We care about personal integrity

We* care about your personal integrity. We always strive for protecting the personal data that we handle in the best possible way and to be compliant with the current laws and regulations for data protection.
In this privacy policy we inform you how we as personal data controllers handle personal data about leads, customers or contact persons at companies that is, potentially could be, or wants to be our customer (”the customer”).
If you have any questions regarding our privacy policy - please don't hesitate to contact us. This policy was established by us on Jan 1, 2024.

Please also read how our partner Google handles their privacy & terms for personalization of ads.

* Mesh Nordic AI AB ("Mesh Nordic", "us", "we", or "our"), org. no. 559466-2057 with address Box 3090, 211 65 Malmö, Sweden. The international company name is Mesh Nordic AI Limited.

What personal data do we process?

The personal data we process about you is the information that you or the company you are specified as a contact person for has provided to us in connection with us providing our Services, product solutions and related services. This information is usually your name and contact details as well as your IP address. We also process your organization number, which may constitute as personal data in case you have a sole proprietorship.

For what purposes do we process your personal data?

Administration of purchases and fulfillment of obligations in the contract agreementWe process your name, your contact information and, where applicable, your organization number for the purpose of administering the purchase of our Services, product solutions and other services made by you or the company you represent. We also process this data to fulfill our obligations according to our agreement to provide our Services, product solutions, quotes etc. with you or the company you represent.
The legal basis for our processing is that it's necessary to perform our obligations according to our agreement with you. If it's not you personally who entered into an agreement with us, but the company that you represent, the legal basis for the processing is our legitimate interest in being able to administer our agreement with the customer and fulfill our obligations according to the agreement.
If the information is not provided to us, we are not able to provide our Services, product solutions etc as we cannot identify you as a customer (when your organization number constitutes personal data) or come into direct contact with you or the company that you represent in the way we need to perform the contract.
MarketingIn order for you as a customer or contact person at our customer to receive information about us, our Services and offers, we process your name and your contact information for the purpose of sending newsletters to you by e-mail and contacting you by phone. The legal basis for this is our legitimate interest in communicating with you as a customer or as a contact person at our customer for marketing purposes.
If you have registered to receive our newsletter through our website, we process your name and contact details for this purpose. In such a case, the legal basis for the processing is your consent.
Chat and contact formsWe process the personal data provided to us within the framework of our chat function and in our contact forms in order to provide you or the company you represent with the support and / or customer service you request via the chat or in the forms, as well as to be able to follow up on completed support errands and detect any recurring errors and deficiencies in our Service. If the support and/or customer service relates to our Services or product solutions provided by us to you or the company you represent, the legal basis for our processing is that it is necessary to fulfill our agreement to provide the Services or offers. For other cases, the legal basis for the processing is our legitimate interest in being able to follow up the questions you have asked on the chat or in the contact form and provide you with support and / or customer service and follow up accordingly.
Protection of our website and our web platformWhen you visit our website or log in to our Services or product solutions, we will save your IP address. This is to be able to carry out appropriate security monitoring in order to track possible fraud, hacking attacks, denial of service attacks and the like, as well as, where applicable, make police reports. The legal basis for the processing is our legitimate interest in being able to provide a stable and secure web platform, maintain the availability of the product solution and be able to take appropriate measures when potential security threats or violations of the law occur.
We comply with applicable laws and regulationsIn addition to the processing of your personal data listed above, we also carry out processing that is necessary to comply with applicable law, regulation or authority decisions. We will therefore save your name, your contact information and, where applicable, your organization number to the extent necessary to comply with applicable accounting law.

Who can access your personal data?

As a starting point, your data is only processed by us. However, we share your personal data with our partners and suppliers, such as our IT suppliers and suppliers who provide a third-party service that is combined with our product solutions. However, we only share your personal data with them to the extent necessary for them to be able to fulfill their obligations to us. If you would like to receive more detailed information about who receives your personal data, please feel free to contact us or read our data processing policy.

