Will your personal data be shared with anyone else?

Like other companies, we use our bank to manage our payment flows, and our accounting consultant audits our accounting. These entities are data controllers for their processing. This sharing only occurs for the purposes stated above (i.e., contract fulfillment/invoicing and accounting/auditing).

We will not otherwise disclose the personal data we process as the data controller to anyone else unless required by law/regulatory decision or to protect our legal rights.

In the event that Intervaro AB engages data processors or sub-processors for the processing of personal data, such processing will be carried out on our behalf and in accordance with our instructions.

Intervaro AB has the following processors handling the current personal data for us:

• IT infrastructure system (e.g., internet provider)
• Accounting system (cloud solution)
• Customer/order management system (cloud solution)
• Email (cloud solution)
• Document management (cloud solution)
• We have entered into data processing agreements with these data processors.

Transfer of personal data outside the EU/EEA?

We use Google's G Suite service. Our data processor, Google, stores personal data outside the EU/EEA. Google's certification under the privacy protection frameworks between the EU and the USA, as well as Switzerland and the USA, covers the G Suite service. The data processor has also obtained compliance approval from European data protection authorities for its model contract clauses, confirming that our contractual relationship complies with the requirements of the data protection directive for lawful transfers of personal data from the EU to the USA. Thus, transfers are made either based on a decision on an adequate level of protection or in accordance with binding corporate rules or approved contract clauses. You can read more about the transfer on Google's website regarding this or contact us to obtain a copy of the safeguards.

Third-party cookies – Google Analytics

__utma

Expiration Time:
2 years from set/update

Description:
Used to distinguish users and sessions. The cookie is created when the javascript library executes and no existing __utma cookies exists. The cookie is updated every time data is sent to Google Analytics.

__utmt

Expiration Time:
10 minutes

Description:
Used to throttle request rate.

__utmb

Expiration Time:
30 mins from set/update

Description:
Used to determine new sessions/visits. The cookie is created when the javascript library executes and no existing __utmb cookies exists. The cookie is updated every time data is sent to Google Analytics.

__utmc

Expiration Time:
End of browser session

Description:
Not used in ga.js. Set for interoperability with urchin.js. Historically, this cookie operated in conjunction with the __utmb cookie to determine whether the user was in a new session/visit.

__utmz

Expiration Time:
6 months from set/update

Description:
Used to distinguish users and sessions. The cookie is created when the javascript library executes and no existing __utma cookies exists. The cookie is updated every time data is sent to Google Analytics.