Privacy Policy
- About Us
Upptec is a front-runner within Insurtech. We make life simple for people, insurers and their employees thanks to our claims automation solutions. Upptec delivers solutions on the European market and has been the market leader in Sweden since 2006.
Contact information
Upptec AB
Södergatan 15
211 34 Malmö, Sweden
DPO: Andreas Martin
Email: andreas.martin@upptec.com
Our website address is: https://upptec.com
- Our Privacy Notice
You are welcome to contact us at info@upptec.com if you have any questions about this Privacy Notice, our use of your personal data or if you wish to exercise your rights.
This Privacy Policy describes how we collect, receive, use, store, share, transfer, and process your Personal Data. It also describes your choices and rights with respect to your Personal Data, including your rights of access and correction of your Personal Data. For the purposes of this Privacy Policy “Personal Data” means any information relating to an identified or identifiable individual. If you do not agree with this Privacy Policy, you should not use our websites, product and services, or any other sites or services that link to this Privacy Policy.
- What personal data we collect
When you’re interested in what we do and how we do it we ask for your name, email address and a short message in our contact forms. You don’t need to use the forms though, you can email us directly at info@upptec.com. Some of the personal data we collect can be seen below – if any additional data is requested this will only be collected with your approval.
- Personal and contact information: name, email, and IP address
- Work related data: such as employer and title.
- Geographical information: County.
When you register to use our software, we collect certain personal information to manage and regulate access to our system. This information is essential for maintaining the security and integrity of our services. You can provide this information through the software’s registration or settings, or directly by contacting us at info@upptec.com if you prefer not to use the in-software options. Below is an outline of the personal data we typically collect, with any additional data collection requiring your explicit consent.
Personal and Contact Information: We collect your name and email address, which is used as your username for login purposes, ensuring that access to our software is secure and personalized.
Work-related Data: Information such as your employer and job title may also be collected to verify your eligibility and authority to access certain levels or features within the software.
Geographical Information: The county or region where you are located helps us ensure that your access is compliant with local regulations, and that you have access to relevant services.
This data collection is strictly for the purpose of regulating access to our software and is compliant with GDPR, ensuring that your personal information is handled responsibly and with transparency. If you have any questions about how we use your data or wish to exercise your rights under GDPR, please contact us at the provided email address.
- Why do we collect your personal data?
We process your personal data so that we can, in the best possible way, provide you with the services we offer. More information is provided under each purpose that you can read to find about, what personal data we use to achieve the purpose, the way in which we use the personal data and how long we will process the personal data for the purpose in question.
We do not use your personal data for any other incompatible purpose and we will not sell your personal data to any other party. Providing us with your personal data is voluntary, but necessary in some parts of the website.
For users, we process your personal data to ensure controlled access to our software and to provide the specific services associated with your user account. Detailed information about the purposes for which we use your personal data is available below, including which data we use, how we use it, and the duration for which we process it to fulfil each purpose.
We are committed to using your personal data solely for the purposes of managing and regulating access to our software. We do not use your personal data for any purposes that are incompatible with those outlined here, nor do we sell your personal data to any third parties. While providing us with your personal data is voluntary, it is necessary for using all functionalities of our software.
By understanding and agreeing to provide this data, you help us maintain the security and integrity of our software services. If you have any questions about how we use your data or wish to exercise your rights under GDPR, please contact us at the provided email address.
- For how long do we store your data?
The period for which we store your personal data varies depending on the purpose for which the data is processed. This duration may be influenced by specific regulatory requirements or by the terms of any contracts we have concluded with you. We are committed to the principle of data minimization, which means that we strive to store your personal data only as long as is necessary to fulfill the specified purposes.
For instance:
Data used for access control: We retain login information while your account remains active to ensure that you can access our software without interruption. This data is reviewed and purged if no longer needed or if the account is deactivated.
Data used for compliance and legal obligations: Data that falls under legal or regulatory retention requirements, such as tax or contractual information, is stored for the duration specified by applicable laws.
After the purpose for processing your personal data has been fulfilled, or once the required retention period expires, we securely delete or anonymize your data.
