Update date: April 13th, 2022
We respect your right to privacy and adhere to highest data protection standards.
Please read this document carefully. If you have any questions about our data protection practices, please contact us.
- GENERAL INFORMATION
- TYPES AND PURPOSES OF PERSONAL DATA
- NON-PERSONAL DATA
- RETENTION PERIOD
- SHARING AND DISCLOSING DATA
- INTERNATIONAL TRANSFERS OF PERSONAL DATA
- PROTECTION OF PERSONAL DATA
- EXERCISING YOUR RIGHTS
- THIRD PARTIES
- TERM, TERMINATION, AND AMENDMENTS
1. GENERAL INFORMATION
1.2Data controller and data processor. PasswordHero is owned, operated, and offered by Adventrum AB with a registered business address at KARLAVÄGEN 86 115 22 STOCKHOLM (“we”, “us”, or “our”). We act in the capacity of a data controller with regard to the personal data collected through PasswordHero.
1.4Children. PasswordHero is not intended for use by children (i.e., persons who are minors in their country of residence). Therefore, we do not knowingly collect minors’ personal data.
2. TYPES AND PURPOSES OF PERSONAL DATA
When you visit PasswordHero, we collect a minimal amount of personal data that is used for specified and limited purposes. In this section, we explain what types of personal data we collect from you, for what purposes we use that data, and on what legal bases we rely when processing your personal data.
2.3 Types and purposes of your personal data. The list below provides a detailed description of the types of personal data that we collect from you, the purposes for which we use it, and the legal bases on which we rely when processing your personal data.
- Email enquiries. When you contact us by email, we collect your name, email address, and any information that you decide to provide in your message. We use such data to respond to your enquiries and provide you with the requested information. The legal bases on which we rely are ‘pursuing our legitimate business interests’ (i.e., to grow and promote our business) and ‘your consent’ (for optional personal data).
- Comments. When you post a comment under a blog post available on PasswordHero, we collect your name, email address, and any information that you decide to provide in your comment. We use such personal data to feature your comment, ensure compliance with our legal terms and applicable laws, prevent abuse and scam, and ensure the security of PasswordHero. The legal bases on which we rely are ‘pursuing our legitimate business interests’ (i.e., to protect our business) and ‘your consent’ (for optional personal data).
2.4 Sensitive data. We do not collect or use any special categories of personal data (“sensitive data”) from you, unless you decide, at your own discretion, to provide such data to us. Sensitive data is information that relates to your health, religious and political beliefs, racial origins, membership of a professional or trade association, or sexual orientation.
2.5 Refusal to provide personal data. If you refuse to provide us with your personal data when we ask to, we may not be able to perform the requested operation and you may not be able to use the full functionality of PasswordHero, receive our services, or get our response. Please contact us immediately if you think that any personal data that we collect is excessive.
3.1 General information about cookies. A cookie is a small piece of data typically consisting of letters and numbers. When you visit a website, the website may send a cookie to your browser. Subsequently, the browser may store the cookie on your computer or mobile device for certain period of time. Cookies are designed to allow the recognition of your device and collection of certain information about your use of a website. Thus, over time, cookies allow websites to “remember” your actions and preferences. There are several types of cookies, namely, (i) persistent cookies, which remain valid until deleted by you, (ii) cookies that remain valid until their expiration date, and (iii) session cookies that are stored on a web browser and remain valid until the moment the browser is closed. Cookies may also be (i) first-party cookies (set by the website itself) and (ii) third-party cookies (placed by third-party websites).
3.2 Cookies that we use. We use different types of cookies, including:
- Technical (strictly necessary) cookies that are essential to ensure the correct functioning of PasswordHero, and to provide the services requested by you;
- Marketing cookies that allow us to create, implement, and examine our marketing campaigns. Such cookies allow us to reach the right customers, analyse the productivity of our marketing campaigns, and offer you personalised advertisement; and
- Statistics cookies that allow us to generate statistical reports about how you use PasswordHero.
