top of page
Privacy Policy

If you visit our website, our community or in other way interact with us

We at 55 Degrees AB (" 55 Degrees", "we"," our", and" us") care about your privacy and want you to feel safe when we process your personal data. In this privacy policy, we want to inform you about how we process your personal data when you visit www.55degrees.se, www.actionableagile.com, our subdomains, and our listings on third-party marketplaces (“Websites”), use our community or in other way interact with us..

Our goal is to be as transparent as possible regarding our processing of your personal data – do not hesitate to contact us with any questions you have!

In short

We process your personal data according to below:

-       If you use our website and/or use our community, we process your personal data to:

  • analyse how our website and community is used with Google Analytics, Wix, Wordpress, and Mighty Networks (if you have given your consent),

  • show you relevant marketing online from us on other websites and social media that you are visiting, such as Facebook (if you have given your consent), and

  • make the website and the community function properly.

-       If you communicate with us, e.g. through the use of social media or our contact forms, we process your personal data to communicate with you.

In order to market our products and services towards you we will share your personal data with third-party services which means your personal data will be transferred outside the EU/EEA.

Here you can find all our privacy policies which describe how we process personal data in other situations, e.g. if you receive our newsletters or if you work for a company that is a customer to 55 Degrees.

Your rights

 

Below you will find a detailed description of your rights and how to exercise them. In summary, you have the following rights:

If you have any questions about your rights or want to exercise any of your rights, you are more than welcome to contact us.

Below you can read more about:

By pressing the selected heading, you will be moved to the relevant paragraph.

 

When we refer to "your company" in this privacy policy, we refer to your employer or the organization or public body that you represent.

Who is responsible, and how to contact us?

We at 55 Degrees are generally processing personal data on the instructions of our customers, i.e., as processors. When you receive our surveys, newsletters, or other marketing, it is 55 Degrees AB that is responsible for the processing of your personal data.

If you have any questions or if you wish to exercise any of your rights, we are available at:

  • Full name of legal entity: 55 Degrees AB (organization number 559201-6843)

  • E-mail address: privacy@55degrees.se

  • Mailing address: Lilla Nygatan 7, 211 38 Malmö, Sweden

A detailed description of how we process your personal data

Below you will find a detailed description of how we process your personal data:

If you visit our websites and/or use our community

We gather personal data from you, from your device and through a third-party service.

 

We will collect personal data by using cookies. To protect your privacy, we have taken measures to avoid identifying you when you visit our websites. We do not use the personal data from cookies to identify you.

To analyse how our websites and community are used in order to make improvements

If you have given your consent when you visit our websites and/or use our community

What processing we perform

If you consent to analytics

  • Analyze how you use our websites and/or our community to optimize functions, to adapt the websites and/or our community to suit our visitors, and to be able to draw conclusions regarding our visitors

  • To do this, we use an analytic service from Google Analytics, Wix, Wordpress, and Mighty Networks, which means that we use a random ID to distinguish your device from other visitors and to acknowledge patterns in how our websites are used. We will, however, not know who you are

What personal data we process

 

  • An encrypted version of your IP address which we at 55 Degrees can’t connect to you as an individual

  • Unique ID and session number

  • Information about your device/browser (initial timestamp, last timestamp, current timestamp and your screen resolution)

  • Information about your activities on the websites, e.g. what you click on

  • Other information that Google, Wix, Wordpress, and Mighty Networks has about you, e.g. information about from which site you found us

Our legal basis for the processing: 

 

Consent (Article 6.1.a GDPR)

Your personal data will be processed based on your consent. You can withdraw such consent at any time by contacting us.

 

You can prevent Google Analytics from using your personal data by downloading and installing this browser add on.

Storage period: 

We will use your personal data for 14 months after your visit to our sites.

Google, Wix, Wordpress, and Mighty Networks will continue to use your personal data for their own purposes, and they will inform you separately about such processing.

