Privacy Policy
Updated 20 June 2024
1. Intro
At Safello, we are committed to protecting the privacy of our users. This privacy policy outlines the types of personal data we collect and process, as well as the measures we take to ensure the protection of this data. Safello is the data controller for the personal data we collect and process. This means that we are responsible for ensuring that the processing of personal data is carried out in accordance with the General Data Protection Regulation (GDPR). This Privacy Policy applies to all entities within the Safello Group (Safello Technology AB, Safello AB and Rational money AB) and covers the processing of customer data as well as other relationships such as, but not limited to, contact persons, service providers, authorized persons, visitors, ultimate beneficial owners and beneficiaries.
2. Types of Personal Data Collected
We collect personal data from our users in order to provide them with the services they request. This personal data includes:
• Contact and personal information, such as name, email address, home address, social security number and phone number.
• Financial information, such as credit card, bank account numbers, bank account statements and any personal data proofing origin of wealth/funds.
• Demographic information, such as age, gender and location.
We also process online identifiers such as IP addresses, MAC addresses or similar provided by website visitors. In order to get a better understanding of how our customers experience our email communication, we also process information about how you interact with our emails. The information collected is opened e-mails and clicks.
3. Purposes of processing personal data and legal ground
We process personal data for the following purposes:
• To fulfill the terms of the agreement between our customers and Safello, in order to provide the services and execute the processing of transactions on behalf of our customers
• To communicate with users about their accounts and the services we provide for information and marketing purposes
• To improve our services and ensure their proper functioning
The primary legal ground for processing personal data is the fulfillment of the agreement between the user and our company.
Furthermore, Safello must also process personal data to fulfill obligations according to law, other constitutions or authority decisions. In addition, the legal basis for the processing of personal data is a balancing of interests, where Safello’s legitimate interests consist of e.g. marketing, analysis and product development.
4. SUB-processors and sharing of personal data
In order for Safello to fulfill legal obligations, such as reporting to authorities, Safello might need to share your personal data with authorities. Furthermore, Safello might share your personal data with third parties that Safello collaborates with. When sharing your personal data to a third party that does not constitute an authority, Safello will still be responsible for the processing of your personal data and the processing of data will be regulated via a Data Processing Agreement.
Transfer of personal data to a third country only takes place under the condition that an adequate level of protection exists or that suitable protection measures have been taken.
5. Data security
We take appropriate measures to protect personal data from unauthorized access, alteration or destruction. These measures include the use of secure servers and encryption of sensitive data.
6. Data subjects rights according to GDPR
Under the General Data Protection Regulation (GDPR), data subjects have the following rights in relation to their personal data:
• Receive information about which personal data we process about you (register extract)
• Request correction of incorrect and incomplete information
• Request deletion or restriction of processing, unless Safello has to save the data due to the relationship between you and Safello or due to legislation,
• Object to the processing of personal data based on Safello’s legitimate interest, for example direct marketing and profiling (profiling means that your personal data is analyzed to, for example, give you special offers), or consent.
• Obtain certain personal data in a machine-readable format and, if technically possible, transfer the personal data to another personal data controller (so-called data portability)
7. Data retention
Safello will retain personal data as long as necessary to fulfill the purpose for which it was collected or as required by law.
8. Cookies
Cookies are small data files of information that our website transfers to your hard drive or mobile device to store and sometimes track information about you. Read more about how Safello uses cookies in Safello’s Cookie Policy.
9. Changes to this Privacy Policy
We reserve the right to make changes to this privacy policy at any time. Any changes we make will be posted on this page and, if necessary, notified to you by email. Please check back regularly to stay informed of any updates.
10. Personal data breach
If you have questions about Safello’s processing of personal data, would like to submit a deletion request or use any other of your rights as a data subject in section six (6) of this Privacy Policy please contact Safello’s Customer Support via the website, www.safello.com, or via e-mail to support@safello.com.
To get in contact with Safello’s Data Processing Officer, send an e-mail to: dataprotection@safello.com or, via mail: Att: DPO, Safello AB, Box 638, 114 11, Stockholm.
If you would like to get in contact with Integritetsskyddsmyndigheten (IMY), please visit www.imy.se/en.