Note: when we talk about “Services” we mean any and all of Ctrl Alt Deseat’s websites, products, and services.
Personal Data Controller
You will find information about how to contact us under the heading “Contact Details” below.
Designed Primarily for Adults
We do not produce our Services for nor market our Services to children, including those thirteen years old or younger. By signing up as a user You warrant that you are eighteen years old. However, You may add Your own children as users to our Services, but You are solely responsible for their use of our Services.
Information We Hold, How We Collect It and How We Use It
Secure Data is data that we cannot access under any circumstance and includes Your account information (user-ID and password) and any information You store in Your eego account. This data is encrypted using secure cryptographic keys that exist only in the possession and under the control of our customers. We have no way of accessing or providing decrypted Secure Data and we never receive copies of unencrypted Secure Data. Secure Data is Your property, in which we claim no rights, title, or interest beyond what is necessary for delivering Services to You. You may add, modify, and delete Secure Data at Your discretion. If You do not have a eego account, You cannot provide us with Secure Data.
Service Data is information that is not encrypted and is necessary for us to provide Services. Service Data includes e-mail address and billing information. In order to use the services offered on the Website, You are obliged to register an account. The account shall only be accessed and managed by the account holder and such employees at Ctrl Alt Deseat who are authorized to administer the accounts. The account holder is able to update or amend the submitted personal data and to delete the account at any time. Should the requested information not be provided we are not able to provide the services offered on the Website to You. When You create an account on the Ctrl Alt Deseat Website You provide Your e-mail address.
If You use eego as a webpage we use the payment method Stripe and for that You will need to provide Your billing information (credit card information and postal code). If You download our mobile application via Apple Store or Google Play, we do not ask for or receive any billing information.
Moreover, we generate a user-id and password for you. This information however is encrypted and we can never see them.
We also store Your contact information to be able to communicate with You about Service activity, provide support, and send You other information such as product updates and announcements. You can choose to stop receiving communications from us, except regarding certain important notifications such as billing- and account security alerts.
Additionally, we collect Diagnostic Reports and other troubleshooting, bug- and crash reporting information from customers to help determine problems with our Services. Copies of Diagnostic Reports and other information transmitted to us is used for the purpose of enhancing and improving our Services. We consider Diagnostic Reports, bug- and crash reporting data, and all other troubleshooting information to be Service Data.
Purpose of Processing
The personal data submitted by You on the Website is aimed to provide Ctrl Alt Deseat with the necessary information to administer the Services and to communicate with You. The personal data in the account is managed and processed by Ctrl Alt Deseat in order for You to use the offered Services. The billing information is used for the purpose of billing to fulfill our contract with you. We also use Diagnostic Reports and aggregated statistics for enhancing and improving our Services.
Legal ground for processing
When communicating with You we either ask for Your consent or base our processing on our legitimate business interests such as providing our Services and customer service as well as informing You about product updates and announcements. When using aggregated information in a statistical purpose we base our processing on our legitimate business interests such as evaluating the performance and use of our Services and for monitoring and improving our infrastructure. Your billing-information will also be processed on the base of our and the payment processing service Stripes’ legitimate interest of being able to provide a user-friendly payment method.
The personal data is stored for as long as You have an account and is deleted directly after inactivation of the account, unless the data is required for a specific reason such as a legal obligation or that Ctrl Alt Deseat has agreed with You to store the personal data for a longer period of time. Ctrl Alt Deseat reserves the right to delete personal data earlier, if Ctrl Alt Deseat deems appropriate.
Disclosure of personal data
We have both policy and technological safeguards to prevent the unauthorized disclosure of information. However, we do reserve the right to disclose any information we have if compelled to do so by a court of law with competent jurisdiction. In such an event we will disclose requested Secure Data and Service Data. If permitted by the order issued by the court, we will notify You of such a request and whether or not we have complied. However, Your Secure Data should remain private for as long as You keep to Your Responsibilities for Protecting Your Data as outlined above. If we have a reasonable and good faith belief that a disclosure is necessary to prevent criminal activity or damage to life or property, we may disclose Service Data to the authorities.
Keeping Your Information Safe
We have implemented strict access controls to limit who can access Service Data. Only certain employees, vendors, and contractors of Ctrl Alt Deseat have the ability to access or review Service Data, and Service Data is only accessed for legitimate business interests such as providing customer service, evaluating performance and use of the Services, and monitoring and improving our infrastructure. Under no circumstances do we ever use Your Secure Data for any purpose other than transferring Your encrypted Secure Data between Your devices and delivering it to You, maintaining a copy in our databases to ensure that Your devices are up to date and that You have a backup, and ensuring the integrity of Your data.
