When and how we collect and handle data about people

Website statistics, popup cookie and form collection cookie

• We use your IP address and browser User-Agent to generate anonymous visitor statistics without storing or collecting any information from your device. You can read more about how it works.
• We use one cookie to know if you have recently closed a pop-up, like the one informing about our visitor statistics and cookies. This is necessary to provide the website to you.
• We use one cookie to store and collect the information you fill out in forms like our cloud guide https://cleura.com/cloud-guide/. We use it to collect the choices you made in the form even if you didn't finish by submitting your contact details at the final step. The cookie contains a random string. We don't use this to identify who you are.

When you register for our events & webinars

In some cases, to register for our events and webinars, we require your contact details. Apart from the necessary communications, such as event reminders, governed by the terms and conditions of the tools that we are using, we also collect your information to:

• Subscribe your email address to our company newsletter, to which you can unsubscribe at any time by clicking the unsubscribe link at the bottom of the emails.
• Subscribe your email address to notifications about upcoming events and/or webinars, to which you can unsubscribe at any time by clicking the unsubscribe link at the bottom of the emails.
• Be able to follow up with you directly, at a later stage.

When you request a quote, callback or fill out other forms to get in touch with us

When you fill out other types of forms on our websites, or on other websites, which reference this privacy notice, we may ask for information like: your name, email address, phone number, company name, industry, professional role, link to your LinkedIn profile, and area of interest including Public Cloud, Compliant Cloud, Private Cloud, Cloud Education and Cloud Regulatory & Compliance Advice. We use this information to:

• Fulfil the purpose of the form, like receive information from you, answer a question or provide information about our services to you in a way that's best adapted to your needs.
• Add your email address to our company newsletter, to which you can unsubscribe at any time by clicking the unsubscribe link at the bottom of the emails.
• Follow up with you, directly, at a later stage.

When using forms on Cleura's websites we add a token unique to each submission. This is only used to hinder spambots.

Use of LinkedIn to find business opportunities

Cleura uses LinkedIn to find business opportunities.

Data used by Cleura

• Information you’ve provided through LinkedIn and made available to Cleura. This includes information on your LinkedIn profile as well as posts and comments available to other LinkedIn users.
• Information presented by LinkedIn to Cleura, which LinkedIn has derived from the information you have provided to LinkedIn and your use of LinkedIn’s services. This may include conclusions about how meaningful it would be for Cleura to approach you regarding Cleura's services or to enter into a commercial partnership.

The purpose of the processing

To find mutually beneficial business opportunities related to providing Cleura’s services or entering into commercial partnerships.

Legal basis

Legitimate interest, consisting of Cleura’s and the contacted person’s and/or company’s respective interest in providing and using Cleura’s services and entering into commercial partnerships.

Nature of the processing

Cleura uses LinkedIn and LinkedIn’s tools, like Sales Navigator, which provides search filters and tools to suggest which people at Cleura may be most suitable to contact which people at other organisations, at which point in time. LinkedIn’s tools do this by analysing the personal data you have provided to LinkedIn and your use of LinkedIn’s services. LinkedIn provides more information about the features of Sales Navigator. You can also read more about how LinkedIn uses personal data in LinkedIn’s privacy policy.

Retention period

Cleura processes this personal data during the time it is needed to assess and pursue potential business opportunities.

Use of service providers

We use third-party service providers to send out newsletters and surveys. They will handle personal data as needed for the purposes outlined above.

Specific cases

Third-party websites

You may find advertising or other content on our websites that link to the sites and services of our partners, suppliers, advertisers, sponsors, licensors, and other third parties. We do not control the content or links that appear on these sites and are not responsible for the practices employed by websites linked to or from our websites. Also, these other websites or services, including their content and links, may change. These other websites and services may have their own privacy policies and customer service policies. Using other websites, including websites that link to Cleura's websites, is subject to those other websites' own terms and policies.

Information related to Cleura's processing as a controller when delivering services

When Cleura provides its services to customers, Cleura is a controller of the processing of some personal data.

Cleura needs to use the following types of personal data to provide its services:

• Billing information
• Technical contact information regarding the services
• Customer master account
• Logs from Cleura Cloud Management Portal and API user accounts

A Cleura customer can avoid Cleura processing some personal data in the form of contact information by providing information which is not connected to a unique individual. For instance, a customer can provide a group email address such as finance@yourdomain.com instead of a personal email address for receiving billing information.

