Last updated on 27 February 2023
Klimato’s core beliefs regarding personal data
Klimato’s purpose is to work for a sustainable future. And how sustainable would a future be without respect for private life? Not very, in our opinion it is therefore of great importance to us that we collect your data in a GDPR-compliant way. GDPR is a legislative bill which aims to protect your private life. It obligates Klimato to take care of the people within its collected data. This document aims to answer all your questions regarding how we handle your personal data. If you read this document and still have unanswered questions please contact our Data Protection Officer.
Klimato's website and application have multiple functionalities, products and services and in order to keep these products and services as good as possible we would like to handle some of your personal data. For example if you sign up for our newsletter Klimato would like to handle your email address to be able to send you the email. Klimato will not rent, sell or in any similar way distribute or publish all or any part of your personal information.
Klimato’s internal computer systems and websites (app.klimato.se and klimato.co) are constructed to comply with the following national and international data protection legislation:
- Dataskyddslag (2018:218)
- UK Data Protection Act 2018
- EU General Data Protection Regulation 2018 (GDPR)
Klimato’s compliance with these data protection bills, which are stringent in nature, means that this site is probably compliant with the data protection and user privacy legislation set out by many other countries and territories as well.
Klimato uses the following cookies on its website and/or in its app:
- Google Analytics - analytical & marketing cookies
- Calendly - functional cookies
- Mailchimp - functional cookies
- Stripe - functional cookies
- LinkedIn - marketing cookies
- Userpilot - functional / analytical cookies
How and why Klimato collects your personal data
Klimato’s websites (app.klimato.se and Klimato.co) collects and uses personal information for the reasons explained in the following sections. If you are under 13 years of age you MUST obtain parental consent before signing up for any of the below mentioned.
SITE ACTIVITY TRACKING
Like most websites, Klimato.co and app.klimato.se use Google Analytics to trace user interaction. Klimato will use data from Google Analytics to determine the number of people users on the website, and to better understand how they find and use our web pages. Our hope is that these insights will help Klimato develop the application’s and website’s functionality and user experience.
Google Analytics collects your data such as geographical location, device, internet browser and operating system, however this information does not personally identify you to us. Furthermore Google Analytics records computer IP addresses, this info could be used to identify you, but Google does not grant Klimato access to this. Klimato uses the analytics.js and gtag.js implementations of Google’s services. Google is regarded as a third party data processor. You can read more about third party processors below.
Linkedin Insight Tag
If you decide to sign up for our email newsletter, the email address submitted to Klimato will be forwarded to MailChimp. This company provides Klimato with email services. Klimato considers MailChimp to be a third party data processor. You can read more about our third party processors below. A submitted email address will not be stored within this website’s own database or in any of our internal computer systems.
Your email address will remain within MailChimp’s database for as long as we continue to use MailChimp’s services for email marketing or until you specifically request removal from the list. You can do this by unsubscribing using the unsubscribe links provided in any email newsletters that we send you or by requesting removal via email.
Should you choose to contact us using the contact form, the data that you supply will be stored by the third party data processor Webflow detailed below. Webflow sends an email to the responsible officer at Klimato. If necessary for the request you send us, we will use your personal data for sales administration and marketing. All data will be stored within our internal computer systems for a maximum of 24 (twenty four) months. Your data will be erased once your email-conversation with Klimato is over. Klimato suggests that you always consider email as an insecure medium and therefore not include personal, confidential or otherwise sensitive information within an email via this form.
BOOK A DEMO
If you choose to book a demo with Klimato, the email address, job title, organisation and message that you submit to us will be forwarded to Calendly who provide us with calendar services. Klimato considers Calendly to be a third party data processor. Read more about our third party data processors in the section below. Any information that you submitted will be stored for sales management reasons.
The personal data will be stored within Calendly's database and in our internal computer systems for a maximum of 24 (twenty four) months or for as long as you are still interested in a Klimato demo.
This section is only applicable to use of our application found at at app.klimato.se
When registering on app.klimato.se your submitted information will be stored in our internal computer systems. This information will be used to enable you to use the app and for Klimato to administer the application.
Payment via Stripe
All information submitted to sign up for Klimato’s product subscription is transferred to Stripe. Stripe is a third party data processor. The payment information will not be saved within Klimato’s own computer systems or servers however Klimato is able to administer the subscription.
Stripe also uses functional cookies to keep the app safe from fraud. These cookies are always active in order to protect you and Klimato's web application.
In order to display features to you and allow you to provide feedback, we use Userpilot Inc, Attn: Yazan Sehwail, 2035 Sunset Lake Road. The data which is processed is: Anonymous ID, browser, language, country, pixel width and height, your IP, operating system and device type. We have limited the scope of IP processing to determine the country code of the country of origin for identifying all users. Beyond that, IP addresses are not processed, stored or shared with other parties. The processed data will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies. Mandatory legal provisions - in particular legal retention periods - remain unaffected. We have concluded a contract with Userpilot in which we oblige Userpilot to protect your data and not to pass it on to third parties.
Save recipes and any uploaded personal data
If you use the application to calculate and register recipes this data will along with your name be saved on our servers within a database system provided by MongoDB and/or Postgres. Your data will be saved on servers from Amazon Web Service (hereinafter: AWS). Any personal data registered with a recipe will be saved on AWS’ servers for as long as the recipe is available in the application. You can at any time decide to delete your recipe and through that delete your own personal data from our server. Neither AWS, MongoDB or Postgres are not to be regarded as third party data processors. Your name and organisation will be saved with your recipe to enable Klimato to administer and structure its database.
How Klimato stores your personal data
As explained above in this document, any submitted personal information will be stored within Klimato’s cloud database at MongoDB. MongoDB is hosted by AWS. You can read more about how AWS stores your personal data below.
ABOUT KLIMATO’S APPLICATION AND WEBSITE SERVER
This website is hosted by Amazon Web Services (AWS) on a German data centre located just outside Frankfurt (EU-central-1). This host provides Klimato with many security features, here is a selection of them;
- Entry is controlled and monitored
- AWS Data centers workers are scrutinised
- AWS use a layer by layer access review
- AWS maintains its equipment regularly
- Access to server rooms are fortified with electronic control devices
- AWS is prepared for technological intrusion - the servers are ready to warn employees of any attempts to displace data
- Automatic disability of server in case of a breach.
More information about the data centers of Amazon Web Services can be found on their website, subpage “Our Data Centers”.
OUR THIRD PARTY DATA PROCESSORS
We use a number of third parties to process personal data on our behalf. These third parties have been carefully chosen and all of them comply with the legislation set out in this document. All 4 (four) of these third parties are based in the USA or within the EEA and are GDPR compliant.
Klimato will report any unlawful data breach on its application or its website’s database or the database(s) of any of our third party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is clear that personal data stored in an identifiable manner has been disclosed or taken.
DELETE PERSONAL DATA
If you wish to have your data deleted you can send an email to our Data Protection Officer who will delete or remove personal data upon request. You also have the right to ask us to delete or remove your Personal Data where you have successfully exercised your right to object to processing, where we may have processed your information unlawfully or where we are required to erase your Personal Data to comply with local law.
The data controller of this website is: Klimato AB, a Swedish limited Company with company number: 559139-1759
Whose registered office is:
Medborgarplatsen 3, Stockholms län, 118 26 Stockholm.
Data protection officer:
Anton Unger, Chief Executive Officer
CHANGES TO KLIMATO’S PRIVACY