QUIDDLY AB (“QUIDDLY”, “we”, “us”) protects your privacy and knows how important it is with privacy for our customers and website visitors. Our goal with this policy is for us to clearly and transparently describe to you how we collect, use, display, transmit and store your information so that you feel confident that your personal data is secure. QUIDDLY performs all handling of personal data in accordance with the EU privacy law GDPR.
The purpose of this policy is to let you know how QUIDDLY processes your personal data, what QUIDDLY uses them for, who can access them and under what conditions and how you can exercise your rights.
QUIDDLY processes your personal data primarily to fulfil our obligations to you. Our starting point is not to process more personal data than is needed for our purposes, and QUIDDLY always strives to use the least privacy-sensitive information.
QUIDDLY also needs your personal information to give you good service, for example in terms of marketing, follow-ups and information. QUIDDLY may also need your personal information to comply with laws and perform customer and market analyses.
You have the right to object that QUIDDLY uses personal data for direct marketing purposes. When QUIDDLY collects personal information about you for the first time, you get more information about this and how you can oppose it.
QUIDDLY is Personal data controller for data processing of personal data on this and other websites operated by QUIDDLY and in QUIDDLY’s mobile app. QUIDDLY AB has overall responsibility for the Group’s operations in the Nordic region.
You can contact us at [email protected] or by regular letter sent to QUIDDLY AB, Nordlings väg 95, 217 73, Malmö, Sweden.
Collection of personal data
What personal data is
Personal data is any kind of information that can be directly or indirectly attributed to a person who is alive. This applies, for example, to names, social security numbers, addresses, e-mail addresses and telephone numbers. This also applies to, for example, customer numbers and encrypted data and various types of electronic identities, such as IP numbers, if they can be linked to natural persons.
How we collect personal information and what information we collect
QUIDDLY collects personal data in several ways, but primarily directly from you.
Information collected through personal contact
We collect personal information from you when you contact us, for example via the website, customer service, e-mail, telephone or in other ways. First and foremost, we collect the personal information needed to answer your question or handle your case. It is information about names and customer numbers. Depending on how you choose to contact us, we may also collect contact information such as email address or phone number. In personal contact, we also collect the other personal information that you yourself choose to provide to us.
Information collected via Quiddly.com
If you register a user identity on QUIDDLY.com, we collect your e-mail address to create the login. We also collect information about your username. At QUIDDLY.com you can then choose to submit information about name, date of birth, age, gender and address and contact information.
When you become a customer with us, a user identity is created to access QUIDDLY’s web-based services for you. In these cases, the user identity includes the same personal information that you provided to us when you signed an agreement with us.
Information collected when you subscribe to our newsletter
If you choose to subscribe to QUIDDLY’s newsletter, we collect your name and e-mail address in order to send the newsletter. If you choose to provide us with it, we also collect information about your postal code and country of residence.
Information collected when using our digital services
When you use any of our websites, our app, talk to any of our sales representatives on the phone or any other digital service from us, we collect information about your use of the service. Some of this information may be personal data, such as your IP number. We also collect information about how you navigate the service and what searches you do. If you are logged in to QUIDDLY.com or submit information that enables us to identify you, we will link your user pattern information with the other information we have collected about you.
Information collected from someone other than you
In order to keep your personal data up to date and correct, we supplement and update your personal data through the collection of private and public records. This applies, for example. address details and social security numbers.
Handling and storage of personal data
Quiddlys’s legal basis for processing your personal data
QUIDDLY processes your personal data legally. It may happen that the same personal data is processed both on the basis of the fulfillment of the contract entered into, specifically by consent or on the basis that the information is necessary to fulfill other legal obligations. This means that even if you revoke your consent and the treatment based on the consent ceases, the personal data may still remain with us for other purposes. In the main, we process your information to fulfill an agreement with us in which you are a party.
Administration of your services
In order to deliver the services you have ordered from us, we use your personal information in different ways. The data is used e.g. to complete the payment of the services you have ordered.
Administration of your services also includes the use of your data for accounting, auditing, credit or other verifications.
We use your personal information to provide you with service if you contact us with questions, comments or eg. complaints. We use your name and customer number to identify you and your ordered services. We use your contact information, such as e-mail address and telephone number to contact you in connection with questions and cases. We may also use all the other personal information that we have collected about you to handle your question or case depending on what is relevant in each case. This information is stored for 200 days.
Transmission of information
When you enter into a contract with us, we use your personal information to send confirmation of this agreement, important information and offers related to the service. Such mailings will be sent to the e-mail address provided in connection with the signing of the contract.
We send payment reminders via email and SMS.
Marketing and personification
Customer information can be used in the marketing context of QUIDDLY in connection with specific marketing campaigns or the launch of new services to contact you by mail, email and SMS.
If you have signed up for our newsletter, we use your personal information to send the newsletter to you and to adapt the contents of the newsletter. By using this information we can give you the offers that we think you have the greatest interest and benefit from.
On our websites we use information about our users for so-called. personalization. This means that we use the information we have collected about you and your use of our services to influence the content of the website when you visit us. The adaptation can, for example, be that we save and display information about the services you applied for on previous visits to our web, language preferences, and that we display ads and offers that we think fit you and your wishes.
We also use personalization in our communication via social media and web advertising on websites other than QUIDDLY.com.
In some cases, we share information with our partners to help us customize our offers and marketing to you. We enter into agreements to ensure that such partners process data in accordance with applicable personal data legislation.
