PRIVACY POLICY

Which privacy policy that applies to you is dependent on which country you choose when registering for the service. There is one privacy policy for Sweden, one for Norway and one for other countries. You will find them in this order below.

PRIVACY POLICY – SWEDEN

1. GENERAL

1.1 This privacy policy (“Privacy Policy”) applies when Verisec Freja eID AB, Corp. ID. No. 559110-4806, c/o Verisec AB, Box 456, 194 04 UPPLANDS VÄSBY, Sweden (“Verisec Freja eID”) provides an electronic identification service via the app Freja eID (“Service”).

1.2 You have registered as a user of the Service according to the Terms of Use for the Service. This Privacy Policy constitutes an integral part of the Terms of Use.

1.3 You should always feel secure when providing personal data to us. This Privacy Policy is designed to show you how your personal data is processed securely in accordance with applicable legislation.

1.4 When the Service is used, several parties can be involved. This Privacy Policy only applies in relation to the processing performed by Verisec Freja eID in its capacity as data controller. Therefore, Verisec Freja eID recommend that you also read the privacy policies of the other parties who may be involved in the use of the Service, for example, the parties who provide the services on which you can use your Freja eID.

1.5 In order to use the Service, you must, in addition to the requirements set forth in the Terms of Use for the Service, accept this Privacy Policy.

2. PERSONAL DATA CONTROLLER AND DATA PROTECTION OFFICER

2.1 Verisec Freja eID is the data controller for Verisec Freja eID’s processing of your personal data and is responsible for ensuring that the processing takes place in accordance with applicable legislation.

2.2 Verisec Freja eID has appointed Mr. Anders Henrikson as the Data Privacy Officer (“Data Privacy Officer”). The Data Privacy Officer also has the duty of monitoring that Verisec Freja eID’s processes personal data in accordance with applicable legislation. Contact information for the Data Protection Officer is anders.henrikson@verisec.com, +46-733-458903

3. HOW WE PROCESS YOUR PERSONAL DATA

3.1 Verisec Freja eID will process your personal data for the following purposes and for the following legal reasons.

3.2 At any time you can withdraw the provided consent regarding Freja eID+ by providing written notification to Verisec Freja eID.

3.3 Verisec Freja eID will not process your personal information for automated decision-making or profiling.

Freja eID Basic
(For access to relying party services that do not require that your identity is validated.)

PURPOSELEGAL BASISCATEGORIES OF PERSONAL DATA
For Service in general
Providing, administering, developing and adapting the Service and allowing for support and customer service for you as a user.
The processing is necessary to fulfil the agreement with you as a user.• Email addresses (one mandatory, two optional)
• Telephone number (three optional)
For geographic location
Providing information about the nearest Freja eID agent in the ATG affiliate network, for physical vetting of your ID document.
Consent from you as a user• Geographic location
For marketing
Enable targeted marketing to you as a user of the Service and Verisec Freja eID’s similar services via regular mail, email, SMS or the app (including market and customer analyses and market research).
The processing is necessary to meet Verisec Freja eID’s legitimate interest to market its Service and other similar services to you as a user (a so-called weighing of interests).• Email addresses (one mandatory, two optional)
• Telephone number (three optional)
For service to function
In cases where a service provider wishes to authenticate you through a custom identifier (for example employee number or loyalty ID-number)
The process is needed to fulfil the agreement with you as a user.• Custom identifier

Freja eID with added ID document and Freja eID Plus
Some relying parties requires that your identity is validated when using Freja eID to access their services or when signing transactions with them.
The section below applies to Freja eID when you have added an ID document to validate your identity. It also applies to Freja eID+ which is when you conduct an extra step of identity validation by physically vetting your ID document with an Freja eID agent at an ATG-store.