Below, you can find a list of cookies that we use on PasswordHero, including their purpose and expiration time:
|_ga||First-party HTTP cookie||PasswordHero
|2 years||The cookie is used to set a unique ID that is used to generate statistical data on how you use PasswordHero.|
|_gat||First-party HTTP cookie||PasswordHero
|1 day||The cookie is used by Google Analytics to throttle request rate.|
|_gid||First-party HTTP cookie||PasswordHero
|1 day||The cookie is used to set a unique ID that is used to generate statistical data on how you use PasswordHero.|
|_fbp||First-party HTTP cookie||PasswordHero
|3 months||The cookie is used by Facebook to deliver a series of advertisement from third-party advertisers.|
|ads/ga-audiences||Third-party pixel cookie||google.com
(The United States)
|End of session||The cookie is used by Google Adwords to re-engage visitors that are likely to convert to customers based on their online behaviour.|
|fr||Third-party HTTP cookie||facebook.com
(The United States)
|3 months||The cookie is used by Facebook to deliver advertising products like real-time bidding from third-party advertisers.|
|google_experiment_mod#||First-party HTML cookie||PasswordHero
|Persistent||The cookie is used by Google Adsense for experimenting with advertisement efficiency across websites using their services.|
|IDE||Third-party HTTP cookie||doubleclick.net
(The United States)
|1 year||The cookie is used by Google DoubleClick to register and report your actions after viewing or clicking one advertising with the purpose of measuring the efficacy of the advertising and deliver you targeted advertising.|
|test_cookie||Third-party HTTP cookie||doubleclick.net
(The United States)
|1 day||The cookie is used to check if your browser supports cookies.|
|pagead/1p-user-list/#||Third-party pixel cookie||google.com
(The United States)
|End of session||Unclassified|
|goog_pem_mod||First-party HTML cookie||PasswordHero
3.4 Disabling cookies. When we ask you to provide your consent to our use of marketing cookies, you have the freedom not to provide such consent. If you would like to refuse our use of non-essential cookies, you can do it at any time by declining cookies in your browser or device. For more information, you can consult the cookie management instructions of your browser:
- Apple Safari: https://support.apple.com/en-gb/guide/safari/manage-cookies-and-website-data-sfri11471/mac
- Google Chrome: https://support.google.com/chrome/answer/95647
- Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
- Internet Explorer: https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies
- Microsoft Edge: https://support.microsoft.com/en-us/help/4468242/microsoft-edge-browsing-data-and-privacy-microsoft-privacy
3.5 Google Analytics. To analyse your use of PasswordHero, we use Google Analytics, the business analytics service provided by Google Inc. located in the United States (“Google”). Google generates statistical information by means of cookies and creates reports about your use of PasswordHero. The cookies served by Google Analytics are anonymous first-party cookies that do not allow us to identify you in any manner. The information generated by cookies will be transmitted to and stored by Google on servers in the United States. To ensure your privacy, your IP address will be anonymised and Google will not combine your IP address with other information Google holds about you. Thus, Google will not be able to identify you. In certain cases (e.g., when required by law or when third parties conduct services on behalf of Google), Google may transfer the information to third parties. For more information about Google Analytics’ privacy practices, please visit https://support.google.com/analytics/answer/6004245. If you would like to opt-out from Google Analytics, you can do so by installing a Google Analytics opt-out browser add-on available at https://tools.google.com/dlpage/gaoptout?hl=en.
3.6 Interest-based advertising. You may encounter targeted interest-based advertising based on your use of PasswordHero and other websites on the Internet. Such advertisement is served by the advertising network “Google Adsense”. You can control how such advertising is shown to you or opt-out from targeted advertising by consulting the guide powered by the Digital Advertising Alliance available at https://youradchoices.com. For more information on opting-out from advertising features on your device, please visit https://www.networkadvertising.org .
4. NON-PERSONAL DATA
When you use PasswordHero, we receive some technical data for analytics purposes. In this section, we inform you what non-personal data we collect from you and for what purposes we use that data.
4.1 Log files and analytics data. In order to analyse your use of PasswordHero, we collect and use third-party analytics services (e.g., Google Analytics) to automatically collect certain technical non-personal data (log files and analytics data) about your use of PasswordHero. Such data does not allow us us to identify you in any manner. The non-personal data collected by us and third-party analytics providers includes the following information:
- Your activity on PasswordHero;
- IP address in an anonymised form;
- Browser type;
- Internet service provider;
- Referring/exit pages;
- Date/time stamps;
- Device number;
- Device screen information; and
- Preferred language.
4.2 Your feedback. If you contact us, we may keep records of any questions, complaints, recommendations, or compliments made by you and the response, if any. Where possible, we will de-identify your personal data (i.e., we will remove all personal data that is not necessary for keeping such records).
4.3 Purposes of non-personal data. We will use non-personal data for the following purposes:
- To analyse what kind of users use PasswordHero;
- To examine the relevance, popularity, and engagement rate of PasswordHero;
- To investigate and help prevent security issues and abuse;
- To develop and provide additional features to PasswordHero; and
- To personalise PasswordHero for your specific needs.
4.4 Aggregated and de-identified data. In case your non-personal data is combined with certain elements of your personal data in a way that allows us to identify you, we will handle such aggregated data as personal data. If your personal data is aggregated or de-identified in a way that it can no longer be associated with an identified or identifiable natural person, it will not be considered personal data and we may use it for any business purpose.