To show you online marketing after your visit to our websites

If you have given your consent when you visit our websites

What processing we perform

​If you consent to online marketing when you visit our websites

  • We market our products and services by showing you offers and marketing online that we believe your company are interested in

  • We show you such marketing on other websites you visit. We do this by the use of marketing tools from Google and Facebook. You see marketing based on information that these companies have about you beforehand (so-called profiling*)

What personal data we process

 

  • An encrypted version of your IP address which means we at 55 Degrees can't identify you as an individual

Thereafter you will see search results and ads based on:

  • An analysis of how you use our websites

  • Information that the marketing services we use have about you from before, e.g., information on which site you found us

Our legal basis for the processing: 

 

Consent (Article 6.1.a GDPR)

Your personal data will be processed based on your consent. You can withdraw such consent at any time by contacting us.

Here you can make choices about the marketing you see from Google.

 

Here you can make choices about the marketing you see from Facebook.

Storage period: 

Google and Facebook continue to use your personal data for marketing purposes for the longest two years after your visit to any of our websites. We at 55 Degrees do not continue to store your personal data for this purpose.

Google and Facebook will continue to process your personal data for their own purposes, i.e. as a controller. Information on how long they store your personal data can be found in their respective privacy information.

* Profiling: We use so-called profiling to be able to show you offers that are relevant to you and to provide you with customized marketing. We use profiling so that you can see relevant marketing instead of general offers and information which you may not be interested in. You have the right to object to profiling as described above under the section explaining your rights.

To make the websites and community function properly

When you visit our websites and/or use our community

What processing we perform

  • To technically make the websites work, e.g., remember your previous choices

What personal data we process

 

  • Technical information

  • Information about your previous choices, e.g., if you have consented

However, we will not connect the information to you as an individual or to other information we have.

Our legal basis for the processing: 

 

Legitimate interest (Article 6.1.f GDPR)

The personal data will be processed based on our legitimate interest to make the websites work.

  • For security purposes

IP address and information about your device

Legitimate interest (Article 6.1.f GDPR)

The personal data will be processed based on our legitimate interest to make the websites work.

  • Keep you logged in to our community

Your log in information, e.g., username and password

 

However, we do not actively look at your password. We need to technically process information about your log in details to keep you logged in to our community.

Legitimate interest (Article 6.1.f GDPR)

The personal data will be processed based on our legitimate interest to make the websites work.

Storage period: 

We will use your personal data during the time you visit our websites.  Personal data used for security purposes will be used for 30 days after your visit.

If we communicate, e.g. through the use of social media or our contact forms

We gather personal data from you and from any social media channels you use. If you communicate with us as a representative of a customer, our privacy policy for customers applies instead.

To communicate with you

What processing we perform

  • Communicate, e.g., via e-mail or contact form on our websites

  • Answer your questions and give you the best service

  • Communicate via social media, e.g., if you comment on our site or our social media page. These social media channels either process your personal data on our instructions or as controllers in their own right. We suggest that you also familiarize yourself with the privacy information of that platform

What personal data we process

 

  • Information you provide to us, e.g. name, which company you represent, and contact information

If you visit our social media channels, we also process:

  • Information from your profile on the social media in question (username and any picture you have chosen for your account)

  • Other information regarding the matter for which you contact us

Our legal basis for the processing: 

 

Legitimate interest (Article 6.1.f GDPR)

The personal data will be processed based on our legitimate interest to make the websites work.

Storage period: 

Communication with us via our websites or in e-mails will be stored during the matter for which you have contacted us and thereafter for us to be able to handle any questions, complaints, or claims. You can read more about this in our privacy policy for questions, complaints and claims.

You can delete your comments and communication with us on our social media channels at any time. We will remove posts or comments that breach the rules of the platform or conflict with legislation as soon as possible.

Who can gain access to your personal data and why?

 

We do not sell your personal data or share it with other parties unless it is necessary. This means that your personal data will be handled by our employees but only by the personnel in need of such access to conduct their work.

We need to work with suppliers and partners to conduct our business. Such parties will therefore process your personal data. We are responsible for any sharing of your personal data to such suppliers or partners and to make sure your personal data are safe when shared with third parties as set out below.