Development of services and services
We use the information we collect about our customers to develop and improve our products and services. This applies in part to our digital services, where we analyze user behaviour to develop how we present information, offers and design features. This also applies to the development of our products according to customers’ wishes and behaviour, and to eg. fix deficiencies or increase security.
In the main, we use anonymous or anonymized data at the aggregate level to do this type of analysis. However, we may also use personal data that we have collected if relevant.
Finally, processing of your personal data may also take place to enable us to fulfil obligations under laws and regulations, such as applicable security and accounting.
Periods of retention
QUIDDLY follows good practice in the industry. We will store your personal data for as long as is necessary for the purpose of the processing.
We store all the personal information we collect in our customer database. In the customer database, personal data and history are stored for two (2) years if you have not agreed that we can save your data longer. If you specifically agree to it, we will store your personal data for up to 10 years.
If you reclaim within two years of the last service performed, we will save all your information for ten years.
At QUIDDLY.com, the information you have registered is stored as long as the user identity is active.
If you subscribe to our newsletter, your contact information will be saved as long as you choose to continue to receive the newsletter.
Phone calls recorded for educational purposes are stored for 200 days.
The same personal data can be stored in several different places for different purposes. This may mean that a task that has been removed from a system because it is no longer necessary may be left in another system where it is stored with the support of consent or for another purpose where the personal data is still needed.
Quiddly’s technical and organizational measures for the secure processing of your personal data
We take continuous measures to comply with the principles of “embedded data protection and privacy as default”. We continually evaluate the risks with the personal data processing that takes place and take the necessary security measures to reduce the risks.
We continuously train our staff on data protection issues and we have our own data protection representative. If you have direct questions about how we work with the Data Protection Regulation (GDPR) – please contact [email protected].
Disclosure of personal data
We use Microsoft’s office products and system services for our internal work. This means that your personal data will be processed by Microsoft who has been hired by us as personal data processor. Personal data is stored by Microsoft in a cloud service within the EU. Microsoft can transfer the personal data to a third country in a major IT incident (ie a country outside the EU / ESS). This transfer is only made to protect the data.
Contract partners and IT suppliers
We use a number of different IT services and IT systems in our operations. In some of these, personal data is stored and handled. We care about your privacy and the security of your information in all such handling. Some systems are installed locally with us and only our staff have access to the data. In these cases, no transfer is made to a third party. However, some systems are cloud solutions or installed at the supplier and mean that we transfer personal data to the supplier. In these cases, the supplier is our personal data processor and handles the information on our assignment and according to our instructions.
Internal IT systems
Internally, we handle personal data in our customer database, in our booking and sales support systems, in our customer service system and in a system for data management and data improvement. These systems are designed to deliver the services you have ordered from us and to handle questions and customer care in connection with the execution of these services. In these systems, all the personal data we collect may be handled.
We use external suppliers for personalization and analysis of user behavior on our websites and for user feedback. These companies handle personal data as personal data processor on our behalf. The information in question is mainly data that is collected through cookies and handled on an anonymous and aggregated level.
We use external suppliers to handle payments. These providers have access to personal data in the form of names, addresses and payment information. This handling is necessary in order for us to deliver the services you have ordered from us.
Providers of related services
To provide some of the services you have ordered from us, we use subcontractors and contract partners. Often it is necessary that we provide personal information to them in order for the service to be performed.
Transfer to third countries
Since we may manage debt collection and financing services around the world, some of our partners (eg in the debt collection and credit industry) are outside the EU / EEA area. This means that personal data may be transferred to partners in these countries for the same purposes as described above. Regardless of which country QUIDDLY transfers your personal data, QUIDDLY has an obligation to ensure that a good level of protection exists for your personal data. Which QUIDDLY obviously does.
Necessary handling of personal data and handling with the support of consent
Personal data processing that is necessary for us to execute an agreement with you or for us to fulfil a legal obligation is permitted without consent. However, in order for us to collect and process your personal data for any other purpose, you must consent to the processing. You consent to the handling of your personal data in connection with the use of our services on QUIDDLY.com, in our app, in contact with our staff.
Withdrawal of consent
You can choose to withdraw your consent at any time by contacting us with the contact details provided. If you revoke your consent, we will delete the personal data and discontinue the processing that was the subject of the consent.
It may happen that the same personal data is processed both with the support of consent and with the support of the information being necessary or with the support of other rules. This means that even if you revoke your consent and the treatment based on the consent ceases, the personal data may still remain with us for other purposes.
Right to get information about what personal data we have stored about you
If you would like information about what information we have registered about you, you can apply in writing at the above address. The excerpt is provided on request and is free once a year.
How do I proceed to request a extract from the register?
You write and request a register extract from QUIDDLY. NOTE! You have to submit your request in writing because it must contain your signature, so you cannot just send an email. Mark the letter “Personal data extract – to QUIDDLY’s Data privacy officer “.
Here’s how you can write:
Personal data extract – to QUIDDLY’s Data privacy officer
I hereby apply for a personal data extract.
City, date, signature, name clarification, social security number, address, e-mail and telephone number are required.
Right to control your personal data
You have the right to request that the information about you is deleted, supplemented or corrected. You also have the right to request that the processing of your personal data is limited to certain purposes and, for example, not used for direct mail or so-called profiling.
If you have complaints
Anyone who believes that a company is in breach of privacy law can turn to the Swedish Datainspektionen and read more on their website.