal data in order for us to fulfill our stated purposes have access to them. What does it mean that the Danish Data Protection Authority is a supervisory authority? The Swedish Data Protection Authority is responsible for monitoring the application of personal data legislation. If you, as an individual, believe that Dicopay handles personal data incorrectly, you can file a complaint with the Swedish Data Protection Authority.
Contact for questions about personal data protection?
If you have any questions about Dicopay's processing of personal data, please send an email to support@dicopay.com. Dicopay AB | Linnégatan 26, 114 47 Stockholm | Org no.: 559108-7787. Dicopay has a Data Protection Officer whose task is to ensure that Dicopay's processing of personal data is correct and compliant with applicable regulations. You can reach Dicopay's Data Protection Officer by sending an email to: gdpr@dicopay.com
Modifications
We may make changes to our privacy policy. Stay up to date on Dicopay's website where you can read the current privacy policy. Last updated: 2020-07-01 The controller is Dicopay AB, org. number 559108-7787, Linnégatan 26, 114 47 Stockholm. Dicopay is an independent public limited company but not publicly listed. If you have any questions, you can always contact us at support@dicopay.com.
Last modified 2020-07-01