 

We will share your personal data with the following recipients:

  • If you interact with us or visit our social media accounts, the social media platforms that you use will process personal data about you as a user.

  • When you visit our websites and/or use our community and have given your consent, your personal data will be processed by the analytics- and marketing services that we use, i.e., Google, Facebook, Wix, Wordpress, and/or Mighty Networks. These recipients process personal data on our behalf as processors but are also processing your personal data as controllers. These services inform you separately about the processing that they are responsible for.

  • We will store your personal data, anonymized when possible, within our IT systems to ensure good and secure IT operations. This means that we share your personal data with our IT suppliers.

Where is your personal data processed?

Your personal data will mainly be processed within the EU/EEA. However, when we use Google, Wix, Wordpress, Mighty Networks, and Facebook, or if you visit our social media, your personal data will be transferred outside the EU/EEA. One reason is that many of these companies are based in the United States. We have anonymized your personal data as far as possible to avoid your personal data being transferred outside of the EU/EEA.

Transfers only take place in accordance with applicable data protection legislation meaning that we will transfer your personal data outside the EU/EEA when we can ensure an appropriate level of protection of your personal data. We will transfer your personal data under the standard contractual clauses (article 46.1 c GDPR), Module 1 (controller to controller), and Module 2 (controller to processor). You can find the standard contractual clauses here. In those situations where we have made an assessment that legislation and similar in a specific country outside of EU/EES, to which we transfer your personal data, affects the effectivity of the standard contractual clauses, we will take supplementary measures to ensure an appropriate level of protection of your personal data.

If you want to know more about who we share your personal data with and how your personal data is transferred, please feel free to contact us. Our contact information can be found at the beginning of this privacy policy.

What are your rights when we process your personal data? Detailed description

 

You have certain rights that you can exercise to affect how we process your personal data. You can read a more detailed description of what those rights are below.

If you want to know more about your rights or if you want to exercise any of your rights, please contact us, and we will help you.

Right to lodge a complaint with a supervisory authority (Article 77 GDPR)

You have the right to lodge a complaint with a supervisory authority. The supervisory authority in Sweden is the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten, the IMY).

In detail: Your right to complain exists without prejudice to any other administrative or judicial remedy. You have the right to lodge a complaint with a supervisory authority in the EU/EEA member state of your habitual residence, place of work, or place where the alleged infringement of applicable data protection laws has allegedly occurred.

The supervisory authority has an obligation of informing you of the progress and the outcome of the complaint, including the possibility of a judicial remedy.

 

Right to withdraw consent (Article 7.3 GDPR)

You have the right to withdraw your consent at any time by contacting us.

In detail: The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

 

Right to access (Article 15 GDPR)

You have the right to obtain confirmation as to whether we are processing personal data concerning you or not. You can make a request by contacting us.  If we do process your personal data, you also have a right to obtain a copy of the personal data processed by us as well as information about our processing of your personal data.

In detail. The information we provide includes the following:

  • the purposes of the processing,

  • the categories of personal data concerned,

  • the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations,

  • where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period,

  • the existence of the right to request rectification or erasure of personal data or restriction of processing of personal data concerning you or to object to such processing,

  • the right to lodge a complaint with a supervisory authority,

  • if the personal data are not collected from you, we provide you with available information about the source of the personal data;

  • the existence of automated decision-making, including profiling, referred to in Articles 22.1 and 22.4 GDPR and, in those cases, meaningful information about the logic involved, as well as the significance and the predicted consequences of such processing; and

  • where your personal data are transferred to a third country or to an international organization, you have the right to information regarding the appropriate safeguards, pursuant to Article 46 GDPR, put in place for the transfer.

For any further copies of the personal data undergoing processing requested by you, we may charge a reasonable fee based on administrative costs. If you have made the request by electronic means, the information will be provided to you in a commonly used electronic form unless otherwise requested by you.

Your right to obtain a copy referred to above shall not adversely affect the rights and freedoms of others.

 

Right to object (Article 21 GDPR)

You have the right to object to our processing of your personal data at any time.

