This purpose of this document is to inform in what ways we store information, for what purpose and what intentions we have with doing so. We have prepared a all-you-need-to know quick guide regarding how we treat and handle your data.
The short and easy version
We constantly strive to improve the services we provide, and we do that by analyzing how you use our website and products.
Only the essentials
We are committed to only store what is necessary as part of pursuing our legitimate interest to maintain and develop our businesses. We are also committed to not storing anything longer than necessary or legally permitted.
We are dedicated to protect all collected data as if it was our own. We strive to keep the highest compliance and keep up with the highest security standards. We will never sell, lease or grant access to your data to anyone else but partners affiliated with our business
We do our best to be transparent in our communication on how we will use the collected information, and for what purpose and with whom the information is shared.
You have a right to know what personal data we hold about you. You have a right to update incomplete, incorrect, unnecessary or outdated personal data, as well as request the deletion of any personal data.
The longer version
Mapiful AB (also referred to as “we”, “us” and “Mapiful”) in this document are deeply committed to protect and care for the data of our users and customers. We strive to comply with the highest standards in data protection and privacy. We also enforce all the applicable necessary laws and restrictions.
Using our website, service and/or buying our products constitutes your acceptance of our Policy. Should you not agree with this, do not use any of our products or service.
This policy applies to all data that Mapiful processes during the provision of our services.
The usage of cookies
Like most websites on the web we utilize “cookies”. A cookie is a small file that is stored on your computer (by your browser) and store text based values. The information stored in those files is used to be able to provide a good persisting customer experience i.e. not showing “welcome”-messages the first time you use the website, storing the products in your cart, your choices of language or currency. The allowed life time of this file is set depending on the purpose. You can prevent the usage of cookies by disabling the feature in your browser.
Automatic collection of data
When using this website we collect information regarding the usage of our services with the purpose of creating a good over all user experience and providing relevant information in marketing. The information is stored in an anonymized state meaning that it is not tied to any personal information.
Example of what is being stored:
- Information regarding your browser, and type of device.
- What location you are using our services from.
- How you interact with our services, and what content you see, and when.
- Information regarding your internet service provider.
The purpose of collecting such information
The purpose of this is to provide us with real life usage statistics to improve content, security and the over all experience as an existing or potential customer to us.
It is good to know that it is technically possible to use an IP address to identify an individual, but this is limited only to governments and law enforcements.
Data shared with Third parties
We will never sell, lease or rent data and may only disclose anonymized data to third parties in the circumstances stated below with the purpose to pursue our legitimate interest to maintain and develop our businesses.
Google (Analytics and Tag manager)
Google will on our behalf store and process anonymized data regarding your usage of our services. The nature of the data includes, but is not limited to, what pages you have visited, where you use our services from, and what device you are using.
You may at any time withdraw your consent (opt-out) and prevent data from your usage being stored by installing the browser plugins provided by Google for this sole purpose.
Google may store this information on servers located outside of the European Union. Google is thereby certified and compliant with everything required under “EU-US Privacy Shield” and achieves highly sufficient security for handling and storing data of this type.
We use facebook for “Behaviour, and targeted marketing” as part of pursuing our legitimate interest to maintain and develop our businesses. Facebook will on our behalf via a tracking pixel collect information regarding your usage of our services.
You may at any time withdraw your consent (opt-out) and prevent data from your usage being stored by changing your preferences on your profile provided by Facebook for this purpose.
Facebook may store this information on servers located outside of the European Union. Facebook is thereby required to be certified and compliant with everything required under “EU-US Privacy Shield” and achieves highly sufficient security for handling and storing data of this type.
We use Pinterest for “Behaviour, and targeted marketing” as part of pursuing our legitimate interest to maintain and develop our businesses. Pinterest will on our behalf via a tracking pixel collect information regarding your usage of our services.
You may at any time withdraw your consent (opt-out) and prevent data from your usage being stored by changing your preferences on your profile provided by Pinterest for this purpose.
We use the services provided by TradeDoubler for “Affiliate marketing”. Anonymized data is being tracked when purchasing our services with the purpose of sales attribution.
We use the services provided by Rev:Relations for “Affiliate marketing”. Anonymized data is being tracked when purchasing our services with the purpose of sales attribution.
Manually provided personal data
When you create an account, make a purchase, request information, or otherwise interact with us, we may ask for information to be able to fulfill your request. Mapiful processes personal data to perform our contractual obligations and to comply with legal obligations. Furthermore, we process personal data to pursue our legitimate interest to maintain and develop our businesses.
The agent/representative for the use and handling of personal data is the “Legal person/entity” that is Mapiful AB, organization no. 559006-2393, Wallingatan 3B, 111 60 Stockholm, Sweden.
Example of what we may ask for:
- Your Name.
- Your email address.
- Your and street address, and phone number.
- In specific cases usernames and passwords, feedback, age, gender, and language.
Data processing for payments
A essential part of the services provided by us is being able to purchase our goods and services. We do this using partners that we have rigorously evaluated in terms of security and compliance.
Mapiful do never store or process information such as, but not limited to, credit card numbers or bank accounts. Any such information entered on our website or as a part of our services is only processed by the payment gateway.
