We at Uncle Unicorn protect our clients’ integrity and security. Our data protection and personal data policies explain how we gather and use personal data, and what your rights are.

As a client/subcontractor to Uncle Unicorn AB (Org.nr. 556783-1887) you need to be in acceptance of the data treatment protocols defined in our data protection policy. The company entity Uncle Unicorn AB acts as the personal data controller for any data that we handle. The role is regulated by this data protection policy in combination with established contracts and agreements. We continuously work to improve our process and the handling of your personal data. This means updates may be made to our data protection policy, and it is our recommendation that you review the document regularly. For substantial changes in policy, we will always inform you by whichever communications means you have consented to.

How does Uncle Unicorn handle my personal data?

Uncle Unicorn AB collects and handles personal data in contexts where it is required for us to be able to deliver a functioning service, take part in development, or to fulfill agreements, contracts and obligations according to law. The data is stored for as long as needed to meet the requirements as defined above. We always endeavor to minimize the storage time and handling of personal data, and try to ensure the time period for data retention is as short as possible.

Which parts of your personal data do we gather, and why?

When you enter a contract or agreement with Uncle Unicorn AB as a client or subcontractor, we need to store the following data: Name, organizational number/personal number/social security number, e-mail address, phone number, invoicing address, and postal address. We gather and store this data to be able to invoice in a manner that abides by current laws and follows best practice.

We may send out e-mail messages to any or all registered individuals, for example to inform about current projects, ongoing work/collaborations, technical issues or changes in our policies or agreements. These types of messages will be sent to the registered e-mail addresses. If a message should contain any sensitive personal data, this information is conveyed via a secure encrypted channel as defined and agreed upon in the established contract or agreement.

We may also send e-mail containing information we believe you may find of interest. You can always opt out from further e-mails of this sort by clicking the “avprenumerera/unsubscribe” link at the end of any such message.

To protect our clients’ and subcontractors’ services and user accounts, and to debug technical issues, we also document and log the IP-addresses of any users logging in and/or performing changes to content in the Uncle Unicorn file sharing Portal.

Voluntary data

We store the first and last name assigned to a user when creating a new account in the Uncle Unicorn file sharing portal, or whenever further individuals are given access to a specific user account. We store this information to be able to provide a good overview of which persons are using your account details.

When you contact Uncle Unicorn AB for a campaign/project purpose, the personal data you provide will be stored. This includes, in addition to the e-mail address you’re contacting us from, personal data in text format, such as phone numbers or other contact information in your e-mail signature. We store this information to be able to offer a relevant and personal context for future possible contact opportunities.

You may also communicate with Uncle Unicorn AB through social media platforms. When doing so, each individual platform’s data protection policy (or equivalent) is followed – and we use the personal data you have provided on each platform in accordance with what the respective platform policy allows.

Automatic data gathering

When you are using our services, we store and handle data about how you use them. This information may be stored and handled by third parties (Backblaze, Google G Suite), but only for the purpose of protecting data or debugging technical issues with the service or account held by the person using it, and to ensure that any data is stored securely for project and contract/agreement management. We never store personal data in a tertiary country, and we always endeavor to encrypt information that is stored online or in cloud services.

Click here for more information regarding how Backblaze handles GDPR related information.

Click here for more information regarding how Google EU handles GDPR related information.

Examples of automatically gathered data includes:

• IP-addresses from logs in systems used to manage our infrastructure.
• Logged information detailing what type of device you are connecting via. This information cannot uniquely identify you but may be used to do so if collated with other data.
• Information from social media platforms in accordance to company policy of the platform owner.

Does Uncle Unicorn have a personal data processing agreement?

To make things easier for you as a client in terms of your GDPR compliance, we have created a personal data processing agreement that can be mutually signed with us. Please contact info@uncleunicorn.se for help with this. Or reach out via phone at +46 (0) 31 339 60 60 and ask to be directed to the person in charge of the data processing agreements.

What are my rights as a client/subcontractor?

As a client or subcontractor to Uncle Unicorn AB, you have the right to know and see what information we have stored about you. You are entitled to one free export of data per year. Any such request should be sent to info@uncleunicorn.se, and is usually handled within 30 days. If we notice that an export will necessitate a delay, we will notify you of this, including the reason for the delay and if there are any further issues that may complicate the export. To ensure that personal data is shared only to the owner of that personal data, we will always demand that
proper documentation is provided to firmly prove and establish the identity of the person making the request.

You have a basic right to have all your stored personal data deleted (“the right to be forgotten”). Please do note that the Swedish law Bokföringslagen (1999:1078) as well as other relevant laws and agreements may take priority, and can as such override the request for deleting some or all of your data – even in the case of a formal request according to the right to be forgotten.

Data protection officer

Do you have questions regarding the handling of your data, please contact us at
info@uncleunicorn.se with the subject ”GDPR – request for my data”. Or call us at +46 (0) 31 339 60 60, and ask to be directed to the data protection officer.

Supervisory authority

If you want to lodge a formal complaint regarding Uncle Unicorn AB’s handling of personal data, you should contact ”Integritetskyddsmyndigheten”. You will find their contact information at imy.se.

Last updated: 2023-03-01