In detail: Your right to object applies as follows:

  • You have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data which is based on Article 6.1 f GDPR, including profiling based on that provision. We shall no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.

  • Where personal data are processed for direct marketing purposes, you have the right to object at any time to processing of your personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing.

  • Where you object to processing for direct marketing purposes, you have an unconditional right to have the processing of your personal data for such purposes ceased.

  • In the context of the use of information society services, and regardless of Directive 2002/58/EC (ePrivacy Directive, or ePD), you may exercise your right to object by automated means using technical specifications.

 

 

Right to erasure (“the right to be forgotten”) (Article 17 GDPR)

You have the right to ask us to erase your personal data.

 

In detail. We have the obligation to erase your personal data without undue delay where one of the following grounds applies:

  • the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed,

  • you withdraw your consent on which the processing is based, and there is no other legal ground for the processing,

  • you object to the processing pursuant to Article 21.1 GDPR, and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Article 21.2 GDPR;

  • the personal data have been unlawfully processed, or

  • the personal data have to be erased for compliance with a legal obligation in Union or Member State law that applies to us.

 

We will notify any erasure of personal data carried out in accordance with your rights stated above to each recipient to whom the personal data have been provided to unless this proves impossible or involves disproportionate effort. If you want information about those recipients, you are more than welcome to contact us.

 

Please note that our obligation to erase and inform according to above shall not apply to the extent processing is necessary according to the following reasons:

  • for exercising the right of freedom of expression and information,

  • for compliance with a legal obligation that requires processing by Union or Member State law that applies to us, or

  • for the establishment, exercise, or defense of legal claims.

 

 

Right to rectification of processing (Article 16 GDPR)

You have the right to obtain, without undue delay, the rectification of inaccurate personal data concerning you. 

In detail: Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

We will communicate any rectification of personal data to each recipient to whom the personal data have been provided unless this proves impossible or involves disproportionate effort. If you want information about those recipients, you are more than welcome to contact us.

 

 

Right to restriction of processing (Article 18 GDPR)

You have the right to obtain from us restrictions on the processing of your personal data.

In detail: Your right applies if:

  • the accuracy of the personal data is contested by you during a period enabling us to verify the accuracy of the personal data,

  • you have objected to processing pursuant to Article 21.1 GDPR pending the verification whether our legitimate grounds override yours,

  • the processing is unlawful, and you oppose the erasure of the personal data and instead request the restriction of their use, or

  • you need the personal data for the establishment, exercise, or defense of legal claims even though we no longer need the personal data for the purposes of processing.

Where the processing has been restricted according to above, such personal data shall, with the exception of storage, only be processed with your consent or for the establishment, exercise, or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.

We will notify each recipient to whom the personal data has been provided about any restriction of processing according to above if this does not occur to be impossible or entails a disproportionate effort. If you want more information about these recipients, you are welcome to contact us.

 

Right to data portability (Article 20 GDPR)

You have the right to receive your personal data (that you have provided to us) from us in a structured, commonly used and machine-readable format and, where technically feasible, have your personal data transferred to another data controller (“data portability”).

In detail: The right applies if:

  • the processing is based on the lawful basis consent, and

  • the processing is carried out by automated means.

The exercise of the right to data portability shall be without prejudice to the right to erasure, i.e. Article 17. 

Your right to data portability shall not adversely affect the rights and freedoms of others.

 

Balancing of interests assessments when processing personal data based on the legal basis of “legitimate interests”

As we state above, for some purposes, we process your personal data based on our “legitimate interest.” By carrying out a balancing of interests assessment concerning our processing of your personal data, we have concluded that our legitimate interest in the processing outweighs your interests or rights, which require the protection of your personal data.

If you want more information in relation to our balancing of interests assessments, please do not hesitate to contact us. Our contact information can be found at the beginning of this privacy policy.

This privacy policy was adopted on July 7, 2023.

responsible
description
access
where
rights
rights-complaint
rights-access
rights-object
rights-erasure
rights-rectify
rights-restrict
rights-withdraw
portability
interests
visit-websites
communicate
bottom of page