Privacy Policy - EPPlus Software AB

EPPlus Software AB (“EPPlus Software”) values your privacy and the security of your personal data. This privacy policy sets out how EPPlus Software processes your personal data. The EU General Data Protection Regulation 2016/679 (GDPR) applies to the processing performed by EPPlus Software.

Last updated: January 1, 2020.

  1. COLLECTED DATA

    EPPlus Software will process the following categories of personal data:

    1. Contact Information

      Your name, e-mail address, invoicing address, phone number and password, all as provided by and collected from you.

    2. Miscellaneous Data

      Cookie ID, IP address, browser fingerprint and such support calls as may be recorded from time to time.

    3. Usage of Our Website

      Visit history, movement pattern, time spent viewing a specific page, visit frequency, interactions with links or objects and occurrence of any errors.

    4. Unstructured Data

      Unstructured data is data that may be entered by you in the course of receiving support or otherwise by entering text in free text fields.

  2. LEGAL BASIS FOR PROCESSING
    1. Performance of a Contract

      It is necessary to process your Contact Information to perform the contract concluded between you and EPPlus Software upon starting a subscription.

    2. Legitimate Interests

      EPPlus Software deems that the following listed interests are legitimate and not overridden by your interests or fundamental rights or freedoms.

      • Gaining insight into how our website is used from a usability perspective.
      • Developing and enhancing our website.
      • Determining and improving the effectiveness of our communication.
      • Increasing security and preventing abuse or fraud on our website.
    3. Consent

      You may give your consent for our processing for specific purposes. Please note that you may change or revoke your consent at any time by sending an email to privacy@epplussoftware.com.

  3. PURPOSES
    1. Subscription Administration

      If you subscribe to our software, we must process your personal data to be able to administer your subscription and receive payment from you.

      Legal basis: performance of a contract.

    2. Support

      If you subscribe to our software and request our support, we process your personal data to administer your request under your current subscription plan.

      Legal basis: performance of a contract.

    3. Operating our website

      To operate our website and infrastructure efficiently, securely and professionally, we process your personal data to maintain an adequate level of security, troubleshoot any errors and perform optimizations.

      Legal basis: legitimate interests.

    4. Newsletter

      If you have signed up to our newsletter, we will process your personal data to send you the newsletter.

      Legal basis: consent.

  4. RECIPIENTS OF PERSONAL DATA

    We may share your personal data with service providers but we will remain as data controllers for your personal data. When engaging a service provider we will require the same level of protection and compliance as the one provided to you. No service provider may use your personal data for any other purposes than those set out above.

  5. YOUR RIGHTS
    1. Right to Information

      You have the right to know which of your personal data we process and for what purposes we process it. If we intend to process your personal data for any new purposes, we must inform you about those new purposes.

    2. Right to Rectification

      If you discover that your personal data is incorrect, you have the right to have these corrected by us.

    3. Right to be Forgotten

      You have the right to be forgotten and have your personal data erased. Please note that this does not apply to processing carried out by us that rests on the legal basis of performing a contract or where we are under a legal obligation to continue processing.

    4. Right to Restriction of Processing

      You have the right to obtain restriction of the processing under certain circumstances.

    5. Right to Data Portability

      You have the right to receive your personal data in a structured, commonly used and machine-readable format and to have it transmitted to another controller.

    6. Right to Lodge a Complaint

      You have the right to file a complaint with the data protection authority if you consider that our processing of your personal data does not comply with applicable laws and regulations. Current contact information to the Swedish Data Protection Authority can be found at: datainspektionen.se.

  6. RETENTION POLICY
    1. Data Provided by You

      We process your personal data regarding subscriptions for as long as needed to perform our contract with you. Personal data relating to your support requests is processed for two years following the last communication in each support matter.

    2. Data Collected by Us

      We will process your personal data for statistics and analysis for no longer than three months. Any data stored beyond three months will be anonymized and thus no be longer personal data.

  7. DATA TRANSFERS

    Your personal data may be transferred to and processed by third parties located in a country outside of the European Union. We will ensure that the transfer of your personal data is carried out in accordance with applicable privacy laws and, in particular, that appropriate contractual, technical and organizational measures are in place such as the Standard Contractual Clauses approved by the EU Commission.

  8. CONTACT

    The data controller for processing of personal data is EPPlus Software AB (CID 559205-1980), Skattegårdsvägen 360, 162 45 Stockholm, Sweden. You may contact us regarding the processing of your personal data at: privacy@epplussoftware.com.