Privacy Policy

Coredeq (hereinafter referred to as "the Company", "us", or "we") acknowledges that your privacy is important. This policy discloses the privacy practices for Coredeq's website (hereinafter the "Website"), as well as related products and services that we may offer you (hereinafter the "Service"). This policy also covers how personal and other information that we receive or collect about you and your customers ("Customers") is treated. Please read the information below to learn about the following regarding your use of this Website.

We reserve the right to change this privacy policy from time to time. We will notify you of significant changes in how we treat personal information by sending a notice to the primary email address specified in your account, by placing a prominent notice on our website, and by updating any privacy information on this page. Your continued use of the Website and/or the Services available through this Website after such modifications will constitute your (a) acknowledgment of the modified policy, and (b) your consent to abide and be bound by that policy.


1. Types of information we collect

To provide you with our Service, we collect two types of information about our users: Personally Identifiable Information ("PII") and Aggregated Information.

Personally Identifiable Information: This refers to information that allows us to know details about who you are. When you perform certain activities on this Website, such as registering for an account, downloading or purchasing a product or service, submitting content and/or posting content in a public forum on this Website, or sending feedback to us, we may ask you to provide certain information about yourself.

Examples of PII may include your first and last name, email address, mailing address (including zip code), employer, position and department, phone and fax numbers, and other identifying information. When ordering products or services on the Website, you may be asked to provide a credit card number.

Aggregated Information is information that does not identify a specific individual. This type of information is collected based on where you visit on our website and which other websites may have referred you to us. The information is collected in various ways and analyzed both personally and in an aggregated manner. Information may include the URL that points to the website you visited before coming to our website, which URL you go to after visiting our website, which browser you are using, and your IP address.

2. How we collect information

Coredeq does not collect any personally identifiable information (PII) about you unless you voluntarily provide it to us. However, you may be required to provide certain PII to us when you choose to use certain products or services available on the website. This may include: (a) registering for an account on our website, (b) transferring individual transaction data obtained from your third-party billing or accounting applications (such as "QuickBooks," "Xero," "Clio," etc.), (c) transferring user-generated content and other information uploaded to the website, (d) sending us an email, (e) submitting a form or transferring other information via phone or mail, or (f) providing your credit card or other payment information when ordering and purchasing products and services on our website.

We will primarily use your PII to provide product or service offerings to you. We will also use certain PII to improve the operation of our website, enhance our internal marketing and promotional efforts, analyze website usage, improve our product and service offerings, and customize the content, layout, and services on our website. We may also use certain information about you without identifying you as an individual to allow third parties to analyze how the service is used, diagnose service or technical problems, maintain security, and customize content. We may also use PII to provide information to you and contact you regarding administrative notices. Finally, we may use your PII to resolve disputes, troubleshoot problems, and enforce our agreements with you, including our terms of use and this privacy policy.

We may also collect or allow our third-party advertising partners to collect certain Aggregated Information. For example, we may use your IP address to diagnose problems with our servers, software, to administer our website, and to collect demographic information. Our third-party advertising partners may also provide us with aggregated, but not individual reports that inform us of how many ads were displayed and clicked on our website.

3. Cookies

Depending on how you use our website, we will store cookies on your computer to collect certain aggregated data about our users and customize certain aspects of your specific user experience. A cookie is a small data text file that is stored on your computer and uniquely identifies your browser. Cookies may also contain more personalized information, such as your IP address, browser type, the server your computer is logged onto, area code and zip code associated with your server, and your first name to welcome you back to our website. We may use cookies to perform tasks such as: monitor aggregated website usage metrics, store and remember your passwords (if you allow us to do so), store account and advertising preferences that you have set, and customize the services that we make available to you. However, we do not use cookies to track your browsing behavior. Most browsers are initially set to accept cookies, but you can reset your browser to refuse all cookies or to indicate when a cookie is being sent. However, some parts of the website may not function properly if you choose to disable cookies.

4. Information Disclosure

Coredeq will not sell, trade, or rent your PII to others. We provide some of our product and service offerings through contractual arrangements with subsidiaries, service providers, partners, and other third parties ("Service Partners"). We and our Service Partners may need to use certain PII to perform tasks between our respective websites or to deliver products or services to you. For example, we may need to release your credit card information to the card-issuing bank to confirm payment for products and services purchased on this website, release your address information to the delivery service to deliver products you have ordered, and provide order information to third parties that assist us in providing customer service.