PURPOSELEGAL BASISCATEGORIES OF PERSONAL DATA
For Service in general
Providing, administering, developing and adapting the Service and allowing for support and customer service for you as a user.
The processing is necessary to fulfil the agreement with you as a user.• Name, personal ID number date of birth and gender
• Address, telephone number and email address
• Image of your ID document
• ID document number
• Expiry date of your ID document
For geographic location
Providing information about the nearest Freja eID agent in the ATG affiliate network, for physical vetting of your ID document.
Consent from you as a user• Geographic location
For marketing
Enable targeted marketing to you as a user of the Service and Verisec Freja eID’s similar services via regular mail, email, SMS or the app (including market and customer analyses and market research).
The processing is necessary to meet Verisec Freja eID’s legitimate interest to market its Service and other similar services to you as a user (a so-called weighing of interests).• Name, personal ID number date of birth and gender
• Address, telephone number and email address
For service to function
In cases where a service provider wishes to authenticate you through a custom identifier (for example employee number or loyalty ID-number)
The process is needed to fulfil the agreement with you as a user• Custom identifier
For strong identity verification
In order to ensure that the person registering in the app is the same person as on the ID document.
Explicit consent from you as a user.• Picture of your face (i.e biometric data)

4. FOR HOW LONG DO WE STORE YOUR PERSONAL DATA?

4.1 Your personal data is stored as long as is needed to fulfil the objectives that require the data to be collected in accordance with this Privacy Policy and to comply with laws and regulatory requirements. Normally your personal data is stored at least for five years in order for us to comply with the Digilatisation Authority’s (DIGG – Myndigheten för digital förvaltning) requirements as per their trust framework (“tillitsramverk”).

4.2 At any time, you may cancel use of the Service by selecting “Deregister account” or a similar function in the Service and block the Service according to the instructions provided by Verisec Freja eID. Verisec Freja eID does not retain your personal data after you have cancelled use of the Service according to this section 4.2, unless it is required by law or to protect Verisec Freja eID’s legitimate interests, for example, in case of a legal proceeding.

5. WHO DO WE SHARE YOUR PERSONAL DATA WITH?

Verisec Freja eID may share your personal data with a third party, as well as to Relying Parties (as defined in the Terms of Use), companies who provide services and support related to the Service as well as group companies, in order to be used by the recipient to fulfil the purposes for processing your personal data specified in item 3.1 above. You will always be asked to consent to any such data sharing.

6. TRANSFER OF PERSONAL DATA TO THIRD COUNTRIES

Verisec Freja eID will not transfer your personal data to any country outside the EU/EEA.

7. YOUR RIGHTS

7.1 Verisec Freja eID, in its capacity as the data controller, is responsible for ensuring that your personal data is processed in accordance with applicable law.

7.2 Verisec Freja eID will, at your request or on its own initiative, correct, de-identify, delete or complete information that is determined to be incorrect, incomplete or misleading.

7.3 You have the right to require from Verisec Freja eID access, correction or deletion of your personal data (for example, if deletion is required according to applicable legislation), request restrictions on continued processing of your personal data as well as the right to object to the processing (for example, if you question whether the personal data is correct or if the processing is legal). Verisec Freja eID will notify each recipient regarding which personal data has been removed according to item 5 above if any corrections or deletions to the information as well as restrictions on further processing of the information occur according to item 7.

7.4 You are entitled to data portability, in other words, the right under certain circumstances to receive and transfer your personal data to another data controller in a structured, generally usable and machine-readable format.

7.5 If you do not want Verisec Freja eID to use your personal data for direct marketing, you have the right to provide written notification of this to Verisec Freja eID at any time. Once Verisec Freja eID has received your notification, Verisec Freja eID will cease processing your personal data for marketing purposes.

7.6 Once per calendar year, you are entitled to obtain an extract from the registry from Verisec Freja eID, free of charge with a signed, written request, indicating which personal data about you has been recorded, the purposes of processing the data and the recipients who have received the data or will receive the data. You are also entitled to receive information in the extract from the registry regarding where the data was collected, if the personal data was not collected from you directly, the occurrence of automated decision-making (including profiling) as well as the anticipated period during which the data will be stored or the criteria that are used to determine this period. Furthermore, you are also in titled with the abstract from the registry to receive information about your other rights as specified in section 7.

