Terms & Conditions
Last updated: May 7, 2024
GENERAL
​
Information about Adpin
These general terms and conditions ("the Terms") apply to all services provided by Adpin AB (org. no. 559218-4930) ("Adpin", "we", "our" or "us") provide our customers ("you").
Adpin simplifies the search and purchase of advertisements in newspapers and magazines, both in print and digital format, through a smart, intuitive and seamless app and web service.
Contact details
You can contact us using any of the contact details below ("Contact details"):
Telephone number: 0709709839
E-mail address: info@adpin.se
​
Acceptance of the terms
By registering an Account or using the Service, you accept the Terms. If you do not agree to the Terms, you may not create an Account or use the Service.
Definitions
"Subscription Period" is defined under the "Term and Termination" section below.
"The App" refers to our application which is accessible via computer and/or mobile phone and which relates to the Service.
"Features" means the Website, the App, your Account and the Service together.
"Website" refers to our website (https://www.adpin.se/) regarding the Service.
"Guest account" refers to the account created by you when logging in with mobile phones, without an invitation from a media house or media agency.
"Account" refers to the account that you register and create via the Website and/or the App.
"Contact details" means the details set out in the introduction section above.
"Privacy policy" refers to our privacy policy (https://adpin.se/privacy) which describes how we process personal data.
"Service" refers to the services described under the "Service" section below and made available through the Website, and the App, together with associated products, equipment, services and information that we provide to you.
"Third Party Applications" means online web-based applications and offline software products or services that a) are provided by third parties, b) interact with us, and c) may be either separate or integrated with us and whether or not designated by us as Third Party Applications.
THE SERVICE
​
​Description of the service
We provide a SaaS-based marketplace for searching and buying advertisements in newspapers and magazines, both in print and digital formats, through a smart, intuitive and seamless app and web service. (the "Service"). More information about the Service is available on the Website and in the App.
Create an account
To access the Service, you can register and create a guest account. It is not permitted to transfer the Account to others and you may only register one (1) Account. To use the service, you can fill in the contact form for selecting services in Adpin.
When an Account has been created, and payment for any optional services in Adpin has been made, the Service is available and ready to be used in accordance with the instructions on the Website and the App.
Ordering the service as an advertiser:
All advertisers can create a free basic account in Adpin through the form here on Adpin.se, through an ad purchase in Adpin's service, or through their media house contact person.
Ordering the service as a media house:
Media houses can request to create an account in Adpin through the order form here on Adpin.se or through direct contact with Adpin's representative. The following conditions apply to all media houses and are accepted by submitting the form and/or by logging into their established account in Adpin.
-
The media house and its advertisers are provided access to the services that Adpin offers, as well as respective user accounts, from time to time.
-
Additional services are available for purchase for all user accounts in Adpin.
-
The media house understands that Adpin is a SaaS (Software as a Service) in app and web form. The media house understands that it creates its own opportunities through Adpin's self-service and sales efficiency features and services.
-
The media house understands that the best opportunity to optimize its results through Adpin comes from utilizing all of Adpin's features for sellers and advertisers (including self-service) and that these often go hand in hand.
-
Adpin provides support via telephone, SMS, email, and video calls on weekdays between 9 am and 5 pm.
-
The media house can request its customer list and orders after the contract has ended.
-
The media house is responsible for creating and maintaining correct information, prices, and other details in Adpin.
-
The media house is responsible for using Adpin correctly and legally.
-
The media house is responsible for the content of its employees, partners, and advertisers in Adpin.
-
If there are any questions/problems, it is advantageous for the media house's users to take a picture/video of the problem and send it to Adpin's representative to enable faster troubleshooting and resolution of issues with Adpin.
-
The media house may not copy, replicate, or share insights about Adpin's service for self-development or sharing with Adpin's direct/indirect competitors during the contract period and 24 months after the end of the contract period. If this occurs, compensation will be paid to Adpin, relative to the expected damage resulting from the leaked intellectual property rights.
-
Legal action or financial compensation cannot be demanded from Adpin due to, for example, lack of activity, technical problems, or anything else that may directly or indirectly affect one's business through the use of Adpin.
