New release Apr 28
SV EN
Last updated: [DATE]

Privacy Policy

How Samnord collects, uses, and protects personal data.

This Privacy Policy explains how [LEGAL COMPANY NAME], [COMPANY REGISTRATION NUMBER], [ADDRESS] ("Samnord", "we", "us", or "our") processes personal data when you visit our website, use Samnord, contact us, or interact with us.

If you use Samnord through your employer, customer, contractor, or another organisation, that organisation may also be responsible for how your personal data is used in the service. In those cases, we may act as a processor on behalf of that organisation.

1. Who This Policy Applies To

This policy applies to website visitors, users of Samnord, customer contacts, supplier contacts, invited users, support contacts, and other people who interact with us.

2. Personal Data We Process

We may process the following categories of personal data:

  • Identity and contact details, such as name, email address, phone number, role, employer, and organisation.
  • Account details, such as login information, authentication method, language preference, user settings, and account status.
  • Service content, such as records, comments, assignments, documents, safety-related information, risk assessments, work tasks, site information, supplier information, and other data submitted to Samnord.
  • Usage and technical data, such as IP address, device information, browser type, pages viewed, log data, timestamps, and actions taken in the service.
  • Communication data, such as support requests, emails, feedback, and meeting notes.
  • Billing and commercial data, such as subscription details, invoice references, and customer relationship information.

3. How We Collect Personal Data

We collect personal data directly from you, from the organisation that invites or administers your account, from other users who add information to Samnord, from your use of the service, and from third-party services that you or your organisation choose to connect to Samnord.

4. Why We Process Personal Data

We process personal data for the following purposes:

  • To provide, secure, maintain, and improve Samnord.
  • To create and manage user accounts, organisations, roles, permissions, and invitations.
  • To support work management, supplier management, site management, safety documentation, risk assessments, and related workflows.
  • To provide customer support and respond to requests.
  • To communicate about the service, security, product changes, and administrative matters.
  • To manage subscriptions, billing, accounting, and customer relationships.
  • To monitor, prevent, and investigate misuse, fraud, security incidents, and technical problems.
  • To comply with legal obligations and establish, exercise, or defend legal claims.
  • To send marketing communications where permitted by law, with the option to unsubscribe.

5. Legal Bases

Depending on the context, we process personal data based on one or more of the following legal bases:

  • Performance of a contract, when processing is needed to provide Samnord or related services.
  • Legitimate interests, such as securing and improving the service, supporting customers, managing business relationships, and preventing misuse.
  • Legal obligation, when processing is required for accounting, tax, compliance, or other legal requirements.
  • Consent, for example for certain cookies, marketing preferences, or optional features where consent is required.

6. When We Act as Processor

When a customer organisation decides what personal data is entered into Samnord and why, the customer is usually the controller and we act as processor. In that case, we process the data according to the customer's instructions, our data processing agreement, and applicable data protection law.

If you have questions about personal data that your organisation controls in Samnord, you should contact that organisation first. We will support the organisation where required by law and contract.

7. Sharing Personal Data

We may share personal data with:

  • Service providers that help us host, operate, secure, support, analyse, and improve Samnord.
  • Customer administrators and authorised users within your organisation or connected organisations, according to the permissions configured in the service.
  • Professional advisers, such as lawyers, auditors, insurers, and accountants.
  • Authorities, courts, or other third parties where required by law or necessary to protect rights, safety, and security.
  • A buyer, investor, or successor if we are involved in a merger, acquisition, financing, restructuring, or sale of business assets.

We do not sell personal data.

8. International Transfers

We aim to use service providers located in the EU/EEA where practical. If personal data is transferred outside the EU/EEA, we use appropriate safeguards such as adequacy decisions, standard contractual clauses, and supplementary measures where required.

9. Retention

We keep personal data only for as long as needed for the purposes described in this policy, including to provide the service, comply with legal obligations, resolve disputes, maintain security, and enforce agreements.

Customer Data in Samnord is normally retained according to the customer's subscription, configuration, and instructions. Some data may remain in backups, logs, accounting records, or security records for a limited period.

10. Security

We use technical and organisational measures designed to protect personal data against unauthorised access, loss, misuse, alteration, and disclosure. No system is completely secure, and you are responsible for using strong credentials and managing access within your organisation.

11. Your Rights

Depending on the circumstances and applicable law, you may have the right to request access, rectification, erasure, restriction, portability, or objection to processing of your personal data. Where processing is based on consent, you may withdraw consent at any time.

You also have the right to lodge a complaint with a data protection authority. In Sweden, the authority is Integritetsskyddsmyndigheten (IMY). You may also contact your local supervisory authority in the EU/EEA.

12. Cookies

We use cookies and similar technologies as described in our Cookie Policy. Some cookies are necessary for the service to work. Others are used only where permitted by law or with your consent.

13. Children

Samnord is intended for business and professional use. It is not directed to children, and we do not knowingly collect personal data from children for marketing website purposes.

14. Changes to This Policy

We may update this Privacy Policy from time to time. If changes are material, we will provide reasonable notice. The latest version will be available on our website.

15. Contact

If you have questions about this Privacy Policy or want to exercise your rights, contact us at [PRIVACY EMAIL] or [POSTAL ADDRESS].