7.7 You are entitled to submit complaints regarding Verisec Freja eID’s processing of your personal data to The Swedish Data Protection Authority.

8. PROTECTION OF YOUR PERSONAL DATA

You should always feel secure when providing personal data to us. Therefore, Verisec Freja eID has taken the necessary safety precautions to protect your personal data regarding unauthorised access, modification and deletion.

9. COOKIES

Verisec Freja eID uses techniques similar to cookies to provide certain functions in the app. The information is stored in the form of a file containing the users encrypted session status (during an ongoing session) as well as the user settings that improve the user experience before a user is authenticated for the app (which are saved between sessions). For example, the information is used to remember the selected language for the app. This information is not provided to third parties. If you no longer want Verisec Freja eID to store or collect the information, you must cancel your use of the Service according to section 4.2 above. More information can be found in our cookies policy

10. CHANGES TO THIS PRIVACY POLICY

Verisec Freja eID has the right to modify this Privacy Policy at any time. Verisec Freja eID will provide reasonable advance warning of changes to the Privacy Policy. If you do not approve of the modified terms, you have the right to cancel the agreement with Verisec Freja eID before the modified Privacy Policy take effect. You can terminate the agreement by following the instructions in item 4.2 above.

11. CONTACT INFORMATION

Please do not hesitate to contact Verisec Freja eID if you have any questions about this Privacy Policy, the processing of your personal information or if you would like an extract from the registry. Verisec Freja eID’s contact information can be found under section 1 above.

PRIVACY POLICY – NORWAY

1. GENERAL

1.1 This privacy policy (“Privacy Policy”) applies when Verisec Freja eID AB, Corp. ID. No. 559110-4806, c/o Verisec AB, Box 456, 194 04 UPPLANDS VÄSBY, Sweden (“Verisec Freja eID”) provides an electronic identification service via the app Freja eID (“Service”).

1.2 You have registered as a user of the Service according to the Terms of Use for the Service. This Privacy Policy constitutes an integral part of the Terms of Use.

1.3 You should always feel secure when providing personal data to us. This Privacy Policy is designed to show you how your personal data is processed securely in accordance with applicable legislation.

1.4 When the Service is used, several parties can be involved. This Privacy Policy only applies in relation to the processing performed by Verisec Freja eID in its capacity as data controller. Therefore, Verisec Freja eID recommend that you also read the privacy policies of the other parties who may be involved in the use of the Service, for example, the parties who provide the services on which you can use your Freja eID.

1.5 In order to use the Service, you must, in addition to the requirements set forth in the Terms of Use for the Service, accept this Privacy Policy.

2. PERSONAL DATA CONTROLLER AND DATA PROTECTION OFFICER

2.1 Verisec Freja eID is the data controller for Verisec Freja eID’s processing of your personal data and is responsible for ensuring that the processing takes place in accordance with applicable legislation.

2.2 Verisec Freja eID has appointed Mr. Anders Henrikson as the Data Privacy Officer (“Data Privacy Officer”). The Data Privacy Officer also has the duty of monitoring that Verisec Freja eID’s processes personal data in accordance with applicable legislation. Contact information for the Data Protection Officer is anders.henrikson@verisec.com, +46-733-458903

3. HOW WE PROCESS YOUR PERSONAL DATA

3.1 Verisec Freja eID will process your personal data for the following purposes and for the following legal reasons.

3.2 At any time you can withdraw the provided consent regarding Freja eID+ by providing written notification to Verisec Freja eID.

3.3 Verisec Freja eID will not process your personal information for automated decision-making or profiling.

Freja eID Basic
(For access to relying party services that do not require that your identity is validated.)

