As of May 25th 2018, a new set of EU regulations called General Data Protection Regulation (GDPR) come into effect. The purpose of GDPR is to provide greater protection and rights to individuals regarding their personal data. When you communicate with us on our website or become our customer, certain Personal Identifiable Information about you will be stored by us. Below you can learn how we process your information. If you have any questions feel free to contact us anytime.
Your rights under the GDPR
Under the new GDPR regulations, the key objectives are privacy and protection of personal data. Here is a list of your rights (in effect on May 25, 2018):
- Right to information. You can ask a company for information about what personal data is being processed and why it’s processed.
- Right to access. You can request a company to provide you with all the personal data they have about you.
- Right to rectification. You have the right to request a company to modify your personal data in case it’s incorrect or not up to date.
- Right to withdraw consent.You have the right to withdraw your consent for data processing at any time.
- Right to object.You have the right to object against processing of your personal data.
- Right to object to automated processing.You have the right to object to a decision based on automated processing.
- Right to be forgotten.You have the right to request a company to delete all personal data they keep about you.
- Data portability.You have the right to request a company to provide you with your personal information in a digital format so that can you transfer it to another company/controller.
How we process your Personal Information
If you contacted us through our contact form, we’ll store your name, company and message in our database to be able to follow up with you.
As our customer you sign up in our customer zone to access our releases of the products that you licensed. We collect your name, email and company for our records upon registration. We use your email to send updates about new product releases, you can disable this at any time inside the customer zone.
If you signed up for our newsletter or signed up for a trial, then your name, email address and company are stored with a 3rd party email service in the USA (Privacy Shield compliant). We use your email to send a newsletter, typically once per month and you can unsubscribe anytime.
If you signed up in our forums, your email and optionally your date of birth is stored in it. You can delete yourself from the forums at any time.
If you paid via PayPal, Personal Data such as name, email, phone number and address will be stored by PayPal.
As our customer we also store your Personal Data our accounting software Fortnox, GDPR related information: https://www.fortnox.se/om-fortnox/integritet-och-sakerhet/gdpr/ (in Swedish)
Storage location of the data we collect
Our customer zone data is stored in servers in Sweden and The Netherlands and we use two factor authentication on our server logins.
If you signed up for our newsletter or signed up for a trial, then your name, email address and company are stored with a 3rd party email service in the USA (Privacy Shield compliant).
Can I as a customer erase my data collected by Bryntum?
Yes, you can choose to delete your data anytime. Please just send us an email if you wish to be removed from our records.
Can I as a customer export personal identification data (PID) about me collected by Bryntum?
Yes, please just send us an email if you wish to receive a ZIP archive with all the data we have collected about you.
Does Bryntum store any Personal Data data outside EU?
For our email lists, we use a third party service in the USA (Privacy Shield compliant).
For our live chat feature, we use Drift which is located in the USA (Privacy Shield compliant).
If you pay online on our website using PayPal, your personal data is stored in the USA by PayPal.
What is the Privacy Shield Framework?
The EU-U.S. and Swiss-U.S. Privacy Shield Frameworks were designed by the U.S. Department of Commerce and the European Commission and Swiss Administration to provide companies on both sides of the Atlantic with a mechanism to comply with data protection requirements when transferring personal data from the European Union and Switzerland to the United States in support of transatlantic commerce.
Bryntum’s Data Protection Officer
The Bryntum Data Protection Officer can be reached at dpo[at]bryntum.com.
Appendix 1 – Categories of Personal Identifiable Information Collected
|Scenario||Category||Personal information||Lawful basis|
|Contacting us through our form||Contact details||Name, email, company, phone, text message||Legitimate interests, consent|
|Registering in our customer zone||Contact details||Name, email, company, phone, text message||To fulfill our contract with you, consent|
|Signing up for our newsletter||Contact details||To fulfill our contract with you|
|Signing up for a product trial||Contact details||Name, email, company||To fulfill our contract with you|
|Registering in our support forums||Login details||Email, username||To fulfill our contract with you|
|When purchasing our products||Contact details||Name, company name & address, email||To fulfill our contract with you|
|Chatting with us on our website||Contact details||Name, email, text messages||Legitimate interests|
Appendix 2 – Subprocessors processing personal information on Bryntum’s behalf
A subprocessor is a third party data processor engaged by Bryntum with access to your Personal Data. In the table below you can see the list of the subprocessors that may receive Personal Data in order to perform different functions.
|Chatting with us on our website||Drift||USA (Privacy Shield compliant)|
|Registering in our customer zone||Loopia||Sweden|
|Signing up for our newsletter||Aweber||USA (Privacy Shield compliant)|
|Signing up for a product trial||Aweber||USA (Privacy Shield compliant)|
|Registering in our support forums||Loopia||Sweden|
|When purchasing our products on our website||PayPal||USA (Privacy Shield compliant)|
|When becoming a customer||Fortnox||Sweden|