We will encourage our Service Partners to adopt and promote strong privacy policies. However, the use of your PII by our Service Partners is governed by the respective privacy policies of those providers and is not subject to our control. Except as otherwise discussed in this privacy policy, this document addresses only the use and disclosure of information we collect from you. Other websites accessible through this website, including our advertising and service partners, have their own privacy policies and data collection, use, and disclosure practices. Please consult each website's privacy policy. We are not responsible for the policies or practices of third parties.

Sometimes we may be required by law or legal authorities to provide PII to appropriate government authorities. In such cases, we will disclose PII upon receipt of a court order, subpoena, or to cooperate with a law enforcement investigation. We fully cooperate with law enforcement agencies to identify those who use our services for illegal activities. We reserve the right to report to law enforcement agencies any activities that we in good faith believe to be unlawful.

We may also provide Aggregated Information about our customers' sales, traffic patterns, and related website information to third-party advertisers, but these statistics do not include any personally identifiable information.

5. Updating and Correcting Information

We believe you should have the opportunity to access and edit the PII you have provided to us. You can at any time change any of your PII in your online account by linking to your account as instructed elsewhere on this website.

We encourage you to promptly update your PII if it changes. You may request the information on your account to be deleted or removed. However, some information, such as past transactions, logs of technical support calls, or other information, may not be deleted. Additionally, it may be impossible to completely erase your information without any residual information due to backups.

6. User Choice Regarding Collection and Use of Information

We may occasionally send email to you regarding new products and services that we believe may interest you. If you indicated at registration that you are interested in receiving offers or information from us and our partners, we may occasionally call or send direct mail to you about products and services that may be of interest to you. Only Coredeq (or agents working for Coredeq under confidentiality agreements) send these marketing messages to you, and only if you have previously indicated that you want them. If you do not wish to receive marketing messages from us, you can "unsubscribe" by editing your account information online and opting out of receiving these offers and mailings.

You also have choices regarding cookies, as described above. By changing your browser settings, you can choose to accept all cookies, receive notification when a cookie is sent, or reject all cookies. If you choose to reject all cookies, some parts of our website may not function properly for you.

7. Security of Your Personally Identifiable Information (PII)

On our website, you can be assured that your PII is secure in accordance with current industry standards. We strive to take appropriate security measures to protect against unauthorized access to or unauthorized alteration, disclosure, or destruction of your PII. For example:

• We work hard to ensure that the data we collect is reliable, accurate, complete, and current. We encrypt all PII to prevent unauthorized parties from viewing such information when it is transmitted to us. We also retain collected information for a reasonable period of time and use it only for the purposes for which it was collected or to comply with any applicable legal or ethical reporting or document retention requirements.

• We limit access to PII only to specific employees, contractors, and agents who have a reasonable need to come into contact with your information. For example, we may provide members of our technical support team with limited access to your account to allow them to troubleshoot any problems you may have with the website.

• Additionally, we also use a number of physical, electronic, and procedural safeguards to protect PII. Our secure servers and data centers are protected by industry-standard encryption, and our servers are behind firewalls and use high-level password protection.

• Finally, access to your PII is available through a password and a unique customer ID that you have chosen. This password is encrypted. We recommend that you do not disclose your password to anyone.

In order to serve you in the best possible way, credit card transactions and order fulfillment are handled by established third-party banks and processing agents (such as PayPal). They receive the information needed to verify and authorize your credit card or other payment information and to process and ship your order.

Unfortunately, no data transmission over the internet or any wireless network can be guaranteed to be 100% secure. Therefore, while we strive to protect your personally identifiable information, you acknowledge that: (a) there are security and privacy limitations inherent to the internet which are beyond our control; and (b) the security, integrity, and privacy of all information and data exchanged between you and us through this website cannot be guaranteed. Because we do not have any control or ability to monitor the security of your device, you should take reasonable available measures to secure your device.

If personally identifiable information is compromised due to a security breach, Coredeq will promptly notify the individuals whose personally identifiable information has been compromised, in accordance with the notification procedures outlined in this privacy policy, via email or as required by applicable law. You agree to promptly notify us and your customers if you experience a security breach on your device that may have affected the security of our website or service.

8. Miscellaneous

You must be at least 18 years old to be permitted to use this website. By accepting our policy, you hereby confirm that you are at least 18 years old. Our policy is that we do not knowingly collect, use, or disclose personally identifiable information about visitors under the age of 18.

You should also be aware that when personally identifiable information is voluntarily disclosed (i.e., your name, email address, etc.) in discussion forums or other public areas on this website, that information, along with any information disclosed in your communication, may be collected and used by third parties and may result in unwanted messages (including unwanted spam messages) from third parties. Such activities are beyond our control, and this policy does not apply to such information. Please refer to our user agreement and website behavior policy for our website behavior policy.

