Read or buy our book, Build: Elements of an Effective Software Organization →

Privacy Policy

Last updated 01 July 2022

This Privacy Policy (hereinafter "Policy") informs how Swarmia Oy processes personal data about its business customers, representatives of business customers, potential business customers and internet users visiting our website at https://www.swarmia.com/ (jointly "Users").

The key aspects of this Policy include the following:

  • Personal data we collect and reasons why we collect it;
  • How we use the personal data;
  • How we share the personal data;
  • How long we retain the personal data; and
  • What rights Users have.

1. Data Controller

The data controller is Swarmia Oy (hereinafter "Swarmia", "we", "us" or "our"). Swarmia is responsible for ensuring that personal data is processed in compliance with this Policy and applicable data protection laws.

Contact details of the data controller:

Swarmia Oy
Business ID: 3094736-9
Address: Lapinlahdenkatu 16, 00180 Helsinki, Finland
Email: hello@swarmia.com

2. Processing of Personal Data

We collect personal data through different means, which are explained below. As a rule, personal data is collected directly from User in connection with the customer relationship or website activity. We may also collect contact details of potential business customers from third parties, such as through sales intelligence platforms.

2.1 Customer data

The following personal data is processed in connection with the customer relationship:

  • User information, such as name, email address, job title, company name;
  • Customer relationship details, such as contract, start and end date of customer relationship and services ordered;
  • Billing information, such as bank account information, payments made and outstanding and bills delivered;
  • Other business-related information which is not itself personal data but which, together with other information, may be personal data, such as number of developers in the company, issue tracker and source hosting service;
  • Customer interaction, such as customer contacts, feedback, and complaints; and
  • Information related to marketing communications through email, meetings, website and social media platforms.

2.2 Prospect data

We contact potential customers and provide them other relevant information about our Service. For this purpose, the following information will be processed:

  • User information, such as name, email address, job title, company name;
  • Business-related information which is not itself personal data but which, together with other information, may be personal data, such as such as number of developers in the company, issue tracker and source hosting service; and
  • Information related to marketing communications through email, meetings, website and social media platforms.

2.3 Technical data

We collect some technical data automatically through the use of our website or Service, which may be associated with Users. This includes IP address, type and device ID of the User's device as well as mobile operating system, browser type, browser version, the specific sub-sites of our website that the User visits, the time and date of the visit, the time spent on those sites, unique device identifiers and other statistical data.

2.4 Special categories of personal data

We do not process special categories of personal data about our Users.

3. Purpose and legal basis for processing personal data

We process personal data for the following purposes:

1) Providing the Service and managing customer relationship

The primary purpose of processing personal data is to provide the Service and to manage and maintain the customer relationship between us and User/the company the User represents. In this case, our processing of personal data is based on the customer contract.

2) Marketing

We send Users emails to inform about new features of the Service, ask for feedback, to target advertising or provide them other relevant information about our Service. In this respect, processing of personal data is based on our legitimate interest to provide Users with relevant and tailored information of the Service, to promote the Service or to personalize the User experience. Users have the right to object to processing that is based on our legitimate interest, as indicated in Section 7 below.

A User may unsubscribe from marketing communications at any time by clicking on the "Unsubscribe" or "Update preferences" link located on the bottom of emails or by contacting us at hello@swarmia.com.

We or our third-party service providers may place a cookie or similar technologies, such as a pixel tag on certain website. This enables us and our third-party service providers to display relevant advertisements to our Users online to re-engage Users who use our Service or previously have visited our website. This processing is based on User's consent. Users may make use of our cookie consent tool to withdraw their consent or to amend their choices which can be found by clicking “Manage Cookies” on the bottom of our website. Users may also configure browser or device to block the use of certain cookies.

3) Service development and information security

We also process personal data to improve the quality of the Service, including to monitor and analyse the use of the Service, and to ensure its security. In these cases, the legal basis for data processing is our legitimate interest to ensure that our Service has an adequate level of data security, and that we have sufficient and relevant information at hand to develop our Service.

4. Disclosures of personal data

We may disclose personal data to third parties:

  • when permitted or required by law, e.g. to comply with requests by competent authorities or related to legal proceedings;
  • when our trusted third-party service providers, such as cloud service providers and advertising management platforms, provide services to us. Some of the service providers are acting on our behalf as data processors and act under our instructions. However, we may also use service providers acting as controllers (e.g., lawyers, accountants, social media platforms etc.). In any case, the service providers are engaged for the purposes of pursuing the activities outlined in this Policy;
  • if we are involved in a merger, acquisition, or sale of all or a portion of our assets; and
  • when we believe in good faith that disclosure is necessary to protect our rights, protect safety of our Users or the safety of others or to investigate fraud.

