Privacy and data protection policy
Privacy and data protection policy
The term “your personal data” refers to data that ESS, its clubs, members and partners (also referred to as “we”, “our”, “us” below) collect and save about you and how you use our services that identify you in a direct or indirect way. We use this information to provide services, to give you a better experience, to improve our services and to give you an offer that is adapted to your personal needs.
We have summarized here how we collect and process your personal data in conformity with the General Data Protection Regulation (GDPR).
The policy covers processing and handling of your personal data as well as who you should address if you have any remarks or want to exercise your rights on consent with regard to our handling of such data.
We process the following personal data:
First and last name as well as e-mail address
Information about your services:
Data on which services you have ordered and how you use them, i.e. purchase and order information, IP number and the MAC address as well as GEO information
Customer service enquiries
When you contact our support team, we collect the necessary information that is required in order to be able to help you with your enquiry
How we collect data:
- Through data that you yourself submit to us as a customer;
- Through data that you submit when you contact our support team;
- Through data that is created when you use our services – for example when you visit our website or use our control panel;
- Visit data via cookies (see the section on Cookies).
Information we collect from third parties
We also get information from third parties or social media accounts if you use these to browse to and/or identify yourself to them or use such Services or Web pages (for e.g. Google, Facebook etc.). Information we have access to is collected from your “public profile” hosted by third parties or social media when you log in with that account. This means that the settings that determine what information we get depend on your account settings with that party. We get access to the same information as that given previously.
Purpose and legal grounds
We process your personal data to be able to manage our customer relations, analyse web page use, offer goods and services, provide customer service and support in relation to our services, and for market research and marketing of our goods and services.
This is done so that we can:
- Fulfil our obligations to you as customer by processing your registrations and ensuring your identity in order for you to access and use our web pages and services;
- For contact, administration and support in the event of troubleshooting;
- For statistical reasons with the purpose of developing ESS, its clubs and services that are offered and therefore to improve the customer experience;
- For carrying out optional market research and participation in competitions and marketing campaigns;
- In order to be able send push notifications or notify you in some other way about any changes, outcomes or arrangements online and in the ESS app;
- In order to send you relevant offers for our services via, among other means, newsletters;
- For security purposes, in order to counter misuse of services, intrusion attempts, Distributed-Denial-of-Service attacks (DDos) as well as the spreading of viruses or other harmful code;
- In order to comply with those requirements on personal data processing prescribed by law.
How we save your personal data
Your personal information is stored in our system as long as there is a documented purpose for processing. If the service is terminated, your name and personal data is stored for a maximum of 12 months after the termination date. We always store and process your personal data to that extent and for that period of time we are obliged to do so by law.
Personal data that should not be stored as per the General Data Protection Regulation is erased on an ongoing basis as soon as further processing is not justified by the legislation.
Release of personal data
We release personal data in certain circumstances to partners and sub-contractors (contracted personal data processors, for e.g. companies that host our e-commerce platform, assist with invoicing or IT and Cloud services), in order to be able to fulfil our agreement with you as customer and to otherwise comply with statutory obligations and to be able to analyse how our services are used and how to improve them.
We have taken, and continue to do so, protective measures in order to ensure that no personal data is processed in breach of legislation in effect on both security and individual privacy. Everyone who processes your personal information is both bound and legally and contractually restricted as to how such information is used. We do not sell, trade or transfer your personal information to external parties for any other purposes.
We release personal information to new ESS club members, which also includes Teams/Clubs/Companies that qualify for the Elite Series in Speedway. We also release personal information when there is a statutory obligation to do so on account of legislation in effect, court rulings or rulings by other competent authorities.
We also release personal data in order to enforce or apply our general terms and conditions, other agreements or to satisfy requests that we receive. as well as to respect our personal data processors’ rights, to protect the security of individuals and to prevent illegal activities. This includes the exchange of information with other organizations in order to prevent fraud and to reduce credit risks.
Services and web pages may contain links to other web pages, services and/or applications that belong to, for e.g., advertisers, sponsors and partners. We are only responsible for privacy and security issues with regard to Services and Web Pages delivered by us.
The website uses so-called cookies for the purpose of personalizing your user experience and improving the web site. Cookies are small text files that are saved onto our visitors’ computers, and which can be used to follow what a visitor does on our website.
There are two types of cookies: (i) permanent cookies that remain on the visitor’s computer for a defined period of time and (ii) session cookies that are only stored for the duration of the visit to the website. Session cookies disappear when you close your web browser.
Please note that if you choose not to accept cookies, some functionality may be limited on certain web pages.
Web pages and Services can also contain so-called “web beacons”, i.e. electronic images that are used together with cookies to compile aggregated statistics. The purpose is to analyse how Web pages and Services are used. Web beacons may be used in some of our electronic mailings with the purpose of providing us with information and insight as to which e-mail and links have been opened by recipients.
What are your rights?
You decide about your own personal information. This means that you decide which information you want to submit and you approve how your personal data is processed. You can withdraw your consent at any time by reconfiguring the settings in Services or Web pages or by closing the account, membership and similar.
You can also get access to any data we store about you on request and you can contact us to modify your details at any time. We comply with your request without unreasonable delay if it is possible without violating any legislation in effect. Please note however that we must have access to certain personal data to be able to provide you with our services. If you choose to withdraw your consent, this may entail that we cannot provide all our services.
If you are no longer a customer of ours:
If you close your account, we remove all your personal information when there is no longer any reason for further processing. We also notify our sub-contractors and partners that may have processed your data that any such data must be erased by them.
Some things are erased including the following (if applicable):
- e-mail addresses with associated e-mails
- personal data in the customer database
- back-ups of the above are removed in accordance with our back-ups schedule
Some things are not erased including the following:
- data that is required as per the Swedish Bookkeeping Act
How we protect information about you
We use industry standards to store, process and communicate sensitive information, for example, personal data and passwords, in a secure manner. Regular reviews of procedures and measures ensure that our current measures are indeed adequate.
These procedures cover, among other things:
- incident management
- information security
- risk analysis
- software updates
- secure configuration and management of terminals
- offices and server centres
- staff training on our procedures
Only co-workers who perform a specific task get access to information that can identify a person. All of our personnel are bound by the confidentiality agreement and only process information required for their task.
All requests to exercise your rights with regard to obtaining an extract of the data register, information or rectification of wrong information are sent to:
: [email protected]