-
Intellectual property rights belonging to Adpin before the beginning of the agreement and those acquired during and after the collaboration with the media house and its partners/advertisers during the period belong to Adpin, without the possibility of compensation from the media house and its stakeholders.
-
Adpin continues to develop its service for all user accounts from time to time, using these rights.
-
Both parties may market/advertise their business together with the other party's brand profile, public information, and logos freely in all media channels, presentation materials, and in any other way that suits either party's business in public and private contexts.
-
The media house, its partners, and all users agree from time to time to Adpin's GDPR, Terms of Service, Privacy Policies, and Cookie Policies, which are continuously updated and presented on Adpin.se, via login to Adpin's SaaS service.
-
No compensation will be paid to either party due to technical or other reasons for lack of activity or access to the service.
-
If ACROSS is not utilized as prescribed (has sent or accepted a received request) within a reasonable time according to Adpin, Adpin reserves the right to terminate the collaboration prematurely, entirely without the possibility of compensation from the media house.
-
For ACROSS to function over time, the media house needs to activate sellers in Adpin, use Adpin's QR codes in all printed editions, on its website, and if possible, on social media. If this is not fulfilled, Adpin has the right to immediately deactivate the media house from Adpin, without the media house being able to claim compensation.
-
Adpin intends to address any technical issues within 24-48 hours.
-
The media house and its employees, third parties, and advertisers hereby accept and, upon logging into Adpin's service, agree to its GDPR, Terms of Service, Privacy Policy, and Cookie Policy, which are continuously updated and linked to on adpin.se.
-
Advertisers and media agencies gain access to a free basic account in Adpin through the media house's ARM activity (salesperson) and the buyers' CASH activity (self-service) in Adpin.
-
The media house is aware that Adpin's service is built for and best utilized through synergies between ad sellers and advertisers (self-service), through the respective parties' interfaces in Adpin.
-
Thus, activity is required from sellers and the media house to create opportunities for self-service, through various functions, such as offers, orders, and quotations, as well as via links provided by and in Adpin's interface.
-
If Adpin is not used in the manner intended, Adpin has the right to terminate the agreement with immediate effect, or alternatively, suspend the account until a plan is established. This is without the media house having the opportunity to claim compensation or legal consequences against Adpin.
-
Examples of links, all of which should contain an offer for best results:
-
Printed QR codes in each edition.
-
Website links.
-
Social media links (e.g., Facebook).
-
-
​Invoicing is done monthly with a 30-day due date. In case of non-payment on the due date, the media house's access to the service is suspended until payment is received.
-
If payment is still not made despite reminders, Adpin has the right to terminate the agreement with immediate effect, without any claim for compensation or legal consequences.
-
Overdue payments, including reminder and collection fees, are automatically sent for collection.
-
Adpin provides a SaaS service (app/web service) for the implementation of what we provide to media houses and its stakeholders from time to time, through e.g. ACROSS.
-
Adpin is not responsible for your media house's possible challenges and opportunities for ACROSS commitments.
-
Respective media houses are responsible for their legal commitments and obligations through the use of Adpin, such as through ACROSS collaborations.
-
Adpin is thus completely free from liability in disputes between ACROSS parties, between ad buyers and media houses, as well as any other third parties.
Delivery of the Service
During the order process, we will notify you when and where we will provide the Service to you, including any products and digital materials associated with it, as well as any training, as per agreement.
YOUR OBLIGATIONS
Customers
We offer the Service to companies and other legal entities. You hereby certify that you have the authority to enter into these Terms and to use all Functions on behalf of the legal entity.
These Terms constitute the entire agreement between us in relation to the Service. You certify that persons (eg employees and representatives) who create Accounts and use the Service have read and understood the Terms. You are always responsible for all use of the Service in accordance with these Terms.
​
Use of the Functions
When you use the Functions, you must always comply with applicable legislation, regulations and government regulations. In particular, you may not use the Website or the App other than through the interfaces provided by us and expressly permitted by the Terms.
