Cleura's use of personal data to deliver services
When Cleura provides services to customers, Cleura AB (Cleura) is a controller of the processing of some personal data.
This privacy notice explains how Cleura handles the following types of information:
- Billing information
- Contact information for service messages
- Customer main account
- Service logs
- Service cases
Billing information
Cleura has a legitimate interest in providing its services to customers, and customers have a legitimate interest in using those services. This necessitates processing of billing information, which contains personal data.
Cleura also has a legal obligation to process some billing data, under corporate accounting rules.
When and how we process billing data
Billing information is used to invoice customers and receive payment from customers.
Billing information is stored a number of years in compliance with Swedish accounting laws.
Types of personal data we handle and why
We handle the following personal data:
- Email address provided by the customer
- Contact name
- Contact address
- Payment verification hash (if you pay with a credit card)
We use this data to:
- Request and receive payment for services.
- Ensure compliance with legal accounting obligations.
Contact information for services messages
Cleura has a legitimate interest in providing its services to customers, and customers have a legitimate interest in using those services. This necessitates Cleura sending its customers information and alerts regarding the services.
Cleura also has a legal obligation under Article 32(1) GDPR to implement appropriate technical and organisational measures together with the controller, to ensure appropriate security of personal data. Sending service related information and alerts is a necessary part of this.
Cleura also has a legitimate interest in providing customers news and updates regarding Cleura’s services, and to survey customers about their satisfaction with Cleura’s services.
When and how we process personal data
The customer provides Cleura with an email address. Cleura sends emails containing information and alerts to the recipient email address. Information is stored for a period of time, regarding which recipients have been sent which emails.
Types of personal data we handle and why
We handle the following personal data:
- Email address provided by the customer
- Information about which recipients have received which emails
We use this data to inform, and ensure we have informed, customers of:
- Potential security breaches
- Updates and changes to the agreement between the customer and Cleura
- Relevant changes in the technical and organisational security measures
- Upcoming maintenance windows
- Potential service disruptions
We also use the email address to send:
- News and updates regarding Cleura’s services
- Surveys of the customer’s satisfaction with Cleura’s services
Customer main account
Cleura has a legitimate interest in providing cloud services to customers, and customers have a legitimate interest in using those services. When a customer uses cloud services, Cleura needs to create a main account for that customer.
Other details regarding the customer are tied to the main account. The customer can use its main account to create Cleura Cloud Management Portal and API user accounts.
When and how we handle personal data
When a new customer uses Cleura’s services, Cleura creates a main account in Cleura’s IT system.
Cleura keeps the main account for at least as long as the services are provided to the customer.
Types of personal data we handle and why
We handle the following personal data to set up and maintain the main account:
- Account user-id
- Account user email address
- Name of the person at the customer using the main account
Cleura uses the main account to enable customers to manage administrative affairs related to their business relationship with Cleura, and to create Cleura Cloud Management Portal and API user accounts.
Service logs
Cleura has a legitimate interest in providing cloud services to customers, and customers have a legitimate interest in using those services. This necessitates Cleura logging certain information related to the customer’s use of the services.
Cleura also has a legal obligation under Article 32(1) GDPR to implement appropriate technical and organisational measures together with the controller, to ensure appropriate security of personal data. Logging certain information related to the customer’s use of the services is a necessary part of this.
When and how we handle personal data
Cleura keeps logs of actions taken using Cleura Cloud Management Portal user accounts and API user accounts. Logs of actions are automatically recorded and sent to a main log, where they are saved.
Cleura keeps the logs for at least as long as the services are provided to the customer.
Types of personal data we handle and why
- Which Cleura Cloud Management Portal user accounts and API user accounts are used.
- What actions each account performs.
- At what time actions are performed.
We use this data to ensure Cleura complies with its agreement with the customer regarding the proper provision of services, and Cleura’s legal obligations.
Cleura’s use of personal data in service cases
Cleura processes personal data in service cases when someone emails us, uses our contact form or calls a dedicated support number. We provide information about this here (link).
Individual rights
The GDPR gives you rights regarding personal data relating to you. You can:
- Request that Cleura provides you access to, and corrects or erases, personal data relating to you.
- Request that Cleura restricts how it processes personal data relating to you, or you can object to the processing.
- Make a complaint to the supervisory authority, the Swedish Authority for Privacy Protection, IMY.
You can contact Cleura’s data protection officer at dpo@cleura.com.
Contact us
If you have questions about this privacy notice, how we handle personal data or your dealings with Cleura, you may contact us at
Cleura AB
Blekingegatan 1
SE-37157 Karlskrona
SWEDEN
You can contact Cleura’s Data Protection Officer at dpo@cleura.com.