Privacy policy

At Qualisys we take your privacy seriously and always strive for a high level of data protection (for example, we would never sell your personal information to another company). This privacy policy explains how we collect and use your personal information. It also describes your rights and how you can enforce them.

It is important that you understand the privacy policy and feel safe about our processing and protection of your personal information. You are always welcome to contact us if you have any questions.

Through the table of contents, you can easily navigate to the sections of interest to you.

Table of Contents

  1. What is personal information and personal data processing?
  2. Who is responsible for the personal information that we collect?
  3. What information do we collect about you as a customer and for which purposes (why)?
  4. From which sources do we collect your personal data?
  5. Who may we share your personal data with?
  6. Where is the information processed and stored?
  7. External links
  8. Security
  9. Your rights
  10. Cookies
  11. Reporting to Data Protection Authority
  1. What is personal information and personal data processing?

    Personal information are all types of data that can used to identify a living, physical person, directly or indirectly. For example, images and sound recordings processed by a computer can be personal information even if no name is mentioned. Encrypted information and different types of electronic identities (e.g. IP address) are personal data if they can be connected to a physical person.

    Personal data processing is everything that’s done with the personal information data. Each action taken with personal information is processing, whether it is automated or not. Examples of common processing is collection, recording, organization, structuring, storage, adaptation, transfer and erasure.

  2. Who is responsible for the personal information that we collect?

    Qualisys AB, org.no. 556591-1160, trading address and registered office at Kvarnbergsgatan 2, SE-411 05 Göteborg, Sweden, is responsible for all processing of personal information collected.

  3. What information do we collect about you as a customer and for which purposes (why)?

    We may collect personal information about you through personal interaction with our staff, if you visit our website (www.qualisys.com) or if you register or use any Qualisys Software or Services.

    The type of information we collect and what we mean by it is listed below.

    Type of information collected Meaning

    Contact and identity data

    Name, e-mail address, postal address, telephone number, date of birth, gender, account username and password (encrypted), and any other personally identifiable information you share via personal interaction, through our website or by using Qualisys products or services. For customers and partners we collect non-personal information such as company and billing information, payment history, credit information from financial institutes (if appl.), purchase information, delivery address, etc.

    Technical data

    Wireless carrier/provider, device identifier, IP address (if appl.).

    Communications data

    Communication with Qualisys, e.g. feedback, support requests, e-mail queries, phone calls, etc.

    Survey data

    Information collected from surveys that Qualisys may perform for research or market analysis purposes, if you choose to respond.

    Usage data

    When you log in as a registered user, the details of your visit to our website, which resources you use, and any data downloaded may be collected to improve our website and your experience of the site. Any other usage data collected is not connected to you individually and is therefore not considered personal information.

    Location data

    Qualisys website or software and services may use location-based components where applicable. The information may be collected from your wireless carrier, certain third-party service providers, or directly from the mobile device with which you use or access our website, software or services. Your location information, however, is only used in accordance with your privacy settings. We may combine the contact and identity data and location data with information from other services, apps or third parties to enhance your experience or improve the overall quality of Qualisys software and services.

    Job application data

    If you send us a CV, resumé and/or letter with details of your employment history to apply for a job vacancy or as a general enquiry regarding job openings at Qualisys.

    Cookie

    We store cookies from our site according to our cookie policy. (See section 10 in this document)

    You are under no obligation to provide personal data. However, if you should choose to withhold any requested information, we may not be able to provide you with certain services.

    Purpose Processing Types of personal data

    To process tenders and quotes, orders / purchase requests including installation, service, support and maintenance of Qualisys products and services

    • Delivery information (including notifications and contacts regarding the delivery)
    • Identification
    • Managing payments
    • Support tickets
    • Client login to enable software updates, etc.
    • Complaints and warranty management
    • Contact and identity data
    • Communications data
    • Contact and identity data
    • Communications data
    Legal basis

    Performance of a contract. This collection of personal data is necessary for us to fulfill our obligations according to our contract / your order or request. If the data is not processed we cannot fulfill our obligations and will have to decline the tender or order.

    Retention time

    Personal data of a customer will be kept until the customer advises us they no longer wish to use our products or services or requests that their information be deleted.

    Purpose Processing Types of personal data

    To fulfill legal and regulatory obligations of the company

    Necessary processing to fulfill the legal obligations of the company according to laws and regulations (e.g. Accounting act, Money laundering act, Product liability act or Product Safety requirements, which can demand that the company can communicate with all customers directly about important product recalls or defects).

    • Contact and identity data
    • Communications data
    Legal basis

    Legal obligation. This collection of personal data is required by law. If the data is not processed, we cannot fulfill our legal obligations.

