Privacy Policy

Introduction

Voyado takes data protection seriously. We are transparent on how we process your personal data and have for these purposes drafted this privacy policy. This policy is applicable to visitors of our website, individuals who contact us through our website and individuals who are registered to receive marketing from us. Please be referred to our policy for job applicants here. The privacy policy for users of our service is accessible within the service.  In this policy you will find information on what kind of personal data we process, why we do it, what we use it for, how we may share it and further how you may make settings to change your preferences and your legal rights. The policy has been designed to fulfil the requirements under the Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, (the “GDPR”) and words not defined in this Privacy Policy shall have the meaning ascribed to such words in the GDPR. The data processing described in this policy  is carried out by Voyado AB, reg. no. 556787‑0208, as data controller.

What data we collect and when we collect it

When you visit Voyado’s websites and if you agree to the use of such cookies, we track and gather certain information on this website that helps us to better understand our visitor’s needs related to our website and our services.

When you as a customer use Google Customer Match Service in the Online Ads addon

When using Google as provider in the Voyado Online Ads module in Voyado for external audiences Voyado will provide a granted Google Ads account with one or many customer lists.

The Voyado user needs to login to a Google account via a so called OAuth screen with access granted to one or several Google Ads accounts. In order to link these Google Ads account to a Voyado user, Voyado requests to store encrypted authentication tokens and the email address for the Google account for each Google Ads account association. This is to add multiple customer lists, audiences, to the Google Ads account without the need of authenticate to Google ads every time.

It is at any time possible to remove or update the Google Ads account association.

The synchronization towards Google will use targeted groups of contacts, which have been profiled based on the end-customer data Voyado either collects on behalf of the Customer, or data the Customer provides Voyado with.

The external audiences will be created and shared in the Google Ads account, in the form of a list of hashed contact identifiers, currently including e-mail addresses, mobile phone numbers, first name and surname, in order for Google to search for matches among their own user profiles. Google can only identify user profiles for which this data already exists. If this data does not exist (i.e. the e-mail address or mobile phone number have not been given for a profile), it cannot be uncovered.

The recognized user profiles are then collected into a custom audience in the Google Ads. As a data controller you need to ensure that end-customer has been informed, and if deemed necessary as a legal base, that end-customer has agreed to such processing.

The status for the synchronization for each external audience is stored and displayed in Voyado. Please review the privacy policies, data processing addendums and other documentation made available by Google for full information on the processing of personal data within Google and that Voyado accepts no responsibility for such processing.

If you sign-up for e-mail marketing, e.g., for our newsletters, events or webinars or use the form to “book a demo”, we will use the personal data your provide (normally e-mail address, but in some cases also telephone number, company and title), to send personalized offers, marketing, product news etc. The legal base for this is consent. You can withdraw your consent and unsubscribe from such marketing by using the unsubscribe link in the e-mail or by contacting us via the contact details below. We analyse your behaviour in connection with the newsletter through the use of so-called tracking pixels or web beacons, which are one-pixel image files stored on our website. For analysis purpose we link your personal data and the web beacons to your e-mail address and an individual ID. Links received in the newsletter also include this ID. The data generated is used to create a user profile in order to personalise the newsletter to your personal interest based on when you read our newsletters and which links you click in them. This processing is based on our legitimate interests (Art 6 (1) f GDPR) in order to provide you with more relevant offers and a better usage experience.

Scoring, profiling and making telephone calls. Our website uses a system to identify which visitors that may be of specific interest. With the assistance of a cookie, each visitor collects points by making its way between the pages. The scoring is based on which pages you visit, for how long you stay there, your interaction with the webpage etc. This cookie will not enable us to identify you. However, if you allow direct marketing, we will send customized marketing send-outs to you based on your behaviour on the website. When you exceed a given threshold of points, we may call you to discuss if you are interested in Voyado’s offerings. The scoring system starts functioning once you visit Voyado’s website, however anonymously. You may prevent this by changing your cookie settings or not allow us to conduct direct marketing. The processing is necessary for our legitimate interests to promote our services and maintain business relations. The cookies used for the scoring system are stored in accordance with our cookie information below. You may opt-out from our direct marketing at any time and refuse the use of cookies.

Direct marketing to existing customers. We process personal data for the purpose of targeted e-mail marketing to existing customers. The personal data processed for such purpose may include e-mail address, information about visits including the URL, search terms, information about what you viewed or searched on our website and activities of users. The legal base for processing of this personal data is our legitimate interest (Art 6 (1) f GDPR). You have the right to object to such processing and in every e-mail we provide you with you have the opportunity to unsubscribe from marketing communication from us.

Third party cookies. We use Google Analytics and LinkedIn Analytics that collect third-party cookies. The information about your use of the website (including your IP-address) generated by the cookies will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluation your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google. We also use advertisement systems (i.e.Google Marketing Platform, Google Ads, LinkedIn Ads, Facebook Pixel, GA Audiences and Hubspot) that collect third-party cookie on our website. Cookies collected by these advertisement systems will be used by third parties for advertisement purposes. You may refuse the use of cookies by selecting the appropriate setting on your browser.

For how long do we process the data?

