Careium´s privacy policy as updated Oct 20, 2021
The privacy policy applies to Careium’s devices, websites, online programs, services and marketing activities that refer or link to the privacy policy (collectively, our "Services"). Please note that the privacy policy applies regardless of whether you are using a computer, mobile phone, tablet, or other device to access our services. Careium may, through notices or otherwise, in addition to this privacy policy, provide more information in connection with specific products and / or services. The information and terms you receive in this case only apply to your use of the services that the specific message or information refer to.
Please keep in mind that it is important that you read the privacy policy carefully because it describes how Careium collects, uses, shares, transfers and stores your information. You agree to this by using our services. You will always find the latest version of the policy on the website. In case of major changes, we will inform you directly of the change by notice.
IF YOU DO NOT AGREE TO THIS POLICY, YOU MUST NOT USE CAREIUM’S PRODUCTS AND / OR SERVICES.
1.1. Personal information is information that can be used directly or indirectly to identify or contact an individual. For example, you can be identified by your name, address, and phone number, but you can sometimes also be identified by providing information about your family or similar information. Personal information may also be information about your health, which is considered sensitive and is therefore treated with more care.
1.2. Processing is everything we do with the information we have about you. It includes that we collect the information, transfer it and save it to be analysed or to improve our services.
1.3. Personal Data Controller is the person responsible for ensuring that your information is properly protected and processed correctly. We are responsible for all the information we treat and have about you. However, we are not responsible for any information you provide, for example, in a app on your phone unless we have developed it. The reason for this is that we do not own the app and thus cannot determine what personal information it collects.
1.4. Third party is an individual, company or agency that is not part of our company and we do not have a business relationship with. It is someone outside the company.
2.1. When you contact us or any of our partners, we may ask you to provide your name or other personal information. This information may be shared with us, if it is necessary for us to complete your case. Your information will then be processed in accordance with this privacy policy. You are not obliged in any way to give us the information we ask for, but if you do not provide the relevant and the requested information, it may sometimes have the consequence that you cannot fully understand the products or services that we provide because we cannot supply or offer the product or service to the fullest extent.
2.2. Our partners can sometimes combine our available information about you with information they have about you to give you access to products, services or content.
2.3. When you use some of our services, you provide information directly to us. For example, if you create an account in one of our apps, buy a product, download a software update, or apply for a job position with us.
3.1. We strive to not collect more information about you than necessary. If you contact us, you usually provide us with your name, phone number and / or e-mail address to enable us to contact you. When you make purchases via our website, we also ask for your shipping / billing address and, if applicable, your credit card details.
3.2. If you use our services offered by your local municipality, the municipality asks you for the name, national health security number, address and telephone number. They may also ask for the name and phone number of your family or your close relatives or other additional information. The information is collected in order to provide the services and contact can be made with related persons in situations when so is deemed necessary. In these situations, the municipality is personally responsible for your personal data.
3.3. If you call our monitoring centre, the call is automatically recorded and stored in our system so that we can follow your health history according to the service we offer.
3.4. Through some of our services, you can share content or communicate with family and friends. We can collect information you provide about these persons such as name, address, e-mail or phone number. The data and the communication is stored in our system to view the message history.
3.5. We may collect information about you from government or commercial sources. Such collection is always done in accordance with law and the information can be combined with other information we have about you. In some cases, we may also collect information from social networks like Facebook, LinkedIn or Twitter if you are active on them.
3.6. Using Google Analytics, we collect your email address and data about your phone usage, such as what apps you use and how. This data is anonymous and helps us improve our services. You may approve if you want to provide this information and / or receive offers and tips on our services or products.
3.7. We can also collect other information about you and your device, such as how to use our services and your preferences. We always inform you and asks for your consent before such processing takes place.
4.1. We may use your contact information to send you notifications regarding changes to our terms and conditions, policies or information about a purchase you have made from us. You cannot opt-out of receiving these messages because they are necessary to provide our services properly.
4.2. We can further inform you about our latest products, software updates, promotions or upcoming events using your contact information only with your consent. Should you no longer wish to receive this information, you can unsubscribe from these messages at any time by following the instructions in the email you have received. You can also contact us via gdpr@careium.com or via our customer service.