Billing information

Customers must provide billing information with a working email address and a physical address. The billing information the customer provides may contain personal data.

Billing information collected and processed by Cleura:

• Email address
• Contact name
• Contact address
• Payment verification hash (if you pay with a credit card)

The purpose of processing billing information

• To request and receive payment for the consumed services.
• To be compliant with legal requirements regarding corporate accounting.

Legal basis

• Cleura’s legitimate business interest in providing its services and the customer’s interest in using the services.
• Legal obligation, specifically corporate accounting regulations.

Nature of the processing

Billing data is sent in connection with invoicing and payment. It is also retained after payment, so that Cleura is able to prove that the company’s accounting is in order and that applicable taxes have been paid.

Retention period

Billing information, including invoicing data, is stored a number of years in compliance with Swedish accounting practices.

Technical contact information regarding the services

Customers must provide at least one working email address to receive notifications, information, and alerts regarding services used by the customer.

Technical contact data processed by Cleura:

• Email address
• Emails containing alerts and information related to the Services
• Information about which recipients have received which emails

The purpose of processing technical contact information is to inform customers of:

• Potential security breaches
• Updates and changed to the general terms and conditions
• Relevant changes in the technical and organisational security measures
• Upcoming maintenance windows
• Potential service disruptions
• News and updates regarding Cleura’s services

Legal basis

• Cleura’s legitimate business interest in providing its services and the customer’s interest in using the services.
• Legal obligation, consisting of GDPR requirements regarding technical and organisational measures to protect data processed by the customer.

Nature of the processing

Cleura sends emails containing the relevant information to the recipient email address.

Retention period

Information is stored for a period of time regarding which recipients have been sent which emails.

Customer master account

Cleura must create a master account for each customer, which other details regarding the customer are tied to, and which the customer can use to create Cleura Cloud Management Portal and API user accounts.

Customer master account data used by Cleura:

• Account user-id
• Account user email address
• Name of the Customer’s master account user

The purpose of processing master account data

In order to provide the Services to the customer, Cleura must create a master account for each customer, which other details regarding the customer are tied to, and which the customer can use to create Cleura Cloud Management Portal and API user accounts.

Legal basis

Cleura’s legitimate business interest in providing its services and the customer’s interest in using the services.

Nature of the processing

Cleura creates the master account in its IT system. The customer uses the master account to manage administrative affairs related to its business relationship with Cleura, and to create Cleura Cloud Management Portal and API user accounts.

Retention period

Cleura keeps the master account for at least as long as the Services are provided to the customer.

Cleura Cloud Management Portal and API user accounts logging data

Cleura keeps logs of actions taken using Cleura Cloud Management Portal user accounts and API user accounts.

Logging data used by Cleura:

• Which Cleura Cloud Management Portal user accounts and API user accounts are used.
• What actions each account performs.
• At what time actions are performed.

The purpose of processing the logging data

To ensure Cleura is providing the services according to the agreement with the customer and Cleura's legal obligations, by executing commands as instructed by the customer.

Legal basis

• Cleura’s legitimate business interest in providing its services and the customer’s interest in using the services.
• Legal obligation, consisting of GDPR requirements regarding technical and organisational measures to properly process data according to instructions given by the customer.

Nature of the processing

Logs of actions are automatically recorded and sent to a master log, where they are saved.

Retention period

Cleura keeps the logs for at least as long as the services are provided to the customer.

Changes to this privacy notice

Cleura may update this privacy notice at any time to reflect how we collect and handle personal data. When we do, we will revise the updated date at the bottom of this page. We encourage website visitors and users of our services to check this page to stay informed about how we collect and use personal data.

#Individual rights The GDPR gives you rights regarding personal data relating to you. You can:

• Request that Cleura provides you access to, and corrects or erases, personal data relating to you.
• Request that Cleura restricts how it processes personal data relating to you, or you can object to the processing.
• Request that we provide a machine-readable copy of personal data we are processing based on your consent or to perform a contract with you as an individual.
• Make a complaint to the supervisory authority, the Swedish Authority for Privacy Protection, IMY.

This document was last updated on September 22, 2023