We will only use your personal data as long as necessary in relation to the purpose of the processing. Information retained in our marketing system for the purpose of sending marketing information to you will be retained for two years or as long as you are an active customer which communicates with us, participates in events etc. If you however object to the processing of your personal data for marketing purposes we will promptly and permanently delete your personal data. The information collected by cookies will be stored during the retention period stated for each cookie in our cookie declaration below. You can also clear your browser from cookies and the information will be deleted. Please note that the storage periods may not apply if Voyado is required to retain your personal data (partly or in full) under applicable mandatory law (e.g., accounting laws).

Who we share your personal data with

Only the people who need to process personal data for the purposes mentioned above have access to your personal data within our organisation. In order to provide the services to you we need to allow our suppliers access to your personal data when they perform services on our behalf as data processors, mainly to provide support and maintenance of IT systems, storage services and marketing. We use Microsoft Ireland Operations Limited for hosting of personal data and the third party providers stated in this policy and specifically the cookie declaration for other services.

The transfers may entail transfer of your personal data outside the EU/EEA. Any transfer of data outside the EU/EEA is made in line with data protection laws. Our international transfers of personal data (including transfers to group companies and suppliers outside the EU/EEA) are normally based on the EU Commission’s standard contractual clauses unless the company resides in a country considered by the EU Commission to ensure an adequate level of protection. The standard contractual clauses may be found here. In addition to the standard contractual clauses, we use suitable additional technical and organisational security measures.

Rights under the GDPR

In case you have any questions regarding Voyado’s processing of your personal data, please contact Voyado at privacy@voyado.com or use the contact details provided below. You can also use these contact details if you would like to exercise any of your rights as a data subject under the GDPR. Please note that the rights under the GDPR are not unconditional. Therefore, an attempt to invoke any of the rights might not lead to an action. Your rights under the GDPR include the following:

Right to access – According to article 15 GDPR, you are entitled to access your personal data and receive certain information about the processing. That information is provided in this document.

Right to rectification – According to article 16 GDPR, you are entitled to obtain rectification of inaccurate personal data concerning you and to have incomplete personal data completed.

Right to erasure – Under certain circumstances, you are according to article 17 GDPR entitled to have the personal data erased. This is the so-called “right to be forgotten”.

Right to restriction of processing – Under certain circumstances, you are according to article 18 GDPR entitled to restrict the processing of the personal data that Voyado carries out.

Right to data portability – You are according to article 20 GDPR entitled to receive the personal data (or have the personal data directly transmitted to another data controller) in a structured, commonly used and machine-readable format from Voyado.

Right to object – According to article 21 GDPR, you are entitled to object to certain processing activities conducted by Voyado on the personal data, such as all Voyado’s processing of the personal data based on Voyado’s legitimate interest.

Finally, you also have the right to submit a complaint with the supervisory authority, which in Sweden (the seat of Voyado) is the Swedish Authority for Privacy Protection (Sw: Integritetsskyddsmyndigheten) https://www.imy.se/kontakta-oss/.

How we protect your data

We employ appropriate technical and organizational security measures to help protect your personal data against loss and to guard against access by unauthorized persons. Appropriate security measures we have taken include implementation of security standards, implementing secure private connections, traceability, disaster recovery, access limitations, regular and independent vulnerability and penetration testing, physical access control, organizational measures such as risk management and change control, data breach management and business continuity management. We regularly review our security policies and procedures to ensure our systems are secure and protected.

Cookie policy

What are cookies?

A cookie is a small text file that a website stores on your computer or mobile device when you visit the site.

  • First party cookies are cookies set by the website you are visiting. Only that website can read them. In addition, a website might potentially use external services, which also set their own cookies, known as third-party cookies.
  • Persistent cookies are cookies saved on your computer and that are not deleted automatically when you quit your browser, unlike a session cookie, which is deleted when you quit your browser.

In the cookie declaration below you can see exactly which cookies we use and the relevant purpose.

When you visit Voyado’s website, you will be prompted to accept or refuse cookies.

How and why do we use cookies?

Voyado uses both ”first-party cookies” and cookies from external organisations as detailed in the cookie declaration below.

Please see the cookie declaration below for full information on Voyado’s purposes for use of the cookies.

How can you manage cookies?

If you do not want information to be stored by cookies, you can configure your settings on our webpage or in your browser so that it notifies you whenever a cookie is received. This way you can decide each time to accept cookies or not. However, the use of cookies may be necessary to provide certain features and choosing to reject cookies may reduce the functionality of our website. Your browser should include precise instructions explaining how to control the acceptance of cookies.

Changes to Voyado’s cookies

Whenever we update the list of cookies used or make changes to the categorization of cookies, we will ask for your renewed consent. Whenever we make such changes, we will ask for your renewed consent.

Cookie declaration

 

General contact details

Please use the following details if you would like to contact us by regular mail.

Voyado AB

Lumaparksvägen 9

120 31 Stockholm

Sweden

 

Changes to this website privacy notice

If we change how we handle your personal data or how we use cookies, we will promptly update this privacy policy and publish it on this website.

Last updated: 2021-05-19

Why book a demo of Voyado?

Because you owe it to yourself and your brand! Find out for yourself what it is about Voyado that makes so many retailers chose this particular customer loyalty platform.

It’s not just because Voyado is built specifically for retailers or because it’s so easy to use – it’s more than that. And that’s why you need to book this demo.

Fill out the form on your right, and we’ll reach out to set up a time.

Book a free demo