You may also not use the Features in any way that conflicts with our, or any third party's, rights or legitimate interests. You undertake to follow all instructions and recommendations that you receive from time to time from us.
You agree to be responsible for all activities that occur on your Account. Login details to your Account must always be kept secure and it is prohibited to share information about your Account with any third party. If you suspect that your Account or your login details are being used by a third party, you must contact us immediately through the Contact Details.
You also agree not to:
Defame, abuse, harass, threaten or otherwise violate any third party's or our legal rights;
Post, or otherwise express, material or information that is inappropriate, defamatory, offensive, obscene, pornographic, racist, terroristic, politically incorrect, indecent or illegal;
Contribute to destruction through activities such as the spread of viruses, spam or other activity that may harm us, the Website and/or the App in any way;
Monitor the Service's availability, performance or functionality for any competing purpose, e.g. that you agree not to access the Service for the purpose of developing a competing product or service or copying the Service's features or user interface; or
Resell or in any way share results generated on the Website and/or in the App or use the Service to create a competing service or product.
We may temporarily restrict access to the Features to:
Fix technical problems or make minor technical updates; or
Update changes to the Features to comply with changes in applicable laws and regulatory requirements.
If we need to restrict access to the Services, we will contact you in advance. However, this does not apply to problems that are urgent or in an emergency situation.
If you provide incorrect, inaccurate, out-of-date or incomplete information when creating your Account, we have the right, where applicable, to refuse or amend your order and to close your Account. This applies even if you do not comply with these Terms (e.g. if you do not pay for the Service on time) or other mandatory rules. Should such an event occur, we will contact you and request that you cease violating these Terms.
Own Content
The Website and/or the App contain features for uploading and storing files and other information that you provide or create ("Content" ). You are responsible for all distribution and other actions performed by you and on your Account.
By uploading Content to the Website and or the App, you represent that you a) have the necessary rights to the uploaded Content or b) have permission to use the Content in such a way that the Content or your use of the Content does not contravene applicable law. We will not check whether the Content has been uploaded or distributed through the Website and/or the App in a manner that complies with the law.
By posting Content to the Website and/or the App, you are aware that, depending on your account settings, that such Content may become available to others. We are not responsible for the loss of any Content and we recommend that you always create a backup copy. We are not responsible for the accuracy of the Content you have posted or created.
​
PRICE AND PAYMENT
​
You do not make any payment for the Service.
​
Refund
Through Adpin, no refunds can be requested. This occurs outside of Adpin's technical solution, between the partners who meet through Adpin.
​
CONTRACT TERM AND TERMINATION
Contract period
​
The terms of the Service apply from the time you create a Guest Account and continue to apply during the subscription period ("Subscription Period"). A Subscription period is thirty (30) days.
At the end of each Subscription period, your subscription is automatically renewed for thirty (30) days. Your subscription will not be renewed if you cancel it no later than 5 days before the last day of your current
Subscription period.
​
For full use of Adpin, a separate contract period can be signed when ordering additional services in Adpin.
Termination
You can terminate the Service by going to the Website or the App or by contacting us via our Contact Details.
​
At the end of the contract period, your access to the Service will be canceled immediately. We will also delete or anonymize all personal information about you, except for such information that we are required to retain by law.
​
Service that is still in progress upon termination must be completed in accordance with these Terms. Obligations arising as a result of breach of these Terms shall continue to apply even after termination.
Early termination
We reserve the right to terminate the agreement with you if you:
Breach or otherwise breach these Terms or any other provisions established by us; or
​Uses the Website, the App or the Service in any way that is inconsistent with the intended purposes or is otherwise harmful to us or a third party.
​
OUR LIABILITY
​
​Liability
Our liability is limited as follows:
we are not liable to you, whether in contract, tort (including negligence), breach of statutory duty or otherwise, for lost profits, indirect or consequential damages arising during or in in connection with an agreement between us; and
our total liability to you for any other loss arising under or in connection with any agreement between us, whether in contract, tort (including negligence), breach of statutory duty or otherwise, shall be limited to the total amount that you have paid for the Service according to the applicable order/agreement.
