Last Updated: 22 July 2024

At Easy Automation (“Easy Automation”, “we”, “our”, “us”), your privacy matters. This Privacy Policy explains how we collect, use, disclose, and protect personal data when you interact with our website, applications, and services (the “Services”). We comply with the EU General Data Protection Regulation (GDPR) and applicable Swedish law.

If you have questions, contact [email protected]

1) Who We Are (Controller Information)

Controller: Easy Automation Sweden.
Email: [email protected]: [email protected]

Supervisory Authority: You have the right to lodge a complaint with Integritetsskyddsmyndigheten (IMY)

Note for B2B clients: For customer accounts using our platform to contact their end-customers, Easy Automation typically acts as a Processor to the business customer (Controller). See Section 12 (Processor role & DPA).

2) Personal Data We Collect

• Contact Data: name, email, phone, company.

• Billing & Payments: billing details; payment processing via third-party providers (e.g., Stripe).

• Account & Usage: login and profile, actions/events, communication/conversation metadata.

• Technical & Analytics: IP address, device, browser, pages/events, cookies and similar tech (see Section 7).

• Consent & Preference Logs: marketing consent status, time, source, text version, and (where applicable) IP/user agent.

We do not require Swedish personal identity numbers or special-category data (health, etc.) to provide our Services.

3) How We Use Personal Data (Purposes)

• Provide, operate, and secure the Services.

• Create and manage accounts and workspaces.

• Handle billing and payments.

• Offer support and service communications (e.g., missed-call SMS).

• Improve features, performance, and user experience.

• Send product updates and offers only where lawful (see Section 11).

4) Legal Bases (GDPR Art. 6)

• Contract: to create/manage your account and deliver the Services.

• Consent: for analytics/marketing cookies; for direct marketing (where required).

• Legitimate Interests: service improvement, security, and fraud prevention (balanced against your rights).

• Legal Obligation: accounting/tax and compliance purposes.

5) Sharing & Recipients

We share personal data only with trusted sub-processors/recipients to deliver the Services, such as:

• Hosting/Cloud & Security providers,

• Messaging/SMS & Email providers,

• Payments (e.g., Stripe),

• Analytics tools,

• Customer support tools.

All recipients are bound by contracts requiring confidentiality and appropriate security, and they must not use the data for their own purposes.

6) International Data Transfers

Where personal data is transferred outside the EU/EEA, we use recognised safeguards, including:

• EU-US Data Privacy Framework (DPF) participation (where applicable), and/or

• Standard Contractual Clauses (SCC) with supplementary measures and Transfer Impact Assessments.

We maintain documentation of our sub-processor categories and transfer mechanisms.

7) Cookies & Similar Technologies

We use cookies to:

• keep you logged in and secure the session (necessary),

• measure usage and performance (analytics),

• measure ad performance/retargeting (marketing).

Consent: We set only necessary cookies by default. Analytics/marketing cookies are set after your active consent via our cookie banner, which also allows you to withdraw or change your choice at any time. See our Cookie Policy for details.

8) Your Rights

You have the right to access, rectify, erase, restrict, object (including to direct marketing), and port your data, and to withdraw consent at any time without affecting prior lawful processing. Contact [email protected]

9) Retention

We keep personal data only as long as needed:

• Account & contact data: for the life of the account + 12 months.

• Consent & preference logs: 24 months after withdrawal or last use.

• Billing/Accounting data: 7 years (or as required by Swedish law).
  After expiry, we delete or irreversibly anonymise data. Backups are overwritten on rolling cycles.

10) Security

We implement technical and organisational measures (e.g., HTTPS/SSL, access controls, least-privilege, logging, updates). No system is 100% secure; keep your credentials safe and notify us of any suspected compromise.

11) Direct Marketing (Email/SMS)

We send direct marketing only when lawful:

• Consent is required for most SMS/email marketing to consumers (with limited “soft opt-in” exceptions where applicable).

• Every SMS/email includes a simple opt-out (e.g., reply “STOP” to SMS, unsubscribe link in emails).

• Service messages (e.g., missed-call replies, appointment confirmations) are not marketing; we keep them factual and minimal.

12) Clinics & Special-Category Data (Important)

Our platform is designed for customer communication (e.g., missed-call SMS, booking links, review requests). It is not a medical journal or clinical system. Do not store or transmit health/medical data, diagnoses, treatment notes, Swedish personal identity numbers, or other special-category data in the platform. Such information must be handled in approved clinical systems under applicable law.

13) Processor Role for B2B Clients (DPA)

When a business client uses our platform to message their end-customers, the client is the Controller, and Easy Automation is the Processor. Processing is governed by a Data Processing Agreement (DPA) that includes the mandatory GDPR Article 28 clauses (documented instructions; confidentiality; security; sub-processors and prior notice; assistance with data subject rights, security, breach, and DPIA; audits; deletion/return at end of service; records and cooperation). We maintain a list of sub-processor categories and transfer mechanisms (DPF/SCC).