4.3. In addition to the information collected by us in Section 3 above, we may also collect information through the use of our software. This information is as follows and used for the following purposes;
4.3.1. Information about your mobile phone model and other device identifiers that are unique to you. This could be your IP address, operating system version, and settings on the device you used when you signed up or your device used for a certain service so that you can benefit from the service.
4.3.2. Log information that tells when and for how long you used our service, what you searched for when using the service, as well as the information stored in cookies that we have placed on your device in order to offer and provide you with content that is appropriate to you and for giving you recommendations based on your interests and previously use of our services.
4.3.3. Information about where you are through your device's GPS signal or from nearby WiFi access points, mobile phone masts and by other technologies. This information is sent to us when you use certain services so that we can offer you the service properly,
4.3.4. Voice information such as recordings of your voice stored on our servers when using voice commands to control a service.
4.3.5. Information about your usage of programs or websites and what content in a service you use. This information may be used to create, develop, deliver and operate our products and services, our content and our promotion forward, but also to prevent data loss and fraud prevention.
4.3.6. Information for internal purposes such as audit, data analysis or research so that we can improve our products, services, and communication with you as customers,
4.3.7. Information such as your name, contact details, and address if you participate in a draw, a contest or similar campaign. We use the information to contact the winner to be able to deliver the winning price, but also to administer the campaign.
4.4. We may further use your information for internal records or to combine information that we have collected from you and use it for purposes of this policy upon further agreement from you.
5.1. We share your personal information only when necessary to provide a product, improve a service, or fulfil an agreement. Third parties may not access your information for marketing or business purposes without your consent.
5.2. We may, if necessary, share your information with:
5.2.1. Our subsidiaries.
5.2.2. Affiliates who are trusted and who can process your information to provide services that you request.
5.2.3. Service Providers providing services to us or providing services on our behalf. Companies that for example helps us invoice, sends email, delivers products to you, manages and improves customer data, and in some cases customer support are some examples. These companies may only use your information to provide the service and are required to protect your personal data. A service provider can operate wherever we operates.
5.3. We may in some cases have a legal obligation to disclose personal information about you to the authorities. This may be the case if there is a court decision, if it is necessary with regard to national security, to maintain law and order, if it is in the public interest or if it is necessary to protect our business and other users.
5.4. We maintain the right to share your information with relevant parties during a reorganization, merger, or sale. You can also consent to us sharing your information with more recipients than those specified in this policy.
6.1. We as a company, our partners and our licensees can collect, use, and share accurate data about your location to provide and improve location-based services that provide real-time information about your mobile phone's geographic location. These services may use technologies such as GPS, Bluetooth, your IP address, nearby WiFi hotspots, mobile phone masts or other technology to determine the location. This data is anonymous and does not identify you personally if you have not specifically consented to this. You can usually choose if an app or service should have access to your geographical location or not.
7.1. We ensure that your personal information is secure by communicating our privacy and security guidelines to all our employees and maintain a high level of security throughout the company. We take both physical and technical measures to protect the personal data we treat and process. However, please note that no webpage, internet transfer, computer system or wireless connection is completely secure.
7.2. Our services may, if necessary, protect your personal information with encryption upon transmission of this. Furthermore, your information is stored on computer systems housed in limited access facilities using physical security measures. However, we are not responsible for information you provide in chat forums or social media, so think about what information you choose to share in these cases.
8.1. We do not transfer your information outside the EU or the European Economic Area (EEA), so-called third countries, unless the transfer can be made in accordance with applicable law. If we transfer your data to the United States or Switzerland, we only transfer them to companies that have joined the "EU / US Privacy Shield Framework" or "the Swiss / US Privacy Shield Framework", which both impose data protection measures deemed acceptable for the transfer of personal data to third countries.
9.1. Your rights are:
9.1.1. Right of access. You are entitled to know what information we processe relating to you, how we collect it, if we have shared it with someone else and how long we intend to save it. You can access this information by contacting customer support or by sending an email to gdpr@careium.com. We may deny a request that is repetitive, compromises the privacy of others, or concerns access that may not be given due to law.
9.1.2. Right of rectification – If we have incorrect information about you or if you want to supplement these, we will correct the information or add the required and correct information.