Cancellation
We are only responsible for damages that are notified in writing no later than three (3) months after you discover or should have discovered the damage, but no later than six (6) months from when the damage occurred.
​
Errors and delays beyond our control (force majeure)
We are not responsible for delays and errors beyond our control. If our suppliers are delayed due to an event beyond our control, we will notify you as soon as possible and take steps to minimize the damage caused by the delay. If we have complied with this, we are not responsible for errors and delays caused by the event, but if there is a risk of a material error or delay occurring, you may contact us to terminate the Agreement and obtain a refund for the part of the Service that you have paid for for but not received.
CONFIDENTIALITY
​During the term of the agreement and thereafter, the parties undertake not to disclose any third party information about these Terms or any other information that the parties have become aware of as a result of these Terms, whether written or oral and in any form (" Confidential Information").
The parties agree that Confidential Information may only be used to fulfill the obligations under these Terms and for no other purpose. The receiving party also agrees to exercise and cause its directors, employees, subcontractors or other intermediaries to exercise the same degree of care (but no less than reasonable care) to avoid the disclosure or use of Confidential Information.
This confidentiality obligation does not apply to Confidential Information that is publicly known (other than through a breach of these Terms or any other non-disclosure agreement).
Each party undertakes to ensure that any information disclosed or disclosed under this section shall, to the extent possible, be handled securely by the recipient. This non-disclosure agreement applies for three (3) years after the termination of these Terms.
​
CHANGES & ADDITIONS
We reserve the right to change the Terms at any time. We will notify you via email or the App of such changes which are not insignificant and which will affect you. You are responsible for keeping yourself informed of any changes to the Terms. The latest version of the Terms will be available on the Home Page. Changes to the Terms come into effect on the first business day following the date of publication.
All new features and content added to the Service, Website or App are subject to what is stated in the Terms.
COMPLAINTS AND CUSTOMER SERVICE
If you have any complaints, please contact our support through our Contact Details.
PERSONAL DATA
You are the personal data controller for the personal data that we process on your behalf in connection with your use of the Service. How we may process the personal data in the role of Personal Data Processor is shown in the Personal Data Processor Agreement (appendix) and which you enter into by accepting these Terms.
More information about how we process personal data can be found in our Privacy Policy.
MATERIAL AND INTELLECTUAL RIGHTS
​
Our rights
The Website and App are owned and administered by Adpin. All copyrights, trademarks, trade names, logos and other intellectual or industrial rights owned or used by us and those included in our Features (including titles, graphic images, icons, scripts, source codes, etc.) are our own, or those of other licensors , property and may not be reproduced, distributed, sold, used, modified, copied, restricted or used (in whole or in part) without our written consent.
​
License
Adpin grants you a non-exclusive right and license to use the Website, the App and the Service for the purpose of providing the Website, the App and the Service to you. Upon termination of this agreement, this right and license also terminate.
​
Respect for our property
You may not, for any purpose, manipulate, attempt to gain unauthorized access to, change, hack, repair or otherwise adjust any of our materials, hardware, source codes or information.
​
Respect for our intellectual property rights
You accept that the Service and other information, including all associated intellectual property rights, provided and made available by us constitute our exclusive property. You may not in any way use our exclusive property for any commercial purpose or for any other purpose without our written consent.
APPLICABLE LAW AND DISPUTE RESOLUTION
Swedish law shall apply to these Terms.
Disputes arising out of or in connection with these Terms and Conditions shall be finally settled by a general court.
​
COMPANY INFORMATION
Adpin AB is registered in Sweden.
Registered address: Edsgarnsvägen 66, 76021 Vätö
Organization number: 559218-4930
VAT registration number: SE559218-493001
​
PERSONAL DATA PROCESSING AGREEMENT
This personal data processing agreement with appendices (the "Agreement") has been entered into between:
Personal Data Controller
You ("Personal Data Controller"); and
Personal Data
Officer Adpin, org. no. 559218-4930 ("Personal data assistant")
Together the "Parties" and individually a "Party".