- How we protect your data
Our site is hosted and secured by WP Engine. Read their Data Privacy Addendum (DPA)
- Where we send your data
Our web site is hosted by WP Engine. You can read more about their GDPR compliance efforts at https://wpengine.com/legal/dpa/
- What rights you have over your data
If you have provided contact information either through our website or while using our software, you can request to review this data at any time. Additionally, you may ask us to erase any personal data we hold about you. This does not include any data we are required to retain for administrative, legal, or security purposes, which we must keep to comply with our obligations.
Rights of Registered Users:
As a registered user, you have several rights under GDPR that ensure you have control over your personal data:
Right to Access: You have the right to request a copy of the personal data we hold about you.
Right to Rectification: If you believe that any personal data we are holding is incorrect or incomplete, you have the right to request that we correct or complete it.
Right to Erasure: Also known as ‘the right to be forgotten,’ this allows you to request the deletion of your personal data when it is no longer necessary for the purposes for which it was collected, or when you withdraw consent.
Right to Restrict Processing: You can request that we restrict the processing of your personal data, which means that the data will only be stored and not used.
Right to Data Portability: This right allows you to request a transfer of your personal data to another organization or directly to you in a structured, commonly used, and machine-readable format.
Right to Object: You have the right to object to the processing of your personal data based on legitimate interests, direct marketing (including profiling), and processing for scientific or historical research and statistics.
You also have the right to lodge a complaint with Integritetsskyddsmyndigheten or other relevant supervisory authority at if you believe that the processing of your personal data does not comply with the GDPR.
For any questions regarding your rights or to exercise any of these rights, please contact us directly. We are committed to upholding your rights and will respond to your request promptly.
- Contact forms
We use the plugin “Gravity Forms” to collect data from our contact forms. When submitting our forms you have to at least state your email address which is saved to our web server along with current date and time, which IP-address the request originated from and which URL on our page the form was posted from.
We use your contact form details to send emails to you directly from our email client but the form plugin also stores the data. This data is stored for up to two months in the database used by our web server. You could ask us to delete this data at any time by contacting info@upptec.com
- Embedded content from other websites
Content on this site may include embedded content (e.g. videos, images, forms articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.
- Analytics
We use Google Analytics to get us informed about how many visitors our web page has. The data collected contains date, time and a non identifiable IP address (as per Google Analytics “anonymize the IP address” function), pages visited, technical information about browser and operating system used. We store the data for 38 months the reason being to be able to compare metrics year over year.
We currently use a function from Linked in called “The LinkedIn Insight Tag” which enables the collection of data regarding members’ visits to our website, including the URL, referrer, IP address, device and browser characteristics, timestamp, and page views. This data is encrypted, then de-identified within seven days, and the de-identified data is deleted within 90 days. LinkedIn does not share the personal data with us, it only provides aggregated reports about our website audience and ad performance. LinkedIn also provides retargeting for our website visitors, enabling us to show personalized ads off our website by using this data, but without identifying you as a LinkedIn member. LinkedIn members can control the use of their personal data for advertising purposes through their account settings.
Hubspot – We are currently utilizing a third party CRM system to get more insights about our visitors, customers and partners and via the CRM store contact details, partner and deal details and additional website related information. In addition HubSpot sets a number of tracking cookies when a visitor lands on our website to understand user behavior better.
- What data breach procedures we have in place
In the event of a discovered or suspected data breach, Upptec shall provide notice without undue delay to you using your provided email address.
Our notice shall include the following information to the extent it is reasonably available to Upptec at the time of the notice, and Upptec shall update its notice as additional information becomes reasonably available:
- the dates and times of the data breach
- the facts that underlie the discovery of the data breach, or the decision to begin an investigation into a suspected data breach, as applicable
- a description of the Personal Data involved in the data breach, either specifically, or by reference to the data set(s)
- the measures planned or underway to remedy or mitigate the vulnerability giving rise to the data breach.
We will take those measures available, including measures reasonably requested by you, to address a vulnerability giving rise to a successful data breach, both to mitigate the harm resulting from the data breach and to prevent similar occurrences in the future. We will cooperate with your reasonable requests in connection with the investigation and analysis of the data breach. Upptec shall retain all information that could constitute evidence in a legal action arising from the data breach and shall provide the information to you upon your request. Except to the extent required by law in the written and reasonable opinion of Upptec’s legal counsel, or as reasonably required by our investigation of the data breach.
Privacy Policy Version 1.3
We are entitled to amend this Privacy Policy when required.