PURPOSELEGAL BASISCATEGORIES OF PERSONAL DATA
For Service in general
Providing, administering, developing and adapting the Service and allowing for support and customer service for you as a user.
The processing is necessary to fulfil the agreement with you as a user.• Email addresses (one mandatory, two optional)
• Telephone number (three optional)
For geographic location
Providing information about the nearest Freja eID agent for physical vetting of your ID document.
Consent from you as a user• Geographic location
For marketing
Enable targeted marketing to you as a user of the Service and Verisec Freja eID’s similar services via regular mail, email, SMS or the app (including market and customer analyses and market research).
The processing is necessary to meet Verisec Freja eID’s legitimate interest to market its Service and other similar services to you as a user (a so-called weighing of interests).• Email addresses (one mandatory, two optional)
• Telephone number (three optional)
For service to function
In cases where a service provider wishes to authenticate you through a custom identifier (for example employee number or loyalty ID-number)
The process is needed to fulfil the agreement with you as a user.• Custom identifier

Freja eID with added ID document and Freja eID Plus
Some relying parties requires that your identity is validated when using Freja eID to access their services or when signing transactions with them. The section below applies to Freja eID when you have added an ID document to validate your identity.

PURPOSELEGAL BASISCATEGORIES OF PERSONAL DATA
For Service in general
Providing, administering, developing and adapting the Service and allowing for support and customer service for you as a user.
The processing is necessary to fulfil the agreement with you as a user.• Name, personal ID number date of birth and gender
• Address, telephone number and email address
• Image of your ID document
• ID document number
• Expiry date of your ID document
For geographic location
Providing information about the nearest Freja eID agent for physical vetting of your ID document.
Consent from you as a user• Geographic location
For marketing
Enable targeted marketing to you as a user of the Service and Verisec Freja eID’s similar services via regular mail, email, SMS or the app (including market and customer analyses and market research).
The processing is necessary to meet Verisec Freja eID’s legitimate interest to market its Service and other similar services to you as a user (a so-called weighing of interests).• Name, personal ID number date of birth and gender
• Address, telephone number and email address
For service to function
In cases where a service provider wishes to authenticate you through a custom identifier (for example employee number or loyalty ID-number)
The process is needed to fulfil the agreement with you as a user• Custom identifier
For strong identity verification
In order to ensure that the person registering in the app is the same person as on the ID document.
Explicit consent from you as a user.• Picture of your face (i.e biometric data)

4. FOR HOW LONG DO WE STORE YOUR PERSONAL DATA?

4.1 Your personal data is stored as long as needed to fulfil the objectives that require the data to be collected in accordance with this Privacy Policy and to comply with laws and regulatory requirements. Normally your personal data is stored at least for five years in order for us to comply with the Agency for Public Management and eGovernment’s (Difi) requirements as per their trust framework.

4.2 At any time, you may cancel use of the Service by selecting “Deregister account” or a similar function in the Service and block the Service according to the instructions provided by Verisec Freja eID. Verisec Freja eID does not retain your personal data after you have cancelled use of the Service according to this section 4.2, unless it is required by law or to protect Verisec Freja eID’s legitimate interests, for example, in case of a legal proceeding.

5. WHO DO WE SHARE YOUR PERSONAL DATA WITH?

Verisec Freja eID may share your personal data with a third party, as well as to Relying Parties (as defined in the Terms of Use), companies who provide services and support related to the Service as well as group companies, in order to be used by the recipient to fulfil the purposes for processing your personal data specified in item 3.1 above.

6. TRANSFER OF PERSONAL DATA TO THIRD COUNTRIES

Verisec Freja eID will not transfer your personal data to any country outside the EU/EEA.

7. YOUR RIGHTS

7.1 Verisec Freja eID, in its capacity as the data controller, is responsible for ensuring that your personal data is processed in accordance with applicable law.

7.2 Verisec Freja eID will, at your request or on its own initiative, correct, de-identify, delete or complete information that is determined to be incorrect, incomplete or misleading.

