Privacy Statement - Visma Kreditupplysning

When using Visma Kreditupplysning, personal data about you is processed. This Privacy Statement is made to help you understand what personal data is collected, why it is collected and how Visma Spcs /and our respective resellers/  handles, protects, stores, exports, and deletes your personal data. 

Personal data is any information relating to an identified or identifiable natural person, such as an email address, street address, phone number, etc.

Visma Kreditupplysning is a  cloud service providing creditchecks in Sweden. It is also an integrated service in Visma eAccounting, Visma Administration and Compact in Sweden.

1. Visma Spcs as a Processor

For the personal data you enter into the Visma Kreditupplysning and that is processed there, you are the datacontroller. Visma Spcs does in such cases act as a data Processor and processes the data on behalf of and according to instructions given by you. For more information regarding this and an updated list of our sub-processors for Visma Kreditupplysning please visit: https://www.visma.com/trust-centre-products/visma-kreditupplysning. ‍You are always welcome to request an overview and more detailed information on Visma’s processors. For how to contact us, please see the last section of this statement.

2. Visma Spcs as a Controller

In some cases, Visma Spcs will be the data Controller for your personal data. This is when  Visma Spcs determines the purposes and means of the processing of personal data, for example for improving the application, marketing and security purposes. 

When Visma Spcs is the Controller for your personal data in this application, the sections below apply. You can also find Visma Spcs’ general privacy statement https://vismaspcs.se/integritetspolicy

3. Information about processing of personal data where Visma Spcs is the controller


3.1. What personal data do we process?

The type of personal data that Visma Spcs processes about you may be:

  • Basic personal information Your name and email address ( used for login, and for the company’s administrator to monitor who performs creditchecks on that company/individual)
  • User and web traffic information login ID, username, and IP address
  • System monitoring IP addresses

3.2. How is personal data collected? 

In general, Visma Spcs collects personal data directly from you. If the Customer purchases Visma Spcs products or services via a Visma Spcs partner company, we may collect information about you from the partner company. 
Visma Spcs will also use cookies and other tracking technologies such as Application Insights when you use our applications/services, in order to optimise your experience of Visma Spcs and our products.

Why do we process personal data?

This Privacy Statement applies when Visma Spcs process your personal data for the following purposes:

Support and improvement of services

  • Improve and develop the quality, functionality and user experience of our products

Security

  • Detect, mitigate and prevent security threats and abuse, and perform maintenance and debugging

3.3. What is the legal basis for processing your personal data?

Visma Spcs has a legitimate interest when we process your data for security, support, and improvement purposes. Your personal data is processed from a business perspective in a manner that we believe does not conflict with your privacy rights or freedoms.

3.4. How is your personal data shared?

Visma Spcs is a part of the Visma Group. As Visma consists of many different subsidiaries, it is important for us that we provide the best possible overall experience for you. In order to maintain an overview and insight,  Visma Spcs may share your personal data across companies in the Visma Group.

Visma Spcs may also share your personal data with external third parties in the following contexts:

Business partners

Visma Spcs may share your personal information with our partners in the event this is legitimate from a business perspective and according to applicable privacy legislation.

Public authorities

The police and other authorities may request access to personal information from Visma Spcs. In these cases, Visma Spcs will only provide the data if there is a court order etc. to do so.

3.5. Use of processors

When using processors, Visma Spcs will enter into a data processing agreement in order to safeguard your privacy rights. If processors are located outside the EU/EEA, Visma Spcs ensures legal grounds for such international transfers on your behalf, hereunder by using the EU Model Clauses.

You are always welcome to request an overview and more detailed information on Visma Spcs’s processors. For how to contact Visma Spcs, please see the last section of this statement.

3.6. How long is your data stored?

Visma  Spcs will only store your personal information for as long as necessary to fulfil the purpose of processing, but in most cases never longer than 3 years since your last registered activity.

Your personal data may be subject to different retention policies based on the type of data and the purpose of collecting it. For further information regarding deletion, feel free to contact Visma Spcs (see contact information in the last section of this statement).

3.7. What are your rights?

You can invoke the following rights in relation to our processing of your personal data:

  • Access. You have the right to request a copy of personal data we process about you.
  • Rectification. You also have the right to request Visma to rectify inaccurate personal data concerning you. If you have an account with Visma for a Visma Site, this can usually be done through the appropriate "your account" or "your profile" sections on the applicable Visma Site or service.
  • Deletion. You can request Visma to delete personal data relating to you.
  • Restriction. You may ask us to restrict the processing of your personal data.
  • Portability.  You may ask us to provide you or others with your personal data in a structured, commonly used and machine-readable format.
  • Object. On grounds relating to your particular situation, you have the right to object to our processing of your personal data on the basis of legitimate interests or for direct marketing purposes. You also have the right to object to our processing of your personal data for the performance of tasks carried out in the public interests or in the exercise of official authority or based on legitimate interests. 

Please note that there may be certain exceptions or limitations to the abovementioned rights which could apply depending on the specific circumstances of your situation. In such cases, we will provide you with detailed information about the applicable exception or limitation and help you exercise your rights to the fullest extent possible, in accordance with applicable laws and regulations.

Please go to https://vismaspcs.se/integritetspolicy to file requests as mentioned in this section.

Finally, you also have a right to file a complaint to the data protection authorities with regards to our processing of your personal data. 

4. How to contact us

If you have any questions regarding our processing of your personal data please contact our data protection manager, Mehrnaz Ataei via [email protected]