9.1.3. Right to withdraw your consent - You have the right to revoke a consent you have given. We will then cease processing the current information if there is no other legal basis which entitles us to continue the processing. We will inform you accordingly.
9.1.4. Right to object - If you consider our processing personal information incorrectly or unnecessarily you may object to the treatment.
9.1.5. Right to request confiscation - If you think we are processing your personal information incorrectly, we will limit the processing of your data while investigation is performed. Under the period of limitation we may only store your information. We will inform you about the findings of such an investigation.
9.1.6. Right to delete - You can get all your personal information deleted from our system if we do not have a legal reason that allows us to continue processing your personal information. We will inform you if this is the case.
9.1.7. Data Portability - You have the right to have a copy of your data transferred to someone else. We will carry out the transfer as long as the data is stored digitally by us, and it is technically possible. Alternatively you will get a readable register that you can transfer on your own.
10.1. We takes reasonable steps to ensure that we only keep information about you for as long as it is necessary to fulfil the purposes for which they were collected, or the storage is required to comply with statutory legal obligations.
11.1. Our services may occasionally link to third party websites and services or display products and services available in third-party applications. We are not responsible for the security, personal data processing or privacy of these websites, services, or products.
11.2. By using third party products and services, they may collect personal information about you. We are not responsible for such treatment, and you must turn directly to third parties to exercise your personal data protection rights.
12.1. We may use cookies, web signals or other technologies in our services. Among other things, we use cookies on our website and in our apps. Cookies are small files that save information on your mobile, computer, TV or other device and recognize you on different websites, services, devices, and / or browser sessions. They can also send information to us. Cookies serve many important purposes such as;
12.1.1. Remembering your login information so that you do not need to log in every time you use a service.
12.1.2. Helps us, and our partners, to understand what parts of our services you visit, what features you use and how long you use them. By studying the information we can then tailor the services and give you a better experience.
12.1.3. Helps us, and our partners, to understand what ads you've seen.
12.1.4. Helps us and third parties to provide you with relevant content and relevant ads by collecting information about using our services and other websites and programs.
12.2. You can regulate yourself in your browser if you want it to approve, reject or inform you that a cookie has been sent / saved on your device. You will find information if you turn off cookies in your browser through the "Help" menu.
12.3. We always inform you if we use cookies. On our website we use the following cookies:
12.3.1. Strictly Required Cookies - These are needed to use our website. For example, if you compare two products, the cookie remembers which products you have compared.
12.3.2. Functionality Cookies – We use these to remember your username, password, language or region and give you a more personal experience of our website. These cookies are also used by service providers who have / displays their services on our website.
12.3.3. Custom Cookies - These cookies stores your visit, the sections of our website you have visited, and the links you have printed. These can also be placed on your third party device, which then offers you advertising that is relevant to you. For example, you can see advertising for our products when you visit other websites. This cookie can also limit how many times you see an ad, measure how effective it is and show how you move between different websites.
12.4. Some of the above-mentioned cookies may be placed on our third-party websites, but only after our approval. For example, these parties may be Facebook, LinkedIn, or YouTube. Third parties either provide information to us or offer services and individualization to you.
12.5. We, as well as some third parties, may use other local storage technologies, such as Local Shared Objects (also called "flash cookies") and HTML5 local storage, in conjunction with our services. These techniques are similar to the cookies described above so that they are stored on your device and can be used to store certain information about your activities and preferences. However, these techniques, compared to regular cookies, may use different parts of your device, so you may not be able to control them with the default browser tools and settings.
12.6. We, as well as some third parties, may also use techniques called web signals (or "pixels") that forward information from your device to a server. Web signals may be embedded in content online, videos and emails, and may allow a server to read certain types of information from your device, know when you have viewed specific content or a special email, set the time and date you watched the web signal and your device's IP address. We, as well as some third parties, use web signals for a variety of purposes, including analysing how you use our services and (along with cookies) provide content and ads that are more relevant to you.
13.1. Our services use plug-in modules for social networks ("plug-ins"). This means that if you are using a plug-in service, information from your device may be transferred to the social network if you are logged in to this. Information may be transmitted when using the service or if you interact by "Like" or "Share" content. The plug-in module can transfer your IP address to the social media even when you are not logged in.