7.3 You have the right to require from Verisec Freja eID access, correction or deletion of your personal data (for example, if deletion is required according to applicable legislation), request restrictions on continued processing of your personal data as well as the right to object to the processing (for example, if you question whether the personal data is correct or if the processing is legal). Verisec Freja eID will notify each recipient regarding which personal data has been removed according to item 5 above if any corrections or deletions to the information as well as restrictions on further processing of the information occur according to item 7.

7.4 You are entitled to data portability, in other words, the right under certain circumstances to receive and transfer your personal data to another data controller in a structured, generally usable and machine-readable format.

7.5 If you do not want Verisec Freja eID to use your personal data for direct marketing, you have the right to provide written notification of this to Verisec Freja eID at any time. Once Verisec Freja eID has received your notification, Verisec Freja eID will cease processing your personal data for marketing purposes.

7.6 Once per calendar year, you are entitled to obtain an extract from the registry from Verisec Freja eID, free of charge with a signed, written request, indicating which personal data about you has been recorded, the purposes of processing the data and the recipients who have received the data or will receive the data. You are also entitled to receive information in the extract from the registry regarding where the data was collected, if the personal data was not collected from you directly, the occurrence of automated decision-making (including profiling) as well as the anticipated period during which the data will be stored or the criteria that are used to determine this period. Furthermore, you are also entitled with the abstract from the registry to receive information about your other rights as specified in section 7.

7.7 You are entitled to submit complaints regarding Verisec Freja eID’s processing of your personal data to The Norwegian Supervisory Authority.

8. PROTECTION OF YOUR PERSONAL DATA

You should always feel secure when providing personal data to us. Therefore, Verisec Freja eID has taken the necessary safety precautions to protect your personal data regarding unauthorised access, modification and deletion.

9. COOKIES

Verisec Freja eID uses techniques similar to cookies to provide certain functions in the app. The information is stored in the form of a file containing the users encrypted session status (during an ongoing session) as well as the user settings that improve the user experience before a user is authenticated for the app (which are saved between sessions). For example, the information is used to remember the selected language for the app. This information is not provided to third parties. If you no longer want Verisec Freja eID to store or collect the information, you must cancel your use of the Service according to section 4.2 above. More information can be found in our cookies policy.

10. CHANGES TO THIS PRIVACY POLICY

Verisec Freja eID has the right to modify this Privacy Policy at any time. Verisec Freja eID will provide reasonable advance warning of changes to the Privacy Policy. If you do not approve of the modified terms, you have the right to cancel the agreement with Verisec Freja eID before the modified Privacy Policy take effect. You can terminate the agreement by following the instructions in item 4.2 above.

11. CONTACT INFORMATION

Please do not hesitate to contact Verisec Freja eID if you have any questions about this Privacy Policy, the processing of your personal information or if you would like an extract from the registry. Verisec Freja eID’s contact information can be found under section 1 above.

PRIVACY POLICY – INTERNATIONAL

1. GENERAL

1.1 This privacy policy (“Privacy Policy”) applies when Verisec Freja eID AB, Corp. ID. No. 559110-4806, c/o Verisec AB, Box 456, 194 04 UPPLANDS VÄSBY, Sweden (“Verisec Freja eID”) provides an electronic identification service via the app Freja eID (“Service”).

1.2 You have registered as a user of the Service according to the Terms of Use for the Service. This Privacy Policy constitutes an integral part of the Terms of Use.

1.3 You should always feel secure when providing personal data to us. This Privacy Policy is designed to show you how your personal data is processed securely in accordance with applicable legislation.

1.4 When the Service is used, several parties can be involved. This Privacy Policy only applies in relation to the processing performed by Verisec Freja eID in its capacity as data controller. Therefore, Verisec Freja eID recommends that you also read the privacy policies of the other parties who may be involved in the use of the Service, for example, the parties who provide the services on which you can use your Freja eID.

1.5 In order to use the Service, you must, in addition to the requirements set forth in the Terms of Use for the Service, accept this Privacy Policy.

