1. Introduction
Howwe Technologies AB places high demands on IT security and processes personal data in compliance with the General Data Protection Regulation (GDPR) and other applicable laws. This policy outlines how personal data is collected, processed, and protected within Howwe’s services, ensuring transparency and security for all users.
2. Employee Training and Responsibilities
All employees are trained in the handling of personal data, including GDPR compliance requirements. They are expected to:
Adhere to established routines for processing personal data.
Handle personal data securely in the company’s IT systems.
Report any issues or uncertainties to their immediate manager or the Information Security Officer.
Training programs are regularly updated to align with new regulations or internal process changes.
3. Personal Data We Process
Data Collected
We collect the following personal data when you use Howwe’s services:
Name: To identify you as a user.
Email Address: For communication and account-related functionalities.
Telephone Number (if provided): For inquiries or event registration.
Technical Data: Includes the URL of access, IP address, unique device ID, network and computer performance, browser type, language, operating system, and other identifying information.
Providing this personal data is necessary to enable the use of Howwe’s services.
4. How We Collect Your Data
Direct Input
We collect information when you:
Provide it directly to us through the Howwe platform, website forms, or other communications.
Automated Collection
Technical data is automatically collected when you interact with our website or platform to ensure functionality, performance, and security.
5. Processing and Protecting Personal Data
Purpose of Processing
We process personal data to:
Provide and improve our services.
Ensure secure access and authentication.
Support customer service inquiries and technical support.
Comply with legal and regulatory obligations.
Protection Measures
We employ robust security measures to protect personal data, including:
Encryption: AES-256 for data at rest and TLS 1.3 for data in transit.
Access Controls: Role-based access control (RBAC) to restrict data access to authorized personnel only.
Regular Backups: Automated backups stored securely across multiple geographic regions, with weekly restoration tests.
6. Data Retention and Deletion
Retention Policy
For Customers: Personal data is retained for the duration of the customer agreement and for six (6) months following termination.
For Website Visitors: Data provided for inquiries or event registrations is retained as long as it is relevant to our business needs and sales cycle.
Deletion Requests
Users can request data deletion by contacting [email protected]. In response:
All personal data will be anonymized to prevent identification.
Non-personal data (e.g., aggregated metrics) may be retained for analytical purposes.
7. Compliance with GDPR and Data Subject Rights
Your Rights
As a user, you have the right to:
Access your personal data.
Request corrections to inaccurate data.
Request the deletion or restriction of processing of your personal data.
Lodge complaints with your local data protection authority if you believe your data is being mishandled.
Regional Hosting
Personal data is primarily stored and processed within the European Union. Customers can choose a specific data region, depending on Google Cloud’s available locations.
8. Data Security and AI Integration
AI Features
If AI-enabled features are used, personal data remains within the secure Google Cloud ecosystem, powered by Google Gemini.
No AI Model Training: Personal data is never used to train AI models.
Customers may opt out of AI-enabled features entirely by contacting support.
Incident Management
Howwe’s incident response processes ensure prompt detection, escalation, and resolution of any personal data security issues.
9. Contact Information
For questions or concerns about this policy or to exercise your data rights, contact:
Email: [email protected]
External Links and Resources
General Data Protection Regulation (GDPR)
Comprehensive details on GDPR compliance and user rights.
ISO 27001
Standards for information security management.
Google Gemini AI Privacy and Compliance
Details on Google Gemini’s secure operations and data privacy.
Google Cloud Compliance Overview
Documentation on Google Cloud’s compliance and certifications.
Auth0 Security and Compliance
Information about Auth0’s data security and user authentication practices.
This updated Personal Data Policy underscores Howwe’s commitment to robust data protection, compliance, and transparency. For further information, reach out to [email protected]