Transfer of personal data to countries outside the EU/EEA

When we process personal data as a data controller, we usually process the personal data within the EU / EEA. In some cases, we use suppliers outside the EU / EEA, for example when we have email contact with you and when you contact us through our chat. Additional information where your personal data is stored can be found on our sub-processor page.
When we transfer personal data to our suppliers who process the personal data outside the EU / EEA, we only do so if we have a legal basis for the transfer in accordance with applicable data protection legislation. In practice, this means that we ensure that the transfer only takes place to a country that has been designated by the European Commission as having adequate protection for personal data or, if this is not the case, that the transfer takes place with the application of the EU's standard contractual clauses (SCC).This is done to ensure that your personal data receives an equivalent level of protection as when the personal data is handled within the EU / EEA.
If you want detailed information about the transfer that takes place outside the EU / EEA, feel free to contact us or read our data processing policy. We also process personal data that our customers provide to the Service and such processing takes place on behalf of the customer (we are personal data processors).
Personal data provided to our Services or product solutions through customer's use is processed by DigitalOcean, LLC ("DO") and Appdrag Limited trading ("Elestio"). Storage of personal data takes place on DO servers within the EU / EEA, but the personal data may, however, be shared by DO and/or Elestio to the USA as a result of US legislation to which DO and Elestio are subjected to.

For how long do we save your personal data?

The personal data that we process for the purpose of administering the purchase of our Services and offers and fulfilling our obligations according to the agreement with you or the company you represent, is not stored for a longer period than is necessary for these purposes, which is usually during the time you or the company you represent is a customer.
We send our newsletters to you and may contact you by phone for direct marketing for three years from the time you or the company you represent cease to be a customer with us. We will therefore save your name and contact information during this time for the purpose of sending our newsletters and contacting you by phone. If you have given your consent to receive newsletters from us, we will save your personal data for this purpose until you unsubscribe or ask us to stop sending you newsletters.
We will not save personal data you have provided to us in connection with using our chat function or our contact forms for longer than is necessary for us to be able to perform and follow up / check the support or customer service that you requested on the chat or in the form and detect any recurring errors and deficiencies in our Services. The exact storage time depends on the type of case. IP addresses are only saved for police reports or to track possible fraud, hacking or denial of service attacks in order to protect the web platform for 180 days.
Your personal data may be stored longer to the extent that we are required to do so by law, for example, your name, your contact details and, where applicable, your organization number may be saved for seven years to the extent that we are obliged to save the information for accounting purposes.

Your rights

You have certain rights regarding the processing of your personal data. Below you will find a more detailed description of your rights. To exercise your rights, you are welcome to contact us.
Withdraw your consentIf you have consented to us processing your personal data, you have the right to withdraw all or part of the consent given at any time. However, the withdrawal of your consent has no effect on our processing of your personal data for the time before the withdrawal took place.
Right of accessYou have the right to receive confirmation of whether personal data concerning you is processed by us and access to information about how the personal data is processed, e.g. the purposes of the processing and which categories of personal data the processing applies to. You also have the right to receive a copy of the personal data that is being processed.
Right to rectificationYou have the right to have incorrect personal data corrected without undue delay, as well as supplement incomplete personal data by providing information.
Right to be forgotten / erasureYou have the right to request erasure of your personal data if:● the personal data is no longer necessary for the purposes for which it was collected or processed;● you withdraw your consent on which the processing is based and there is no other legal basis for the processing;● you object to the processing and there are no legitimate reasons for continuing with the processing that outweigh your legitimate reasons not to continue;● the personal data has been processed unlawfully; or● the personal data must be deleted in order to comply with legal obligation to which Mesh Nordic is subject to.
Right to restriction of processingYou have the right to request that the processing of your personal data be restricted if:● you dispute the accuracy of the data (but only for a period of time that allows us to verify this);● the processing is unlawful and you oppose the erasure of the personal data and instead request a restriction on the use of the data;● we no longer need the personal data for our purpose of processing, but you need the personal data to assert or defend legal claims; or● you have objected to the processing and we have not carried out a check on whether our legitimate interest in processing your personal data outweighs● your legitimate reason for restricting the processing of your personal data.
Right to object to processingYou have the right to object at any time to the processing of your personal data based on a balance of interests. If we cannot demonstrate legitimate reasons for the processing that weigh heavier, your personal data will no longer be processed for this purpose. You also have the right to object to your personal data being processed for marketing purposes. This means that you have the right to say no to newsletters and other marketing mailings from us. If you object to marketing, your personal data will no longer be processed for such purposes.
Right to lodge a complaintYou have the right to lodge a complaint with a competent supervisory authority (without prejudice to any other administrative or judicial remedy). Such a complaint is advantageously submitted to the authority of the EU/EEA Member State where you have your habitual residence, where you work or where a violation of applicable data protection laws and regulations is alleged to have occurred. The competent supervisory authority in Sweden is IMY - the Swedish Authority for Privacy Protection (https://www.imy.se/en/).
Right to data portabilityYou have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used and machine-readable format and have the right to transfer these to another data controller (data portability) if:● the processing is based on your consent or on a contract; and● the processing takes place automatically.
You have the right to transfer your personal data directly from us to another data controller when this is technically possible.