2. PERSONAL DATA CONTROLLER AND DATA PROTECTION OFFICER

2.1 Verisec Freja eID is the data controller for Verisec Freja eID’s processing of your personal data and is responsible for ensuring that the processing takes place in accordance with applicable legislation.

2.2 Verisec Freja eID has appointed Mr. Anders Henrikson as the Data Privacy Officer (“Data Privacy Officer”). The Data Privacy Officer also has the duty of monitoring that Verisec Freja eID’s processes personal data in accordance with applicable legislation. Contact information for the Data Protection Officer is anders.henrikson@verisec.com, +46-733-458903

3. HOW WE PROCESS YOUR PERSONAL DATA

3.1 Verisec Freja eID will process your personal data for the following purposes and for the following legal reasons.

3.2 At any time you can withdraw the provided consent regarding Freja eID+ by providing written notification to Verisec Freja eID.

3.3 Verisec Freja eID will not process your personal information for automated decision-making or profiling.

Freja eID Basic
(For access to relying party services that do not require that your identity is validated.)

PURPOSELEGAL BASISCATEGORIES OF PERSONAL DATA
For Service in general
Providing, administering, developing and adapting the Service and allowing for support and customer service for you as a user.
The processing is necessary to fulfil the agreement with you as a user.• Email addresses (one mandatory, two optional)
• Telephone number (three optional)
For geographic location
Providing information about the nearest Freja eID agent for physical vetting of your ID document.
Consent from you as a user• Geographic location
For marketing
Enable targeted marketing to you as a user of the Service and Verisec Freja eID’s similar services via regular mail, email, SMS or the app (including market and customer analyses and market research).
The processing is necessary to meet Verisec Freja eID’s legitimate interest to market its Service and other similar services to you as a user (a so-called weighing of interests).• Email addresses (one mandatory, two optional)
• Telephone number (three optional)
For service to function
In cases where a service provider wishes to authenticate you through a custom identifier (for example employee number or loyalty ID-number)
The process is needed to fulfil the agreement with you as a user.• Custom identifier

Freja eID with added ID document and Freja eID Plus
Some relying parties requires that your identity is validated when using Freja eID to access their services or when signing transactions with them. The section below applies to Freja eID when you have added an ID document to validate your identity.

PURPOSELEGAL BASISCATEGORIES OF PERSONAL DATA
For Service in general
Providing, administering, developing and adapting the Service and allowing for support and customer service for you as a user.
The processing is necessary to fulfil the agreement with you as a user.• Name, personal ID number (if stated in your ID document), date of birth and gender
• Country, telephone number and email address
• Image of your ID document
• ID document number
• Expiry date of your ID document
For geographic location
Providing information about the nearest Freja eID agent for physical vetting of your ID document.
Consent from you as a user• Geographic location
For marketing
Enable targeted marketing to you as a user of the Service and Verisec Freja eID’s similar services via regular mail, email, SMS or the app (including market and customer analyses and market research).
The processing is necessary to meet Verisec Freja eID’s legitimate interest to market its Service and other similar services to you as a user (a so-called weighing of interests).• Name, personal ID number (if stated in your ID document), date of birth and gender
• Country, telephone number and email address
For service to function
In cases where a service provider wishes to authenticate you through a custom identifier (for example employee number or loyalty ID-number)
The process is needed to fulfil the agreement with you as a user• Custom identifier
For strong identity verification
In order to ensure that the person registering in the app is the same person as on the ID document.
Explicit consent from you as a user.• Picture of your face (i.e biometric data)

4. FOR HOW LONG DO WE STORE YOUR PERSONAL DATA?

4.1 Your personal data is stored as long as is needed to fulfil the objectives that require the data to be collected in accordance with this Privacy Policy and to comply with laws and regulatory requirements. Normally your personal data is stored at least for five years unless a user wishes to “be forgotten” in our systems as per GDPR.