13.2. The most common social network operators that handle plug-ins used in our services include, but are not limited to, Facebook, Google+, and Twitter. If you use these social networks but do not want information between the network and our services to be linked, you should log out of the social network before using our services.
14.1. Units worldwide can transfer or access any information you provide as described in this privacy policy. Personal data related to our services, regarding persons living in a member state in the EEA and in Switzerland, are controlled and managed by us. As a global company, we have a number of legal entities in different jurisdictions that are responsible for the personal information they collect and process on our behalf.
15.1. If you have any questions or concerns about our privacy policy or data processing policy or if you would like to file a complaint about our processing of your personal information, please contact us via gdpr@careium.com. You can always call us at our support number for your country. On all such communications, answers will be given as soon as possible. If you are not satisfied with the response you received, you may submit your complaint to the relevant regulatory authority in your country. In Sweden this is the Data Inspection Authority.
16.1. Eligibility to use the services: Our services are not directed to minors under the age of 18. You shall not be authorized to use the website, and/or the Services, if you are under the age of 18 or have been legally declared as mentally incompetent.
16.2. Do-Not-Track Option: We do not currently employ a process for automatically responding to “Do Not Track” (“DNT”) signals sent by web browsers, mobile devices, or other mechanisms. Per industry standards, third-parties may be able to collect information, including Personally Identifiable Information, about your online activities over time and across different websites or online services when you use the Services. For example, you may expressly opt out of online behavioral ads at http://www.aboutads.info/choices/. You also may limit certain tracking features by disabling cookies in your web browser.
17.1. Switzerland:
17.1.1. For Personal Information we receive from Switzerland, we comply with the Swiss-U.S. Privacy Shield Framework, as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from Switzerland, to the United States. We have certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/ and to view our certification, please visit https://www.privacyshield.gov/list. We are subjects to the investigatory and enforcement powers of the U.S. Federal Trade Commission (“FTC ”).
17.1.2. Where we collects or sends Personal Information directly to or from individuals in Switzerland, this Privacy Notice informs you and them about the purposes for which we collect and use Personal Information about them, the types of non–agent third-parties to whom we disclose that information, the choices and means we offer users for limiting the use and disclosure of Personal Information, and how to contact us. This Privacy Notice shall be posted on the Site, and provided when you submit Personal Information to us to register for your Account, or as soon as practicable thereafter, and in any event before we use or disclose the Personal Information for a purpose other than that for which it was originally collected.
17.1.3. If we receive Personal Information from our subsidiaries, affiliates or other entities in Switzerland, we shall use and disclose such Personal Information in accordance with the notices provided by such entities and the choices made by the individuals to whom such Personal Information relates.
17.1.4. We will only use Personal Information in ways that are compatible with the purposes for which it was collected or subsequently authorized by the user. We will take reasonable steps to ensure that Personal Information is accurate, complete, current and lawful. We will obtain assurances from our agents that they will safeguard Personal Information consistently with this Privacy Notice. If we have knowledge that any agent is using or disclosing Personal Information in a manner contrary to, or otherwise subverts the spirit and intention of this Privacy Notice, we shall take reasonable steps to prevent or stop such use or disclosure or to prevent any subsequent reoccurrence.
17.1.5. We will take reasonable precautions to protect Personal Information in our possession, custody and/or control, from loss, misuse, unauthorized access, disclosure, alteration and destruction. Any employee who we determine to be in willful violation of this Privacy Notice may be subject to disciplinary action, up to and including termination of employment, and the imposition of civil liabilities, and/or criminal sanctions under controlling laws.
17.1.6. We will investigate and attempt to resolve complaints and disputes regarding use and disclosure of Personal Information by reference to the principles contained in this Privacy Notice. For complaints and disputes relating to the terms of this Privacy Notice that cannot be resolved, we have agreed to International Center for Dispute Resolution, the international division of the American Arbitration Association, (“ICDR”) for dispute resolution under this Privacy Notice. This mechanism allows users an independent recourse so that each user’s complaints and disputes can be investigated and resolved and damages awarded where the applicable law allows. Users who submit a question or concern to us and who do not receive a satisfactory response from us should contact ICDR online at https://apps.adr.org/webfile/, email, postal mail, or facsimile, as set forth below.