14) Children

Our Services are intended for users 18+ and not directed to children.

15) Changes

We may update this Policy from time to time. We will notify you of material changes via email or prominent notice. Continued use of the Services means you accept the updated Policy.

16) Contact Easy Automation - Sweden
Email: [email protected] Phone: +46 764 797 610

Terms & Conditions

Last Updated: 22 July 2024

Website: https://easyautomation.se

1) Acceptance of Terms

By accessing or using our website, software and Services, you agree to these Terms. If you do not agree, do not use the Services.

2) Services

We provide a cloud platform (e.g., CRM, marketing automation, lead management, appointments, two-way messaging via SMS/email/social) on a subscription basis, configurable for your business.

3) Accounts

You must be 18+, provide accurate information, keep credentials secure, and are responsible for activity under your account. We may suspend/terminate for violations.

4) Subscriptions & Payment

Subscriptions renew automatically (monthly/annually) unless cancelled. You authorise charges to your payment method. Fees are non-refundable unless stated otherwise or required by law. Late/missed payments may result in suspension.

5) Acceptable Use

You agree not to:

• break the law or others’ rights;

• send spam/illegal marketing;

• attempt unauthorised access/interfere with the platform;

• upload malicious code or content.

Clinics/health: You must not input or transmit health/medical data, diagnoses, treatment notes, Swedish personal identity numbers, or other special-category data through the platform. Use appropriate clinical/journal systems for such data.

6) Messaging Compliance (Email/SMS/Social)

You are responsible for having a lawful basis for contacting end-customers (e.g., consent or a valid soft opt-in under applicable e-privacy rules), honouring opt-outs in every message (e.g., “STOP” for SMS), and complying with marketing, consumer, and telecom rules in your jurisdiction. You must configure templates and campaigns accordingly. We provide tools (e.g., consent logging fields, DND/“STOP” handling) but you remain responsible for your messaging content and targeting.

7) Data & Privacy

Our processing is described in the Privacy Policy. As between us, you own your customer data. We do not sell customer data. Where we act as Processor to you (Controller), our DPA applies (see Section 11).

8) Service Availability

We aim for high availability but do not guarantee uninterrupted uptime. Maintenance, updates, provider outages, or force majeure may occur. We are not liable for delay/failure due to events beyond our reasonable control.

9) Intellectual Property

All platform software, features, and brand assets remain the property of Easy Automation or its licensors. You may not copy, modify, or create derivative works except as permitted by these Terms.

10) Limitation of Liability

To the fullest extent permitted by law, we are not liable for indirect, incidental, special, consequential, or punitive damages; and our aggregate liability for any claim relating to the Services is limited to the fees paid by you to us for the 3 months preceding the event giving rise to the claim.

11) Data Processing Agreement (Controller–Processor)

Where you (Controller) use the Services to process personal data of your customers, we (Processor) will process such data only on your documented instructions under a Data Processing Agreement (DPA) that includes the mandatory GDPR Article 28 clauses:

• Instructions & Purpose-limitation;

• Confidentiality of authorised personnel;

• Security (Article 32 measures);

• Sub-processors: we may engage sub-processors (hosting, messaging, email, analytics, payments). You grant general prior authorisation; we will notify changes and allow you to object before additions/replacements;

• Assistance with data subject rights, security, breach notifications, and DPIA/consultation (Arts. 15–22, 32–36);

• Audits: we will make available information and contribute to audits/inspections by you or your appointed auditor;

• Return/Deletion at end of service as you instruct;

• Records & Cooperation with supervisory authorities.
  International transfers may rely on EU-US DPF participation (where applicable) or SCC with supplementary measures. A current list of sub-processor categories and transfer mechanisms is available upon request.

12) Security & Breach

We implement appropriate security measures. If we become aware of a personal-data breach affecting your data while acting as Processor, we will notify you without undue delay and provide information to support your assessment and any notifications.

13) Termination

You may cancel anytime via your account or by contacting us. We may suspend/terminate for breach, misuse, or non-payment. Upon termination, we will delete or return your personal data per your instructions and our DPA; backup copies are purged on standard cycles.

14) Changes to Terms

We may update these Terms; material changes will be notified via email or website notice. Continued use after changes constitutes acceptance.

15) Governing Law & Venue

These Terms are governed by the laws of Sweden, without regard to conflict-of-laws rules. Disputes shall be resolved by the competent courts in [Gothenburg, Sweden].

16) Contact

Easy Automation Sweden
[email protected] Phone number : +46 764 797 61