​
BACKGROUND
The Agreement refers to the Personal Data processed against the background of Adpin's general terms and conditions which have been entered into by the Parties ("the Terms"), from which it follows that the Personal Data Processor processes personal data on behalf of the Personal Data Controller.
In the event of any conflict, this Agreement takes precedence over the Terms.
The agreement contains the following appendices:
Appendix 1 - Existing and approved assistants
Appendix 2 - Technical and organizational security measures
Appendix 3 - Contact details
​
DEFINITIONS
The concepts used in the Agreement shall have the same meaning as stated in Article 4 of the Data Protection Regulation.
"
Processing" of personal data is everything that can be done with personal data, e.g. storage, modification, reading, transmission, etc.
"
Applicable law" refers to the legislation applicable to the processing of personal data that takes place under the Agreement, including the Data Protection Regulation, supplementary national legislation, as well as practices, guidelines and recommendations issued by a Supervisory Authority.
​"
Personal data" is any kind of information that can be traced back to an identifiable living person (in the Agreement, "Personal data" is used synonymously with "personal data for which the Personal Data Controller is responsible and which the Personal Data Processor processes on behalf of the Personal Data Controller").
"
Personal Data Controller" is the company /organization that decides for which purposes and in what way the personal data shall be processed and is thus also responsible for personal data being processed in accordance with Applicable Law.
"
Personal data processor" is the company/organization that processes personal data on behalf of the personal data controller and may therefore only process personal data according to the instructions of the controller of personal data and Applicable law.
"
Registered" means the living person whose personal data is processed.
"
Supervisory authority" means a Swedish or EU authority, such as the Swedish Data Protection Authority and, where applicable, another supervisory authority which, with the support of law, exercises supervision over the operations of the controller of personal data .
Terms defined in the Terms shall have the same meaning in this Agreement.
INTRODUCTION
The agreement regulates the processing of personal data that the Personal Data Processor performs on behalf of the Personal Data Controller.
The agreement has been drawn up to fulfill the requirements set out in Article 28.3 of the European Parliament and Council Regulation (EU) 2016/679 of 27 April 2016 on the protection of natural persons with respect to the processing of personal data and on the free flow of such data and on the repeal of Directive 95/46/EC ("Data Protection Regulation"). According to this provision, there must be a written agreement about the Personal Data Assistant's processing of personal data on behalf of the Personal Data Controller.
DESCRIPTION OF THE PERSONAL DATA PROCESSING
Categories
of registered
Personal data controller instructs the Personal Data Controller to process data that identifies the Personal Data Controller:
Employees
Customers
Suppliers
Users
Consultants
Business contacts
Potential employees
Categories of personal data
Contact
Social security numbers
Data arising through communication
User generated data
Purchase information
Still and/or moving images
Order and delivery data Customer segment
Source
The Personal Data Controller processes the personal data that:
The Personal Data Controller's employees enter into the Service The
Personal Data Controller collects from the registered
Personal Data Controller collects from the registered on behalf of the Personal Data Controller
Which a party other than the Personal Data Controller transfers to the Personal Data
Controller The purpose of the processing of personal data ("Purpose")
Register user account to enable logging into the Service
For identification through three third party, for example by logging in via Google, Facebook or LinkedIn
Store personal data in a database, statistics and analyzes
Carry out and confirm orders/purchases completed in the Service.
The processing of personal data
Registration
Organization and Structuring
Storage and Analysis
Addressing in case of possible mailings
​
THE PERSONAL DATA PROCESSOR'S SPECIAL OBLIGATIONS
The Personal Data
Processor undertakes, in connection with all processing, to take into account and observe the principles for the processing of personal data set out in Article 5 of the Data Protection Ordinance.
​
Personal Data Processor
The guarantees through the Agreement that the Personal Data Controller does not otherwise need to ensure that the Personal Data Processor fulfills the requirements for expertise, reliability and resources to implement technical and organizational measures required by Applicable Law.
The Personal Data Controller undertakes to only process personal data in accordance with what follows from the Agreement, for the purposes set out in the Terms and Conditions, according to the Personal Data Controller's documented instructions and at any time Applicable law.