5. RETENTION PERIOD
We store your personal data for the time period it is necessary for its purposes. In this section, we specify the retention periods for your personal and non-personal data stored in our systems.
5.3 Retention as required by law. In instances when we are obliged by law to store your personal data for certain period of time (e.g., for business records purposes), we will store your personal data for the time period stipulated by the applicable law and delete the personal data as soon as the required retention period expires.
6. SHARING AND DISCLOSING DATA
We cooperate with external service providers and share some personal data with them. In this section, you can find information about third parties that have access to your personal data and the instances when we make data transfers.
6.1 Disclosure to data processors. If necessary, we will disclose your personal data to the service providers with whom we cooperate (our data processors). For example, we may share your personal and non-personal data with entities that provide certain technical support services to us, such as hosting and email services. We do not sell your personal data to third parties. The disclosure is limited to the situations when such data is required for the following purposes:
- Ensuring the proper operation of PasswordHero;
- Ensuring the delivery of the services requested by you;
- Providing you with the requested information;
- Pursuing our legitimate business interests;
- Enforcing our rights, preventing fraud, and security purposes;
- Carrying out our contractual obligations;
- Law enforcement purposes; or
- If you provide your prior consent to such a disclosure.
- Our hosting and cloud storage service provider AWS (https://aws.amazon.com) located in the United States;
- Our email service provider Google (https://gmail.com) located in the United States;
- Our analytics service provider Google Analytics (https://analytics.google.com/analytics/) located in the United States; and
- Our advertising network Google Adsense (https://www.google.com/adsense/start/) located in the United States.
6.3 Disclosure of non-personal data. Your non-personal data may be disclosed to third parties for any purpose. For example, we may share it with prospects or partners for business or research purposes, for improving PasswordHero, responding to lawful requests from public authorities or developing new products and services.
6.4 Legal requests. If requested by a public authority, we will disclose information about the users of PasswordHero to the extent necessary for pursuing a public interest objective, such as national security or law enforcement.
7. INTERNATIONAL TRANSFERS OF PERSONAL DATA
Your personal data may be transferred outside the country where you reside. In this section, we explain when we transfer personal data abroad and what safeguards we implement to ensure that your personal is properly protected.
8. PROTECTION OF PERSONAL DATA
We strive to ensure that your personal data is kept safe and secure. In this section, we inform you about our measures that help us to protect your personal data.
8.1 Security measures. We implement organisational and technical information security measures to protect your personal data from loss, misuse, unauthorised access, and disclosure. The security measures taken by us include secured networks, SSL protocol, strong passwords, limited access to your personal data by our staff, and anonymisation of personal data (when possible). In order to ensure the security of your personal data, you are requested to use PasswordHero through a secure network only.
8.2 Security breaches. Although we put our best efforts to protect your personal data, given the nature of communications and information processing technology and the Internet, we cannot be liable for any unlawful destruction, loss, use, copying, modification, leakage, and falsification of your personal data caused by circumstances that are beyond our reasonable control. In case a serious breach occurs, we will take reasonable measures to mitigate the breach, as required by the applicable law. Our liability for any security breach will be limited to the highest extent permitted by the applicable law.
9. EXERCISING YOUR RIGHTS
You have the right to control how we process your personal data. Below, we list the rights that you can exercise with regard to your personal data and explain how you can exercise those rights.
9.1 The list of your rights. Subject to any exemptions provided by law, you may ask us to:
- Get a copy of your personal data that we store;
- Get a list of purposes for which your personal data is processed;
- Rectify inaccurate personal data;
- Move your personal data to another processor;
- Delete your personal data from our systems;
- Object and restrict processing of your personal data;
- Withdraw your consent, if you have provided one; or
- Process your complaint regarding your personal data.
9.2 How to exercise your rights? If you would like to exercise any of your rights listed in section 9.1, please contact us by email at [email protected]and explain in detail your request. In order to verify the legitimacy of your request, we may ask you to provide us with an identifying piece of information, so that we would be able to identify you in our system. We will answer your request within a reasonable time frame but no later than 2 weeks.
9.3 Complaints. If you would like to launch a complaint about the way in which we handle your personal data, we kindly ask you to contact us first and express your concerns. After you contact us, we will investigate your complaint and provide you with our response as soon as possible. If you are not satisfied with the outcome of your complaint, you have the right to lodge a complaint with your local data protection authority.
10. THIRD PARTIES
11. TERM, TERMINATION, AND AMENDMENTS
Email: [email protected]
Postal address for communication: Adventrum AB, KARLAVÄGEN 86 115 22 STOCKHOLM