Menu
Menu
Last updated: 2023-02-01
Mestro is the data controller for the processing of personal data that Mestro determines the purpose and means for. Here we provide an overview of customer and other stakeholders’ personal data that we process.
Our data protection officer is Therese Enlund who works with issues related to Mestro’s compliance with Swedish legislation and the General Data Protection Regulation. The data protection officer has the mandate to independently review how Mestro complies with data protection legislation and to provide support and advice for procedures in compliance. Contact the data protection officer at support@mestro.com if you have questions or want to request a registry extract.
Mestro processes requests about our products and about us as a company and workplace, for example when applying for an internship, thesis or employment. This may occur via telephone, email, social media or our website. The legal basis for the processing is legitimate interest.
Mestro processes personal data to fulfill obligations in customer relationships and to provide contracted products to our customers, improve the quality, functionality and user experience of our products and services. The purpose is to maintain communication, create user accounts, provide support, handle invoices and bookkeeping. The legal basis for the processing is the contracts with our customers.
Mestro processes personal data for marketing purposes to existing and potential customers. We send information materials, offers and newsletters that you can subscribe to and at any time terminate. We process personal data in connection with registration for events and in direct sales. The legal basis for the processing is legitimate interest as it does not conflict with personal integrity and your rights to your data. We also use consent when you register for events or newsletters. You can at any time withdraw your consent, completely or partially by specifying which information you wish us to retain and which to delete.
We process personal data to make statistics and analyze how we can improve our products, communication and support to our customers. The legal basis for the processing is legitimate interest as it does not conflict with personal integrity and your rights to your data. We also use consent to process your data. You can at any time withdraw your consent, completely or partially by specifying which information you wish us to retain and which to delete.
The personal data that Mestro processes is the name, email and telephone number of individuals and contact persons designated for companies that Mestro has contact with. We also handle information provided to us in other ways, such as in a CV and cover letter, and dietary preferences and place of residence in connection with events.
We also use techniques such as cookies and pixel tags to collect information on how emails are read, visitors access information, and advertisements.
Personal data is processed as long as it is needed to fulfill the purposes or as long as Mestro needs to fulfill its obligations to the customer, financial institutions, and Swedish legislation such as the accounting act. Personal data processed on the basis of consent as a legal ground is deleted when the consent is withdrawn, if it occurs before what is required for the purpose.
Employees at Mestro who need the information to perform their work access the information. We share certain information with third parties to carry out tasks in accordance with the purposes of processing personal data to fulfill obligations, analysis, data storage, email sending.
We have agreements with third parties to ensure that personal data is not used for other purposes than stated in this privacy policy. We avoid processing personal data outside the EU and EEA, but if it can’t be avoided, we use the European Commission’s standard contractual clauses (EU Model Clauses).
Third-party companies that we work with are G Suite (Google), Microsoft Azure, Slack, Asana, Miro, Setly, Hubspot, Zapier, Fortnox, Younium, and Teamtailor.
We work continuously to ensure the protection of personal data both organizationally and technically to avoid unauthorized access, processing, loss, or alteration.
You have the right to be informed if Mestro processes personal data relating to you and to receive a copy of these, called a registry extract. If you believe that the personal data is incorrect, you have the right to have it corrected or supplemented.
You have the right to object to the processing. If Mestro cannot show that there are legitimate reasons to continue with the processing, we must stop it.
You have the right to request a restriction on the processing of personal data.
You have the right to have your information deleted when it is no longer needed for Mestro to fulfill its obligations. You have the right to data portability.
If you have comments or questions If you want to exercise your rights, have questions or comments on Mestro’s processing of personal data, please contact support@mestro.com.
We reserve the right to update and change this policy.