4.2 At any time, you may cancel use of the Service by selecting “Deregister account” or a similar function in the Service and block the Service according to the instructions provided by Verisec Freja eID. Verisec Freja eID does not retain your personal data after you have cancelled use of the Service according to this section 4.2, unless it is required by law or to protect Verisec Freja eID’s legitimate interests, for example, in case of a legal proceeding.

5. WHO DO WE SHARE YOUR PERSONAL DATA WITH?

Verisec Freja eID may share your personal data with a third party, as well as to Relying Parties (as defined in the Terms of Use), companies who provide services and support related to the Service as well as group companies, in order to be used by the recipient to fulfil the purposes for processing your personal data specified in item 3.1 above. You will always be asked to consent to any such data sharing.

6. TRANSFER OF PERSONAL DATA TO THIRD COUNTRIES

Verisec Freja eID will not transfer your personal data to any country outside the EU/EEA.

7. YOUR RIGHTS

7.1 Verisec Freja eID, in its capacity as the data controller, is responsible for ensuring that your personal data is processed in accordance with applicable law.

7.2 Verisec Freja eID will, at your request or on its own initiative, correct, de-identify, delete or complete information that is determined to be incorrect, incomplete or misleading.

7.3 You have the right to require from Verisec Freja eID access, correction or deletion of your personal data (for example, if deletion is required according to applicable legislation), request restrictions on continued processing of your personal data as well as the right to object to the processing (for example, if you question whether the personal data is correct or if the processing is legal). Verisec Freja eID will notify each recipient regarding which personal data has been removed according to item 5 above if any corrections or deletions to the information as well as restrictions on further processing of the information occur according to item 7.

7.4 You are entitled to data portability, in other words, the right under certain circumstances to receive and transfer your personal data to another data controller in a structured, generally usable and machine-readable format.

7.5 If you do not want Verisec Freja eID to use your personal data for direct marketing, you have the right to provide written notification of this to Verisec Freja eID at any time. Once Verisec Freja eID has received your notification, Verisec Freja eID will cease processing your personal data for marketing purposes.

7.6 Once per calendar year, you are entitled to obtain an extract from the registry from Verisec Freja eID, free of charge with a signed, written request, indicating which personal data about you has been recorded, the purposes of processing the data and the recipients who have received the data or will receive the data. You are also entitled to receive information in the extract from the registry regarding where the data was collected, if the personal data was not collected from you directly, the occurrence of automated decision-making (including profiling) as well as the anticipated period during which the data will be stored or the criteria that are used to determine this period.

7.7 If you are a resident of the EU/EEA you are entitled to submit complaints regarding Verisec Freja eID’s processing of your personal data to your local Data Protection Authority which will forward your complaints to The Swedish Data Protection Authority under whose supervision Verisec Freja eID operates.

8. PROTECTION OF YOUR PERSONAL DATA

You should always feel secure when providing personal data to us. Therefore, Verisec Freja eID has taken the necessary safety precautions to protect your personal data regarding unauthorised access, modification and deletion.

9. COOKIES

Verisec Freja eID uses techniques similar to cookies to provide certain functions in the app. The information is stored in the form of a file containing the users encrypted session status (during an ongoing session) as well as the user settings that improve the user experience before a user is authenticated for the app (which are saved between sessions). For example, the information is used to remember the selected language for the app. This information is not provided to third parties. If you no longer want Verisec Freja eID to store or collect the information, you must cancel your use of the Service according to section 4.2 above. More information can be found in our  cookies policy.

10. CHANGES TO THIS PRIVACY POLICY

Verisec Freja eID has the right to modify this Privacy Policy at any time. Verisec Freja eID will provide reasonable advance warning of changes to the Privacy Policy. If you do not approve of the modified terms, you have the right to cancel the agreement with Verisec Freja eID before the modified Privacy Policy take effect. You can terminate the agreement by following the instructions in item 4.2 above.

11. CONTACT INFORMATION

Please do not hesitate to contact Verisec Freja eID if you have any questions about this Privacy Policy, the processing of your personal information or if you would like an extract from the registry. Verisec Freja eID’s contact information can be found under section 1 above.