Legitimate grounds for processing personal data
- Providing products and services - We may use your personal data to provide you with our Services and to ship and deliver products you have requested or ordered, to process your requests or as otherwise may be necessary to perform the contract between you and us, to ensure the functionality and security of our services and correct delivery, to identify you as well as to prevent and investigate fraud and other misuses.
- Communication - We may use your personal data to communicate with you, for example to inform you that our Services have changed or to send you critical alerts and other such notices relating to our Services and Products and to contact you for any sales related purposes.
- Marketing - advertising and making recommendations: With your consent, with acceptance of our terms & policies, or when otherwise allowed, we may contact you to inform you of new Products, Services or promotions we may offer and to conduct market research. We may also use your personal data to personalise our offering and to provide you with more relevant Services and to display customized content and advertising in our Services. This may also include displaying third party content.
Sharing personal data
We will never sell, lease or rent your personal data and may only disclose your personal data to third parties in the circumstances stated below.
Companies in Mapiful’s corporate structure.
We may share your personal data with other Mapiful associated companies (affiliates or parent companies) or authorized third parties who process personal data on behalf of us, but only for the purposes described in this Policy and while the party are performing services for Mapiful.
We may access, disclose and preserve your personal data, when we have a good faith belief that doing so is necessary to: (1) comply with applicable law or respond to valid legal process from competent authorities, including from law enforcement or other government agencies; (2) protect our customers, (e.g. from spam or fraud and/or preventing serious injury or loss of life); (3) operate and maintain the security of our Services, including to prevent or stop an attack on our computer systems or networks; or (4) protect the rights or property of Mapiful, including enforcing the terms governing the use of the Services, possibly in cooperation with law enforcement agencies.
Mergers and Acquisitions.
Mergers and Acquisitions If Mapiful is involved in a merger, acquisition or asset sale, we may transfer personal data to the third party involved. However, we will continue to ensure the confidentiality of all personal data.
Your consent and social sharing services.
We may share your personal data if we have your consent to do so or you have specifically requested this.
Companies listed under “Data shared with Third parties”
Personal data shared with Third parties
We share personal data to pursue our legitimate interest to maintain and develop our businesses but only to the following parties:
The Rocket Science Group
LLC, 675 Ponce de Leon Ave NE, Suite 5000
Atlanta, Georgia 30308. USA.
Mailchimp provides a platform to communicate through e-mail. We use it to communicate with existing, and potential, customers and partners. The content depends on recipient and occasion and may include, but not limited to, information regarding our service, information regarding a customer order, relevant marketing information and offers.
Printmotor Ltd, Business ID: 0824433-3
Address: Sorvaajankatu 11, FI-00880 Helsinki, Finland
Printmotor provides Mapiful with fulfillment and production services.
185 Berry Street
San Francisco, CA 94107
Stripe is one of our payment gateways and when paying for our products or services we provide Stripe with the required information to i.e but not limited to perform security and fraud validation, and store required transaction data applicable by law.
Your rights regarding personal data
Individuals right to erasure of personal data
Upon request individuals have the right, under the General Data Protection Regulation (GDPR) “to be forgotten”. This right is to be exercised if you wish to have all information not required by other applicable laws or regulations removed. Examples of such information includes, but is not limited to data regarding financial transactions and order information.
Upon such requests we will within in reasonable time and manner manner remove applicable information.
You may at any time exercise the right and opt out using the tools and services provided by our partners including “unsubscribe links”. Contact our DPO (Data Protection Officer) if you have questions.
Individuals right to access personal data and portability
Upon request individuals have the right to request all records of personal data we currently store in a commonly used and machine-readable format. Contact our DPO (Data Protection Officer) if you have questions.
Individuals right to rectification of personal data
Upon request individuals have the right to submit corrections when applicable within the information stored about them. If requested we will within reasonable time update records and correct them. Contact our DPO (Data Protection Officer) if you have questions.
Data Protection Officer and representative contact details
Contact our Data Protection Officer if you have questions regarding our policy or ways of conduct or individual requests.
Att: DPO representative / Edvin Brobeck
111 60 Stockholm
Telefon: +46-(0)737-64 9207
Safeguarding Personal Data
We store and process Personal Data on third party service providers’ servers (“Data Hosting Providers”) that we have evaluated to have state of the art security measures and that complies with applicable laws and restrictions. Such servers are located in the European Union and/or the United States of America. We have strict internal policies and guidelines to address privacy and security matters, (proactive and reactive risk management, security and privacy engineering and assessments). We take appropriate steps to address the risk of data loss and other possible risks represented by the processing and the nature of the data being protected. Also, we limit the access to our databases containing personal data only to authorised persons having a justified need to access such information.
International transfer of personal data
By using the Services, you give us your consent to store, process and transfer your Personal Data, that we have collected, outside of your country of residence to the countries where the Data Hosting Providers’ servers are located.
In some instances you may use our Services in another country than where the Data Hosting Providers’ servers are located and therefore your personal data may be transferred across international borders outside the country where you use our Services, including from countries outside the European Economic Area (EEA). In such cases we ensure that there is a legal basis for such a transfer and that adequate protection for your personal data is provided as required by applicable law, for example, by using standard agreements approved by relevant authorities (where necessary) and by requiring the use of other appropriate technical and organisational information security measures.
We do not store personal data longer than is legally permitted and necessary for the purposes of providing our services. The storage period depends on the nature of the information and the purposes of processing. The maximum period may therefore vary per use.