WHO WE ARE
(i) the Trygg Mobile Application and any updates or supplements to it; and/or
(ii) the Trygg Security Platform that interacts with the Mobile Application.
The Mobile Application and the Security Platform are collectively referred to herein as “Trygg”.
Your duty to us. It is important that the personal data We hold about you is accurate. Please keep Us informed if your personal data changes during Our relationship with you.
TYPES OF PERSONAL DATA WE COLLECT
We may collect, use, store and transfer different kinds of personal data about you as follows:
- Identity Data: your username or similar identifier as specified by yourself or your employer’s Security Manager.; Your email address.; Your first name and/or surname if specified by yourself or your employer’s Security Manager.
- Device Data: your type of mobile device and your mobile operating system;
- Content Data: photos you upload to Trygg;
- Profile Data: your username, password, feedback and any survey responses;
- Usage Data: details of your use of Trygg such as page views; and
- Location Data: Trygg uses wireless (Wifi/3G/4G) and/or GPS (satellite) data to determine your location.
We do not collect any other personal data about you.
HOW AND WHEN WE COLLECT YOUR PERSONAL DATA
We will collect and process the following personal data about you:
- Information you give Us. This is information (including Identity Data) that you consent to giving Us about you by filling in forms on Trygg or by corresponding with Us. It includes information that you provide when you download Trygg and when you report a problem about Trygg to Us.
- Information We collect about you and your device. Each time you use Trygg We will automatically collect personal data including Device, Content and Usage Data.
- Location Data. Many of Trygg’s core features require Us to determine your location. You will be asked to consent to your location data being used for this purpose when you download Trygg. You can withdraw your consent at any time by disabling location settings on your device but doing so may materially impair your use of Trygg.
PURPOSES FOR WHICH WE WILL USE YOUR PERSONAL DATA
We will only use your personal data for certain specified reasons and when the law allows Us to do so. Below are the reasons We use your personal data and the lawful bases for Our doing so. The lawful bases are explained in the following section.
Registering your account. When you register with Trygg, We will use the details you use to complete any registration fields. Our lawful basis for this use of your data is: performing Our contract with you.
Keeping Trygg running. We use your data to provide you with Trygg, to provide login authentication, to remember your settings, for hosting and for back-end infrastructure. Our lawful bases for this use of your data are: performing our contract with you and our legitimate interest to keep Trygg running.
Enabling you to communicate with other Trygg users. Certain parts of Trygg enable you to interact with other users within your team. We will use data you have provided to enable these interactions. Our lawful basis for this use of your data is: performing our contract with you.
Fraud and unlawful activity detection and prevention. We may use your data to enforce our policies, protect our clients and business, maintain the competitive integrity of Trygg and to investigate and prevent unauthorised or unlawful activity. Our lawful bases for this use of your data are: our legitimate interests to operate a safe and lawful business or where we have a legal obligation to do so.
Support. We may use your data when handling enquiries or complaints, solving technical issues or making changes to Trygg. Our lawful bases for this use of your data are: performing our contract with you and our legitimate interests to provide you with customer service.
Improving and developing Trygg. We may use your data in our analytics and research. Our lawful bases for this use of your data are: performing our contract with you and our legitimate interests in learning about the types of people who are interested in Trygg and, to develop our business.
Surveys. We may use your data to process your survey entries, should you decide to participate in them. Our lawful bases for this use of your data is: your consent or performing our contract with you.
Marketing. We may use your data to send you communications about Trygg that you have agreed to receive. Our lawful bases for this use of your data are: your consent or our legitimate interests to lawfully provide you with marketing communications.
WHAT THE DIFFERENT LAWFUL BASES MEAN
This section explains what the lawful bases we rely on for processing your personal data actually mean:
Consent. You have provided us clear and unambiguous consent for us to process your personal data for a specific purpose. You have the right to withdraw this consent at any time.
Contract. We need to process your personal data for us to fulfil our contractual relationship with you.
Legitimate interests. We need to process your personal data for our legitimate interests, or the legitimate interests of a third party, in conducting and managing our business and our relationship with you. Where we use your data for our legitimate interests, we make sure that we take into account any potential impact that such use may have on you.
We will only send you direct marketing communications by email if We have your consent to do so. We will not share your personal data with third parties for marketing purposes.
DISCLOSURES OF YOUR PERSONAL DATA
We will not typically share personal data with any third parties. Only if We choose to sell, merge or transfer part or all of Our business to a third party, or if We acquire another business may We share personal data with necessary third parties. We may share anonymised data with third parties.
We will treat your personal data with the utmost care. With that in mind, We have put in place a range of processes and technical measures to protect your personal data. Any data you provide to Us is stored on secure servers. All personal data transferred within Trygg is encrypted by default using SSL certificates. Our database is only accessible using encrypted keys which are only available to a limited number of Our personnel.
We have implemented procedures to deal with any suspected personal data breach and will notify you and any applicable regulator when We are legally required to do so. If you believe your personal data has been breached, please contact Us immediately at firstname.lastname@example.org
WHO WE SHARE PERSONAL DATA WITH
We share your personal data with (i) third-party IT companies who support Trygg; (ii) direct marketing companies who help Us manage Our electronic communications with you; and (iii) Our professional advisers including lawyers, bankers, auditors and insurers based in the United Kingdom who provide any of the following: consultancy, banking, legal, insurance and accounting services.
We may share your personal data with third parties (including law enforcement bodies) in order to respond to fraudulent or criminal (or potentially fraudulent or criminal) activity on Trygg. We may also be required by law to disclose your personal data to a law enforcement, regulatory or government body, in your country of origin or elsewhere.
WHERE YOUR PERSONAL DATA IS PROCESSED
Our servers are located in the UK and/or EU. We do not transfer your personal data outside the European Economic Area.
HOW LONG WE HOLD YOUR DATA FOR
By law We have to keep certain basic information about Our Clients for six years after they cease being Clients. Otherwise, We will only retain your personal data for as long as you are using Trygg and for no longer than six months after that to ensure continuity should you or your employer wish to recommence using Trygg during this period. We will securely destroy or irreversibly anonymise the data once it is no longer necessary for Us to retain it. We may use anonymised data indefinitely.
YOUR RIGHTS OVER YOUR PERSONAL DATA
Under certain circumstances you have the following rights in relation to your personal data. You are not required to pay any fee for exercising these rights.
Your right of access. You have the right to request a copy of the personal data We hold about you. Learn more.
Your right to rectification. You have the right to request that We rectify personal data you think is inaccurate and/or to complete personal data you think is incomplete. Learn more.
Your right to erasure. You have the right to request that We erase your personal data in certain circumstances. Learn more.
Your right to object to processing. You have the right to object to Us processing your personal data if We are processing your data based on Our legitimate interests. Learn more.
Your right to data portability. You have the right to request that We transfer your personal data from one organisation to another, or that We provide a copy of it to you. Learn more.
Your right to restriction of processing. You have the right to request that We restrict the processing of your personal data in certain circumstances. Learn more.
You also have the right to ask Us not to continue to process your personal data for any reason.
You can exercise any of these rights at any time by contacting Us at email@example.com .
You may also lodge a complaint regarding Our use of your personal data. Please tell Us first so that We can have a chance to look into your concerns. If you remain unsatisfied, you can contact the UK Information Commissioners Office (the UK supervisory authority for data protection issues) on their website here, or if you download Trygg outside the UK, you can contact your local supervisory authority.