​
The Personal Data Controller shall, at the request of the Personal Data Controller, through appropriate technical and organizational measures, assist the Personal Data Controller in their obligation to respond to requests for the exercise of data subjects' rights and, taking into account the type of processing and available information, to carry out impact assessments regarding data protection and prior consultation with the supervisory authority in accordance with Applicable Law.
If the Personal Data Processor violates Applicable Law by independently determining the purposes and means of the processing (e.g. processes the personal data for purposes other than the Purpose), the Personal Data Processor shall be considered to be the personal data controller for the new processing without affecting the processing that takes place in accordance with the Agreement in other.
If the Personal Data Controller considers that the instructions provided by the Personal Data Controller are incomplete, deficient or incorrect, the Personal Data Controller must immediately notify the Personal Data Controller. The Personal Data Processor also has the right to refrain from following the Personal Data Processor's instructions if they conflict with Applicable Law.
​
SPECIAL OBLIGATIONS OF PERSONAL DATA CONTROLLERS
The personal determines the purposes and means for the processing of the personal data. The personal data controller has ownership rights to and formal control over the personal data processed by the Personal Data Controller.
The personal data controller is responsible in relation to the data subject for the processing of the personal data.
The person in charge of personal data is responsible for ensuring that the personal data is correct and up-to-date.
​
PERSONAL DATA INCIDENT
​
In the event that a situation arises that leads to accidental or illegal destruction, loss or alteration or unauthorized disclosure of or unauthorized access to the personal data ("Personal Data Incident"), the Personal Data Assistant shall without undue delay and no later than eight (8) hours from the Personal Data Incident discovered, inform the Personal Data Controller in writing on the contact details shown in Appendix 3.
​
The information must, to the extent that it is available to the Personal Data Controller, at least contain the following:
A description of the circumstances surrounding the Personal Data Incident
A description of the nature of the Personal Data Incident and, if possible, the categories and approximate number of data subjects affected and the categories and approximate number of Personal Data affected
A description of the likely consequences of the Personal Data Incident
A description of the measures taken or proposed to address the Personal Data Incident, as well as, where appropriate, measures to reduce its potential adverse effects
Contact details of the data protection officer or other contact person who can provide more information to the Personal Data Controller.
If it is not possible for the Personal Data Controller to provide the information at one time, the information may be provided in installments without unnecessary further delay.
​
AUDIT AND REVIEW
​
The Personal Data
Controller shall, at the request of the Personal Data Controller give him access to all the information required to demonstrate that the Personal Data Officer's obligations according to Applicable Law and the Agreement have been fulfilled.
If the information according to the previous point cannot reasonably be considered sufficient to demonstrate that the obligations established under Applicable Law have been met, the Personal Data Controller has the right to carry out physical inspections.
The Personal Data Assistant must enable and contribute to reviews and inspections carried out by the Personal Data Controller or an impartial third party appointed by the Personal Data Controller. The person in charge of personal data shall notify the Personal Data Assistant in writing of the planned review at least ten (10) working days in advance.
The review may only be carried out:
​during normal office hours,
after the Data Controller has ensured that the person carrying out the review is subject to a confidentiality obligation that is appropriate in relation to the personal data and information to be reviewed; and
in accordance with the Personal Data Officer's internal policies and security procedures.
Each party is responsible for its own costs arising in connection with the review.
If there is a further review within one (1) year of the review being carried out, the Personal Data Controller shall bear all costs.
SUB-CONSULTANT
In cases where the Personal Data Controller plans to hire a sub-consultant or replace an existing sub-consultant, the Personal Data Controller must inform the Personal Data Controller no later than five (5) working days in advance in order to The person in charge of personal data must have the opportunity to object to the change.
​
If there are reasonable grounds for the Data Controller to object to a subcontractor, the parties must first of all cooperate to find a suitable alternative, in the second instance the Data Controller has the right to terminate this Agreement and (if applicable) the Terms.
