Product Privacy Policy

Last updated: May 23, 2018

Our Product Privacy Policy describes our collection, use, disclosure, retention, and protection of your personal information as well as what your responsibility entails when using our services.

deBroome’s collection, storage, and use of personal data will continually be governed to comply to the GDPR as set forth by the European Parliament and PUL according to Swedish law. Clients are encouraged to take the same measures when using deBroome services.

1. Third parties

deBroome and our partners that we work with on a regular basis have agreed on how we treat personal information. The partners we choose are entrusted that they have full competence to treat personal information in the right manner to fulfil the purposes which are enlisted in this Product Privacy Policy.

When we feel you will benefit from our partner’s services, we may get in touch with them about your company’s needs. We do not sell, trade, or rent users personal identification information to others.

2. deBroome’s treatment of client’s personal data

2.1. Contact info

Client’s information including name, phone number, email address, corporation, and corporation’s address are collected to maintain communication between parties. Mainly, information is collected to respond to questions and concerns to help our clients improve their experience and the development of deBroome’s services. In addition, billing information may be collected to meet contractual obligations.

2.2. Feedback and testimonials

Clients may also receive a request to fill out a survey to let us know about their experience with our services. The responses may be used for client testimonials.

2.3. Publications

deBroome likes to showcase our services in the form of blogs and on social media, mainly Linkedin. We may also present our services to potential clients in a closed setting. In most cases, we ask permission from our clients before publishing articles or posts. We may also ask our clients to participate in an interview that is published on our website and social media channels. These publishings are not only to promote deBroome services, but also promote our client’s accomplishments. Our clients have the right to decline all these requests by deBroome.

3. deBroome’s treatment of user’s personal data

3.1. Google Analytics

deBroome services collect information on the users within our brand manuals including website visits, location, pageviews, and other general information collected by Google Analytics. deBroome uses this information for general statistical purposes. In sum, deBroome tracks engagement on our brand manuals.

3.2. Support

When users register on our brand manuals, we do not address user’s personal information unless a client has a request. As a result, deBroome uses personal information on deBroome’s services to assist with customer support when needed.

4. Client’s treatment of personal data

4.1. Registration form

All brand manuals are customized to the client’s needs. Therefore, some clients may choose to conceal their brand manuals from the public. To protect a brand manual’s information, a client will decide what to include on a registration form to confirm identity of individuals.

4.2. Brand Manual Privacy Policy

Clients take responsibility for the processing of personal data according to their own personal Privacy Policy. Our clients have the possibility to provide their Privacy Policy on each brand manual upon logging in.

4.3. Responsibility

The client takes responsibility of a user’s personal information within a brand manual. Thus, the client is accountable for who has access to user information within their organization and outside sources in which they share the information.

4.4. User requests

Clients will process any requests from registrants including but not limited to providing, updating, and deleting personal information.

5. Sharing information

5.1. Clients sharing info

  • User’s info: Clients take responsibility for the sharing of user’s information on deBroome’s platforms.
  • Other’s info: If you provide personal information about someone else, you are responsible for ensuring that you comply with any obligation and consent obligations under applicable data protection laws. Therefore, you need to confirm you have explicit consent to supply this information before doing so. In return, it is your responsibility to explain to them how we collect, use, disclose, and retain their personal information or direct them to read our Privacy Policy.

5.2. deBroome sharing info

Personally identifiable information: deBroome will not sell client’s identifiable information to others.
Non-personally identifiable information: deBroome shares non-personally identifiable information (such as anonymous number of sessions/pageviews, visit duration, and top countries) on our services to clients. This is to measure the engagement of their own brand manual. Our clients have the right to share this information. Non-personally identifiable information is stored for 38 months.

6. Storage of personal data

6.1. Location of server – Sweden

deBroome’s servers are located in Sweden.

6.2. Storage and processing

deBroome’s clients: Your information collected through deBroome will be stored and processed in deBroome’s and deBroome’s partners’ server locations.
deBroome’s brand manuals: Clients have the right to collect information within their local servers.

