Cookies policy

Cookies Hero

Last Updated: April 1, 2024

General Data Protection Regulation (GDPR) Privacy Policy

Highnox (“us”, “we”, or “our”) operates the highnox.com website (the “Service”).
This GDPR Privacy Policy explains how we collect, use, and disclose personal data when you use our Service and outlines your rights under the General Data Protection Regulation (“GDPR”).

  1. Data Controller
    Highnox is the data controller responsible for your personal data.
  2. Information Collection and Use
    We collect several different types of personal data for various purposes to provide and improve our Service. The types of personal data we collect may include:
    Contact information (such as name, email address, phone number)
    Location data
    Usage data (such as IP address, browser type, pages visited)
    We collect this data when you:
    Visit our website
    Contact us through our website
    Sign up for newsletters or promotional materials
    Participate in surveys, contests, or promotions
    We use your personal data for the following purposes:
    To provide and maintain our Service
    To notify you about changes to our Service
    To provide customer support
    To gather analysis or valuable information to improve our Service
    To monitor the usage of our Service
    To detect, prevent, and address technical issues.

We may share your personal data with third-party service providers, including cloud hosting providers, payment processors, and analytics services, for the purpose of providing and improving our Service. We ensure that all third parties process personal data in compliance with GDPR and applicable data protection laws.

  1. Cookies

We use cookies and similar tracking technologies to enhance your experience on our website. These may include essential, analytical, and marketing cookies. You can manage your cookie preferences through our Cookie Policy, available here.”

  1. Legal Basis for Processing Personal Data
    We process personal data under the following legal bases:
    Consent: You have given us explicit consent to process your personal data for specific purposes.
    Contract: The processing is necessary for the performance of a contract with you or in order to take steps at your request prior to entering into a contract.
    Legal Obligations: The processing is necessary for compliance with a legal obligation to which we are subject.
    Legitimate Interests: The processing is necessary for our legitimate interests or the legitimate interests of a third party, unless overridden by your interests or fundamental rights and freedoms requiring the protection of personal data.
  2. Data Retention
    We will retain your personal data only for as long as is necessary for the purposes set out in this GDPR Privacy Policy. We will retain and use your personal data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.
  3. Data Subject Rights
    Under the GDPR, you have certain rights regarding your personal data, including:
    The right to access, update, or delete the information we have on you
    The right of rectification
    The right to object to processing
    The right of restriction
    The right to data portability
    The right to withdraw consent
    If you wish to exercise any of these rights, please contact us using the contact details provided below. We will respond to your request within a reasonable timeframe.
  4. Data Transfers
    Your information, including personal data, may be transferred to — and maintained on — computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction. If we transfer your personal data outside the European Economic Area (EEA), we ensure appropriate safeguards in accordance with GDPR. These safeguards may include:
  • An Adequacy Decision by the European Commission, confirming that the country ensures an adequate level of data protection.
  • Standard Contractual Clauses (SCCs) approved by the European Commission, which provide contractual guarantees for data protection.
  • Binding Corporate Rules (BCRs) implemented by our service providers, ensuring data protection within multinational organizations.
  • Other appropriate safeguards as permitted under GDPR, such as derogations where applicable.

A list of countries with an adequacy decision can be found here.

  1. Data Security
    We take appropriate security measures to protect your personal data from unauthorized access, alteration, disclosure, or destruction.
  2. Contact Us
    If you have any questions about this GDPR Privacy Policy, please contact us: 
    Highnox Business Solutions AB, info@highnox.com, + 46 8 400 307 00

Changes to This GDPR Privacy Policy
We may update our GDPR Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

  1. Right to Lodge a Complaint with a Supervisory Authority

If you believe that we have processed your personal data unlawfully, you have the right to lodge a complaint with the Swedish Data Protection Authority (Integritetsskyddsmyndigheten) or another relevant supervisory authority in the EU.

Contact details for Integritetsskyddsmyndigheten:
Website: https://www.imy.se
Phone: +46 8 657 61 00
Email: imy@imy.se