If you have any questions, concerns, or requests regarding our privacy policy, or our use of your personally identifiable information, or our privacy practices, please contact us at:

Our customers use Coredeq software to collect and process personal data about individuals, which may include individuals in the EU and/or the UK. In particular, they use the software to manage their marketing lists and campaigns, which includes processing their customers' personal data.

For GDPR (and UK GDPR), Coredeq acts as a data processor for the personal data of data subjects. The data controller for the personal data of data subjects is either our customer or our customer's customers.

We only process such personal data in accordance with the instructions from our customer and in compliance with our obligations as a data processor. We ensure that a data processing agreement is entered into between us and our customer to ensure that appropriate safeguards are in place.

Data Protection

Coredeq is committed to protecting the privacy of users and their customers. We stay updated on developments in data protection laws to ensure that you can trust the security of your personal data when using our platform.

This page is intended to explain what the rules entail, how they apply to your use of the Coredeq platform, and what measures we have taken to comply with them. This is not intended to constitute legal advice.

You should review this document along with our privacy policy and consult a legal specialist if you need advice or more information.

General Data Protection Regulation (GDPR)

Regulation (EU) 2016/679, more commonly known as the General Data Protection Regulation (GDPR), is an EU regulation aimed at harmonizing data protection laws within the EU.

GDPR focuses on giving individuals more control over how their data is used by companies and making the collection and processing of data more transparent.

GDPR was directly incorporated into UK legislation after the end of the Brexit transition period, meaning that UK businesses and other entities subject to UK law still have to comply with its provisions through "UK GDPR".

Basic GDPR Concepts

Controller and Processor

GDPR imposes different obligations on an individual depending on whether they are a controller or a processor of personal data.

A controller is an entity that determines to process personal data and makes decisions about the grounds for processing and the methods to be used. Controllers have certain obligations regarding personal data that you should familiarize yourself with before collecting personal data from your customers.

A processor is an entity that processes data for and on behalf of a controller. They do not make independent decisions about data or its processing, as they only process it on behalf of the controller and must follow all instructions given by the controller.

When you use the Coredeq platform, you are a controller. You have control over the data you upload to the Coredeq platform, what you do with that data, and why. As a result, you are responsible for ensuring that you have a lawful basis for processing data and that you do not retain the data longer than necessary.

You should ensure that you understand your obligations as a controller and update your own systems and policies to enable lawful transfer of personal data to Coredeq.

Coredeq is a data processor. We store and process data that you have collected under your instructions via the Coredeq platform. We will never use any personal data that you have uploaded to the Coredeq system for our own purposes or without your instruction.

Legal Basis for Processing

Personal data may only be collected and processed if there is a legal basis for it. The permissible legal bases are specified in the GDPR.

As a controller, Coredeq relies on our customers to choose the appropriate legal basis for the collection and processing of personal data, and to put in place appropriate notices or consents. Before using the Coredeq platform, you should take the time to identify which legal bases may be available to you, and only collect and process personal data to the extent necessary to fulfill the legal basis. You should not change the basis under which you have collected personal data without very good reasons, so it is important to understand the requirements of the different bases and ensure that you choose the correct basis from the outset.

Data Subject Access Rights

GDPR grants data subjects (i.e., your customers) certain rights concerning their personal data, including the right to access, correct, and/or delete any data relating to them.

Coredeq has implemented systems for you to be able to inform us if you receive such a request from a data subject, and for us to inform you if we receive such a request. You should familiarize yourself with the obligations that will be imposed on you, including related to any personal data you hold on your own systems or services other than Coredeq.

Data Protection

We have implemented security measures and measures to ensure that all personal data we handle is stored securely. We regularly test our products for bugs and vulnerabilities.

We also have procedures for regular backup systems, data recovery, and data protection to minimize the risk of corruption or loss of personal data.

Measures We Have Taken to Ensure GDPR Compliance

We take our responsibilities as a data processor seriously. We have implemented a number of procedures and taken several measures to help ensure that we comply with GDPR, such as:

Our data protection agreement uses the standard contractual clauses required to lawfully transfer personal data to us in the USA.

We have tools designed to detect data breaches and inform our customers as soon as possible.

We can handle requests for access to personal data and requests for deletion of personal data, and inform you when a data subject has made such a request to us.

We have evaluated and documented the personal data that we process on your behalf.

We encrypt personal data at rest and in transit, and have implemented other security measures to ensure an appropriate level of security in processing your personal data.

Updated: April 11th 2024

© 2023 Coredeq AB - All Rights Reserved
Kruthornsgränden 9, 226 52 Lund, Sweden