International Centre for Dispute Resolution
A Division of the American Arbitration Association
Case Filing Services
1101 Laurel Oak Road, Suite 100
Voorhees, NJ 08043
Phone: (+1) 856-435-6401
Toll free phone number in the United States: (+1) 877-495-4185
Fax number: (+1) 877-304-8457
Fax number outside the United States: (+1) 212-484-4178
Email box: casefiling@adr.org
17.1.7. For any questions or for further information about this program, the ICDR’s International Arbitration Rules and forms, along with additional language versions of the ICDR’s International Arbitration Rules, visit the ICDR’s website at www.icdr.org.
17.2. European Union:
17.2.1. For Personal Information we receive from the European Union (EU), we have affirmatively committed to handling such Personal Information in accordance with the new EU-U.S. Privacy Shield Program. The EU-U.S. Privacy Shield Framework was designed by the U.S. Department of Commerce and European Commission to provide companies on both sides of the Atlantic with a mechanism to comply with EU data protection requirements when transferring personal data from the European Union to the United States in support of transatlantic commerce. The Privacy Shield program is administered by the International Trade Administration (ITA) within the U.S. Department of Commerce as the Data Protection Authority (DPA) in the United States of America. See https://www.privacyshield.gov/.
17.2.2. Our Privacy Shield Framework certification can be found at https://www.privacyshield.gov/list. Our Privacy Notice is available for download or review at https://www.careium.com/
17.2.3. Any user subject to the Privacy Shield program may bring a complaint directly to us, a committed Privacy Shield participant, and we will respond to such individuals within 45 days after receipt of the complaint. Moreover we will provide at no cost to the individual user, an independent recourse mechanism by which each individual’s complaints and disputes can be investigated and expeditiously resolved. We have selected ICDR/AAA as its/your independent recourse mechanism provider and it can be accessed at https://www.icdr.org/privacyshield.
17.2.4. We, as a committed Privacy Shield participant, have committed to binding arbitration at the request of the individual to address any complaint that has not been resolved by other recourse and enforcement mechanisms. See https://www.icdr.org/privacyshield.
17.2.5. We will investigate and attempt to resolve complaints and disputes regarding use and disclosure of Personal Information by reference to the principles contained in this Privacy Notice. For complaints and disputes relating to the terms of this Privacy Notice under the Privacy Shield Program that cannot be resolved, we have agreed to International Center for Dispute Resolution, the international division of the American Arbitration Association, (“ICDR”) for dispute resolution under this Privacy Notice. This mechanism allows users an independent recourse so that each user’s complaints and disputes can be investigated and resolved and damages awarded where the applicable law allows. Users who submit a question or concern to us and who do not receive a satisfactory response from us should contact ICDR online at https://www.icdr.org/privacyshield, email, postal mail, or facsimile, as set forth below.
International Centre for Dispute Resolution
A Division of the American Arbitration Association
Case Filing Services
1101 Laurel Oak Road, Suite 100
Voorhees, NJ 08043
Phone: (+1) 856-435-6401
Toll free phone number in the United States: (+1) 877-495-4185
Fax number: (+1) 877-304-8457
Fax number outside the United States: (+1) 212-484-4178
Email box: casefiling@adr.org
17.2.6. For any questions or for further information about the Privacy Shield program, the ICDR’s International Arbitration Rules and forms, along with additional language versions of the ICDR’s International Arbitration Rules, visit the ICDR’s website at https://www.icdr.org/privacyshield or for general information see the U.S. Department of Commerce’s website at https://www.privacyshield.gov/.
18.1. We do not knowingly solicit or collect personal data from or about children (aged 13 and under) without the consent of a parent or guardian, and we do not knowingly market its products or services to children. If we become aware that the person submitting personal data, through any part of our websites, is a child, we will use reasonable efforts to delete that personal data from its files as soon as possible. We will also use reasonable efforts to ensure that this personal data is not used for any purpose, nor disclosed to any third party. As we do not seek to collect any personal data about children, and we delete any data collected inadvertently as soon as it is discovered, we retain no data about children that could be reviewed or deleted. If a guardian requests review or deletion of data about their child before we have discovered and deleted the data, we will of course honor that request.
18.2. With children means according to Swedish national law a person with the age of 13 years or younger. In other member states national law may apply that defines children or adults as a person within other age intervals.