    Retention time

    Personal data of a customer will be kept until the customer advises us they no longer wish to use our products or services or requests that their information be deleted.

    Purpose Processing Types of personal data

    To manage customer service and support cases

    Communication and replies to customer questions by our support team (by phone or digital channels). Personal/customer identification. Investigation of any complaints or support issues, including technical support.

    • Contact and identity data
    • Communications data
    • Technical data
    Legal basis

    Performance of contract and legitimate interest. Processing is required to meet our and your interest to manage any service or support case you may have.

    Retention time

    Personal data of a customer will be kept until the customer advises us they no longer wish to use our products or services or requests that their information be deleted.

    Purpose Processing Types of personal data

    To manage registrations for and participation in user group meetings, conferences or similar events in the communities of our business.

    Communication before and after participation in an event (e.g. confirmation of registration, questions or evaluation surveys). Identification, food restrictions, travel and accommodation arrangements, etc.

    • Contact and identity data
    • Communications data
    Legal basis

    Legitimate interest. Processing is necessary to manage your interest in participating in events and our interest to improve our business over time.

    Retention time

    Personal data of a customer will be kept until the customer advises us they no longer wish to use our products or services or requests that their information be deleted.

    Specific details from an event will be deleted after evaluation of any survey or similar.

    Purpose Processing Types of personal data

    To market, evaluate, develop and improve our products and services over time for our customer base we will process your personal information for development, research and marketing purposes.

    To provide data to support our product and service development, and improvements thereof, we will process your personal data to generate customer segments where we assess what type of information you may be interested in receiving about us, our products, services and activities, to provide newsletters, event invitations, for market research activities such as surveys (if appl.), and product release and update information. User segment information is not stored or processed on individual level.

    You are always free to opt out from these types of newsletters by clicking “unsubscribe”. As soon as you opt out from newsletters or similar we will not send any more automated e-mails to you. If you are a customer, you may still receive personal invitations to events and receive product update information relevant for your specific products as part of our product safety obligations.

    • Contact and identity data
    • Communications data
    • Usage data
    • Location data
    • Technical data
    Legal basis

    Legitimate interest. The processing is in line with our legitimate interest to evaluate, develop and improve our products, services and systems.

    Retention time

    Personal data of a customer will be kept until the customer advises us they no longer wish to use our products or services or requests that their information be deleted.

    Purpose Processing Types of personal data

    To enable candidates to submit their applications through our website and manage any submitted job applications

    CV, resumé and/or personal letter including any submitted information of your employment history is stored for assessment and potential future use if no position is currently available.

    • Contact and identity data
    • Communications data
    Legal basis

    Legitimate interest. Processing is required to meet our and your interest to assess your qualifications and communicate with you regarding any job openings at Qualisys.

    Retention time

    We will store your CV and personal letter to assess your qualifications during the recruitment process.

    If you have sent in an open application and we currently don’t have any suitable openings we will save your information if we find your profile interesting, unless you ask for your data to be deleted.

    Purpose Processing Types of personal data

    IT security management

    In order to maintain, protect and improve our SW and services we collect data used for auditing, research and analysis. We also monitor data traffic for security and fraud prevention purposes.

    • Usage data
    • Location data
    Legal basis

    Legitimate interest. Processing is required to meet our interest to protect our assets from intrusions, malware, fraud, etc.

    Retention time

    IP addresses are saved for approximately 3 weeks.

    Purpose Processing Types of personal data

    Webpage development and improvements

    Non-personal data is collected and analyzed to improve our website, products and services.

    • Usage data
    • Location data
    Legal basis

    Legitimate interest. Processing is required to meet our interest to improve our website and products.

    Retention time

    IP addresses are saved for approximately 3 weeks.

  4. From which sources do we collect your personal data?

    Except for the information that you provide to us, or that we collect from your purchases and the use of our services we also collect data from a few other sources (so called third party). What we may collect from a third party is:

    1. Address information from public registers to ensure we have the correct address
    2. Credit information from banks, information agencies, credit institutes, etc.
  5. Who may we share your personal data with?

    Data processors. In cases when it is necessary to provide our services we share your personal data with organizations that are so called data processors. They process the information on our behalf and according to our instructions. We have data processors that help us with:

    1. Transports (logistics and shipping companies)
    2. Payments (banks, payment services)
    3. IT services (organizations that control necessary operations, technical support and maintenance of our IT systems)

    When your personal data is shared with a data processor it is only for purposes that are in line with our purpose for processing (for example fulfill our obligations in our contracts, or service level agreements). We monitor all processors to ensure they can give sufficient guarantees regarding security and integrity of personal data. We have written agreements with all processors where they all assure the security and integrity of personal data processed and commits to following our safety requirements and any limitations and requirements relating to international transfer of personal data.