When engaging a subcontractor, The Personal Data Processor through an agreement ("Subprocessor Agreement") ensures that the subprocessor has the same obligations as the Personal Data Processor has according to the Agreement. This applies in particular with regard to sufficient guarantees to implement the appropriate technical and organizational measures required to comply with Applicable Law.
​
The personal data controller always has the right to take part in the Personal Data Processor's subcontractor agreement (strictly commercial information may be redacted).
The Personal Data Processor
must keep an updated list of its subcontractors.
The list must be made available to the Personal Data Controller on request.
If the subcontractor does not fulfill its obligations according to the subcontractor agreement, the Personal Data Processor shall be fully responsible towards the Personal Data Controller for the subcontractor's actions or failure to take measures.
​
REGISTRY AND DATA PROTECTION OFFICER
​
The Personal Data
Protection Officer undertakes to keep a written record of the processing of personal data with the content specified in Article 30.2 of the Data Protection Regulation. The register must be available to the Personal Data Controller on request.
In the event that the processing or the nature of the business requires the Personal Data Officer to appoint a Data Protection Officer in accordance with Article 37 of the Data Protection Ordinance, the data protection officer's contact details must appear in Appendix 3.
​
CONTACT WITH THE SUPERVISORY AUTHORITY AND THE REGISTERED PERSON
The Personal Data
Controller shall without delay inform the Personal Data Controller of any contact with the Data Subject, supervisory authority or other third party relating to the Personal Data Processor's processing of the personal data.
For the case where the Data Subject makes a request to the Personal Data Processor about his rights connected to the processing, The personal data assistant refers the Registrant to the Personal Data Controller.
The personal data assistant must allow the inspections that the supervisory authority may require according to Applicable Law.
The Personal Data Assistant does not have the right to represent the Personal Data Controller or otherwise act on behalf of the Personal Data Controller vis-à-vis the Registrant, supervisory authority or other third party.
TECHNICAL AND ORGANIZATIONAL SECURITY MEASURES
​
The personal must take appropriate organizational and technical security measures to protect the personal data covered by the Agreement against unauthorized or illegal access.
This includes ensuring sufficient capacity, technical solutions, competence, financial and personnel resources, routines and methods.
The suitability of the technical and organizational security measures must be assessed taking into account the latest developments, implementation costs and the nature, scope, context and purpose of the processing as well as the risk the processing poses to fundamental freedoms and rights.
If the Personal Data Controller assesses the risk level of the processing as high, and thus carries out an impact assessment, the Personal Data Controller must share the results of the impact assessment with the Personal Data Controller so that this can be taken into account when determining what constitutes appropriate security measures.
​
The Personal Data Controller must follow any decisions and consultation statements that the supervisory authority announces on measures to fulfill the security requirements in Applicable Law and all other requirements relating to the Personal Data Processor according to Applicable Law.
The Personal Data Processor shall ensure that employees (of the Personal Data Processor or its subcontractors) only have access to personal data to the extent necessary and that those who are given access to the personal data have undertaken to observe the confidentiality of such information (e.g. by signing an individual confidentiality agreement).
​
Only persons employed/engaged as consultants by the Personal Data Protection Officer and who requested etc. have the necessary level of knowledge in relation to the nature and scope of the personal data processing may process the personal data.
​
Computer equipment, storage media and other equipment used in the processing of personal data carried out by the Personal Data Assistant must be stored so that unauthorized persons cannot gain access to them.
​
Security in the Personal Data Protection Officer's premises where personal data is processed must be suitable and secure with regard to locking equipment, functioning alarm equipment, protection against fire, water and burglary, protection against power cuts and power disturbances. The equipment used to process personal data must have good protection against theft and events that can destroy the equipment and/or personal data.
CONTROL OVER PERSONAL DATA
​
The personal data assistant must ensure that the personal data is not accidentally or illegally destroyed, changed or distorted. The data must be protected against unauthorized access during storage, transmission and other processing. The personal data may only be provided to the Personal Data Controller after the recipient has been identified.
​
The personal data assistant has taken other appropriate protective measures that comply with Applicable Law.