6.3. Deletion of data

deBroome retains personal information for the duration of our business relationship and afterwards for as long as it is necessary and relevant for our legitimate business purposes.
When information is deleted from our services, some information will remain in our backups until it automatically deletes at its scheduled time. Therefore, personal information is not completely deleted from deBroome’s services at the time of the request.
It is important to note that deBroome has its own backups that automatically deletes information periodically. Thus, if a client deletes personal information from a brand manual, it is not completely deleted from deBroome’s services until our backups are deleted.

7. Personal data security

7.1. Data protection – deBroome

deBroome will keep your information secure by taking appropriate technical and organizational measures. We are concerned with protecting your privacy and data, but we cannot ensure or warrant the security of any information you transmit to deBroome. Moreover, we cannot guarantee that your information will not be accessed, disclosed, altered, or destroyed by a breach within our database.
deBroome takes responsibility of providing a platform that abides by the law. This meaning that deBroome gives the client the ability to easily show and edit their brand manual’s Privacy Policy on deBroome’s services. Moreover, clients can filter out inactive users and delete user information.

7.2. Data protection – clients

When creating brand manuals for clients, we always advise the use of applying secure socket layer technology (SSL). However, clients may choose to not purchase a SSL certificate or not renew their SSL certificate, leaving communication open between two devices. Therefore, deBroome cannot guarantee absolute security as it is the client’s responsibility to maintain personal data on our services.
If you use a password to access our services, we advise you to keep your password safe and use discretion when sharing passwords with those in need of access to your brand manual. We do not share passwords with anyone without given permission.
If you believe your account has been compromised, please contact us at *protected email*.

7.3. Routine for a security breach

If a security breach should occur, deBroome will take the following actions:

  1. If the intrusion is successful, deBroome cuts the internet connection to avoid loss or destruction of data
  2. Analyze and reconfigure the firewall
  3. Increased preparedness and supervision
  4. Report to all clients, partners, and users in the database

8. Responsibility for damage

  • deBroome’s responsibility: deBroome assures to take security measures to protect our services from vulnerability. Moreover, deBroome provides a platform to perform actions in accordance to the GDPR requirements. Therefore, we do not take responsibility if any damage happens to a user.
    deBroome is not accountable for any damage to our clients that is inflicted by our partners.
  • deBroome client’s responsibility: deBroome clients take responsibility of any damage inflicted on a user.

9. Your rights

9.1. Right to stay informed

deBroome is completely transparent to our partners and clients on how personal data is treated and stored.
If there occurs a breach in deBroome’s database, deBroome will inform our clients and then the users as soon as we have knowledge of this event. We will inform all on the measures we take to secure the system.

9.2. Right to delete information

At anytime, you can revoke the use of your personal data. While we will delete any personal information about you on our active database instantly within a reasonable period of time, we may retain information in our backups, analytics, to the satisfaction of legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so.

9.3. Request to access information

You can contact us at any time to request to access information that deBroome has about you. However, we will first take measures to verify your identity. deBroome will then ensure that you will be provided with a copy of the data we process about you. You can use this information for your own use.

9.4. Request to correct information

You can contact us at any time to correct any information that deBroome has about you.

9.5. Complying to your rights

deBroome will comply to any requests you may have in accordance to the law.
deBroome has the right to refuse a request if deBroome believes it is outside of the GDPR laws. However, deBroome must supply a sufficient reason why. If you believe deBroome’s reasoning is unjust, you have the freedom to contact Information Commissioner’s Office (ICO).

9.6. Privacy Policy updates

To abide by the law, deBroome will update this Privacy Policy occasionally. Therefore, we encourage our clients to stay updated by visiting this policy frequently.

Contact us
If you have any questions about deBroome’s collection and storage of data or requests, please contact us at:
deBroome AB, Tomtebogatan 5, SE-113 39 Stockholm
+46 8 52 20 50 00