    Partner companies. Qualisys distributor network is responsible for processing data regarding our customers to provide local support and service according to your service agreement. We share contact and purchase information as part of our business agreement.

    Legal requirement. We will also share your personal data with supervisory governmental authorities (police, tax agency or other authority) if we are legally obliged to do so or to prevent fraud or cyber-crime or to protect and defend the rights, property or personal safety of Qualisys, any of its affiliates, the website or its visitors.

    When your personal data is shared with a company with stand-alone data controller responsibility their privacy policy and personal data processing principles apply.

  6. Where is the information processed and stored?

    Qualisys Website

    Generally, information provided through personal interaction or via our website is encrypted, submitted and stored on a single server located in Sweden. If you provide credit and debit card information, it is processed through DIBS and not stored locally. No access is granted to this information to the server.

    We may transfer data you submit to our other offices and/or to third parties as mentioned in this policy. These parties may be situated outside the European Economic Area, but we only transfer data if we are satisfied that the receiving part have adequate mechanisms in place to comply with data protection and privacy laws.

    Qualisys Software and Services

    Information which you submit by using Qualisys Software and/or Services are stored on Amazon Web Services which are mainly located in the European Economic area, and otherwise in the United States of America.

    Personal data of a customer will be kept until the customer advises us they no longer wish to use our products or services or requests that their information be deleted.

    With respect to personal data of non-customers, we will hold this information until they request that their information is deleted, or they have been consistently unresponsive to our communications. We will perform a periodic audit of the non-customer information held and assess whether our communications to such contacts is consistently yielding no responses, and should be deleted.

  7. The Site may, from time to time, contain links to external sites. Qualisys is not responsible for the privacy policies or the content of such sites.

  8. Security

    Qualisys places great importance on the security of all personally identifiable information associated with our users. We have security measures in place to attempt to protect against the loss, misuse and alteration of personal information under our control. For example, our security and privacy policies are periodically reviewed and enhanced as necessary and only authorized personnel have access to user information. While we cannot ensure or guarantee that loss, misuse or alteration of information will not occur, we use all reasonable efforts to prevent this.

    Transmission of information over the internet is never entirely secure. We cannot guarantee the security of information you transmit to our website or to and from our software and services and any such transmission is at your own risk.

    It is advisable to close your browser when you have finished your user session, and lock your mobile device when not used, to help ensure others do not access your personal information.

  9. Your rights

    Under the General Data Protection Regulation (GDPR) you also have the following rights:

    • Access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it. Please be aware that if we receive an access request we can ask for additional information to ensure effective processing of your request and that the information is provided to the correct person.

    • Correction of your personal data. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us. If you have registered and created an account on our website or through our software and services, you may view, update, correct or delete certain of your personal information directly on your account page.

    • Erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.

    • Object to processing of your personal data where we are relying on a legitimate interest and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.

    • Restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.

    • Transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.

    Direct marketing

    We want to provide you with choices regarding our use of your personal data, in particular around marketing and advertising.

    Individuals will receive marketing communications from us if you have requested information from us or purchased goods or services from us, registered on our website, or if you provided us with your contact details for a competition, event or meeting and, in each case, you have not opted our to receiving that marketing.

    Opting out

    You can ask us to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you or by contacting us at any time.

  10. Cookies

    A cookie is a small text file that a website saves on your computer or mobile device when you visit the site. It enables the website to remember your actions and preferences (such as login, language, font size and other display preferences) over a period of time, so you don’t have to keep re-entering them whenever you come back to the site or browse from one page to another.

    Qualisys.com uses cookies for the following purposes:

    • For the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services.

    • To provide the customized information based on your browsing history, cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website more relevant to your interests.

    • To recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.

    How to control cookies.

    You can control cookies through browser and computer/unit settings. The technology doesn't store personal information such as your name, address or payment details. However, if you'd prefer to restrict, block or delete the technology from this website, you can use your browser to do this. Each browser is different, so check the “Help” menu of your particular browser (or your mobile phone's user manual) to change your preferences.

    You can control and/or delete cookies as you wish – for details, see aboutcookies.org. You can delete all cookies that are already on your computer and you can set most browsers to prevent them from being placed. If you do this, however, you may have to manually adjust some preferences every time you visit a site and some services and functionalities may not work.

  11. Reporting to Data Protection Authority

    You also have a right to report any breaches of your data protection rights to the Swedish Data Protection Authority (DPA – Datainspektionen, website: https://www.datainspektionen.se).

    Since we take your data integrity seriously we have appointed people in our organization to deal with any concerns you have regarding this. Please email any questions, concerns or comments you have, or any requests concerning your personal data to our data protection manager at privacy@qualisys.se.