Your Responsibilities for Protecting Your Data
When You create a eego account You will receive a Backup Key and a Master Password. Both are locally generated on Your device.
It is extremely important that You understand that anyone with both Your Backup Key and Master Password can access Your Secure Data. It is equally important that You keep a copy in a safe place for Your own reference, because future access to Your Secure Data depends on having access to both Your Backup Key and Your Master Password. We will never ask You for your Master Password or your full Backup Key, and You should never send either to us.
Due to the nature of our design and the sensitivity of the information you entrust to us (even in encrypted form), it may not be possible for us to help You with certain customer service requests.
Transfers outside the EU/EEAS
Our servers are provided by our vendors in the United States and transfers to those servers are based on an adequacy decision in accordance with article 45 of the GDPR and they are certified under the EU-US Privacy Shield. When we use other third party vendors for providing and improving our services, such as payment services, which are located outside the EU/EEAS we make sure that they are subject to an adequacy decision or that appropriate safeguards are implemented and that Your rights are enforceable and that effective legal remedies are available for You, in accordance with article 46 of the GDPR.
To find out more about the EU-US Privacy Shield please click the following links:
Under the GDPR You have the right to:
- Request information about the the Personal Data we hold related to You free of charge. Your also have a right to request a withdrawal of the record. A request for a withdrawal of record shall be made in writing and must be personally signed by You. The request shall be sent by regular mail to the address indicated under Contact Details. It is thus insufficient to send the request by e-mail. You have the right to receive one copy of the record free of charge. For additional copies we may charge a fee to cover the administrative costs.
- Request rectification of inaccurate personal data concerning You and request incomplete data to be completed.
- Request erasure of personal data concerning You. Ctrl Alt Deseat has the obligation to erase Your personal data without undue delay if one of the grounds of article 17 GDPR applies for example if the personal data no longer is necessary for the purposes for which they were collected or otherwise processed.
- Request restriction of the processing of personal data concerning You if one of the grounds in article 18 GDPR applies for example if the processing is unlawful.
- Object to further processing of personal data concerning You for direct marketing purposes. You also have the right to object to further processing of personal data concerning You that occurs on basis of our legitimate interests or the public interest.
- Data portability which means that Ctrl Alt Deseat will, during certain circumstances, send the personal data concerning You in a machine-readable format if the transfer is technically possible. You can then without hindrance from Ctrl Alt Deseat transmit those data to another controller.
- Withdraw your consent to processing. This does not however affect the legality of processing Your information prior to withdrawal. To withdraw Your consent simply send us an email stating that You withdraw your consent to us processing Your information further.
- Hand in a complaint to the relevant national data protection authority. In Sweden this is Datainspektionen (www.datainspektionen.se).
- Restrictions to Your rights may apply in accordance with article 23 of the GDPR.
A ‘cookie’ is a small text file sent from Ctrl Alt Deseat’s server to Your browser. The cookie cannot identify You personally. It can only recognize the browser that is installed on Your computer and that is used to access Ctrl Alt Deseat’s Website. Different cookies are sent to different computers if You access the Website from different computers. Cookies are required for the system to function correctly and safely, for example when You log in to Your account. Cookies are also used to measure the data traffic in the system and for statistical reasons.
There are two types of cookies, one type is called session cookies, and the other is called permanent cookies. A session cookie is sent between Your computer and Ctrl Alt Deseat’s server in order for the system to work properly during Your visit on the Website. A session cookie disappears when the browser is closed and is thus not stored on the computer. A permanent cookie is stored in Your computer and allows Ctrl Alt Deseat’s systems to recognize Your computer's IP address and web browser the next time You log in. Ctrl Alt Deseat’s system uses both session cookies and permanent cookies. You can decline Ctrl Alt Deseat’s system to store cookies on Your computer by editing a setting on the browser. Such settings may imply that certain functions on the Website will not function properly or be available.
In order to retain aggregated statistics to be able to analyze, enhance and improve the functionality of our Services we use Google Analytics. For more information about Google Analytics and Privacy please follow this link: policies.google.com/technologies/partner-sites. You can disable cookies for Google Analytics by following this link: tools.google.com/dlpage/gaoptout.
Ctrl Alt Deseat AB (“Ctrl Alt Deseat”) is the personal data controller. Mörbydalen 11, 182 52 Danderyd email@example.com