RESPONSIBILITY AND LIABILITY
​
The Party is free from responsibility for commitments under the Agreement in cases where performance is prevented by circumstances of an extraordinary nature beyond the Party's control which the Party could not reasonably be expected to have anticipated and whose consequences the Party could not reasonably have avoided or overcome either.
​
The Personal Data Processor is responsible for direct damages that arise as a result of the Personal Data Processor having processed personal data contrary to the Personal Data Controller's instructions in accordance with the Agreement and Applicable Law.
​
The personal data assistant must reimburse the personal data controller for direct damage, with a maximum value of the Main Agreement SEK. The compensation shall not be paid if the claim is connected to treatment that has been approved or carried out according to the instructions of the Personal Data Controller.
The Personal Data Assistant is not responsible for the Personal Data Controller's costs for representation.
The personal data processor's liability shall not include indirect or consequential damages such as lost revenue or profits, contracts, customers or business opportunities, loss of goodwill, or expected savings.
CONFIDENTIAL INFORMATION
​
The personal data assistant may not use information or other material to which he is given access within the framework of the Agreement or the Terms for any purpose other than to fulfill the obligations according to this Agreement or the Terms.
​
The personal data processor may not disclose or reveal to third parties or other unauthorized persons information about the processing of personal data or the content of personal data, which is covered by this Agreement or other information to which the personal data processor has been given access as a result of this Agreement. This does not apply to information that the Personal Data Officer is obliged to disclose by law. The obligation of confidentiality is valid from and including the day both Parties sign the Agreement and indefinitely thereafter. The Personal Data Officer must ensure that the confidentiality commitment applies to all employees and other persons who work for or on behalf of the Personal Data Officer and who are authorized to process personal data.
TERM AND TERMINATION
​
The Agreement is valid during the time that the Personal Data Processor processes personal data on behalf of the Personal Data Controller or until the Agreement is replaced by another Personal Data Processor agreement.
The Personal Data Processor's obligations under the Agreement shall continue to apply, regardless of whether the Agreement has been terminated or otherwise ceased to apply, as long as the Personal Data Processor processes personal data on behalf of the Personal Data Controller.
DELETION AND RETURN OF PERSONAL DATA
​
Upon termination of the Agreement, the Personal Data Assistant and any sub-assistants must either delete or return the personal data covered by the Agreement.
GOVERNING LAW AND DISPUTE RESOLUTION
​
Swedish law shall apply to this Agreement.
The dispute resolution mechanism that appears in the Terms and Conditions shall also be applied to this Agreement.
APPENDIX 1 - EXISTING AND APPROVED SUBSIDIARY BOARDS
​
Name: Google Analytics
Type of service: Data management and analysis
Website: https://analytics.google.com/analytics/web/
Data processed: Advertising and behavioral analyzes of the service's app/web data.
Security measures: The data is processed within the EU/EEA
​
Name: Firebase
Type of service: Data processing and Hosting
Website: https://firebase.google.com/
Data processed: Database
Security measures: The data is processed within the EU/EEA
​
Name: Stripe
Type of service: Transaction service
Website: https://stripe.com/
Data processed: Payment data
Security measures: The data is processed within the EU/EEA
​
Name: Fortnox
Type of service: Transactions and invoicing
Website: https://www.fortnox.se/
Data processed: Payment data
Security measures: The data is processed within the EU/EEA
APPENDIX 2 - TECHNICAL AND ORGANIZATIONAL SECURITY MEASURES
​
The personal data assistant has taken the following technical and organizational measures to ensure that the personal data is processed securely and that it is protected from loss, misuse and unauthorized or unauthorized access.
​
Technical security measures are measures implemented through technical solutions.
​
Encryption
Pseudonymization
Access list
Access log
Secure network
Firewall
Backup
Regular control of security level
Organizational security measures are measures that are implemented in working methods and routines within the organization.
Login and password management
Information Security Policy
Physical security (premises, etc.)
APPENDIX 3 - CONTACT DETAILS
​
Contact information
Phone number: 0709709839
Email address: info@adpin.se