5. Transfers of personal data outside of the EU/EEA

We may transfer personal data outside European Economic Area ("EEA") when our trusted third-party service providers are established there. For example, for marketing purposes we use Google Ads, Microsoft Advertising, LinkedIn Campaign Manager, Twitter Ads, Facebook Ads, and Reddit Ads and these service providers may be located or otherwise process personal data from the U.S. outside of EEA. To the extent personal data is transferred to a country outside of the EU/EEA, Swarmia will use the required established mechanisms that allow the transfer to these service providers in those third countries, such as the Standard Contractual Clauses approved by the European Commission or another valid mechanism under the EU General Data Protection Regulation.

6. Retention of personal data

Swarmia will only retain personal data for as long as necessary to fulfill the purposes defined in this Policy. As a rule, the data will be processed during customer relationship. After that personal data will be retained for a short period before deleted to ensure that all contractual rights or obligations by either party are fulfilled, for example bills are paid, and shortly returning customers can retain their data. Some personal data may be retained longer when required by law, such as invoices and orders in accordance with accounting laws.

When Swarmia processes personal data for marketing purposes, the data will be deleted after 2 years from the last contact between Swarmia and the User or when the User asks Swarmia to stop marketing and for a short period after this, allowing us to implement the request.

7. Data subject rights

Users have the following rights:

  • The right to request access to personal data about himself/herself;
  • The right to request rectification, restriction or erasure of personal data. However, certain information is strictly necessary in order to fulfil the purposes defined in this Policy and may also be required by law. Thus, it may not be possible to remove such personal data.
  • The right to object for processing, that is based on legitimate interest;
  • The right to object to processing for marketing purposes and prevent from receiving future direct marketing;
  • If processing of personal data is based on consent, the User has the right to withdraw consent at any time. The withdrawal will not affect the lawfulness of the processing carried out before the withdrawal; and
  • The right to data portability, i.e. right to receive the personal data in a structured, commonly used machine-readable format and transmit the personal data to another data controller, to the extent required by applicable law. This applies for personal data processed based on contract or the User's consent.

Please send above-mentioned requests to us at hello@swarmia.com.

If you think there is a problem with the way we are handling your personal data, you have a right to file in a complaint to your national data protection authority in the EU/EEA. You may also file in a complaint to the data protection authority in any other EU country where you live, work, or where you think the alleged violation has occurred.

8. Security

We maintain reasonable security measures (including physical, electronic, and administrative) to protect personal data from loss, destruction, misuse, and unauthorized access or disclosure.

Please be aware that, although we endeavour to provide reasonable security measures for personal data, no security system can prevent all potential security breaches.

9. Changes to this policy

We may change this Policy from time to time. If we make any changes to this Policy, we will actively bring it to the attention of the users by using the available communication channels. The most recent version of this Policy can be found at https://www.swarmia.com/privacy.

Cookie Policy

A "cookie" is a piece of information that is stored on a user's computer, tablet or phone (hereinafter together "device") when they visit a website or use a service. Other technologies classified here as cookies may be used in the same purpose. Cookies can help in identifying a user's device when they use a mobile application or visit a website and remember helpful details of the use and the choices made by the user to improve the user experience.

Cookies cannot be used alone to identify an individual, but they may be linked directly or indirectly to an identifiable individual when combined with other information. In these cases, cookies may be treated as personal data. If we identify a user based on cookies, we make sure that all cookie information is processed as personal data in accordance with applicable data protection laws.

Where Users give us their consent to place cookies and to use similar technologies, Users have the right to withdraw their consent at any time. Users may make use of our cookie consent tool to withdraw their consent or to amend their choices, which can be found by clicking “Manage Cookies” on the bottom of our website. Users may also prohibit the use of cookies by changing the browser settings. Users may also limit the use of cookies or remove cookies from the browser. However, cookies are an important part of how the website works, so limiting the use of cookies may affect the functionality of the website.

We use both session and persistent cookies for various purposes.

  • Session cookies are stored in memory for the duration of the session and removed once the User closes the browser.
  • Persistent cookies are placed on hard drive of the User's computer and stored until they expire or the User deletes the cookies. We will retain information collected via persistent cookies no longer than 2 years.

We use both first and third party cookies for various purposes.

  • First party cookies refer to both session and persistent cookies placed by us on our website.
  • Third party cookies are cookies placed by third parties on our website, such as Google Analytics, Segment, HubSpot, Facebook, Twitter, LinkedIn, and CookieHub.

We use cookies as set out below:

  • Essential cookies
    • Type: Session cookies
    • Administered by us
    • Purpose: These cookies are essential to provide the Swarmia website and to enable the use some of its features. They help to authenticate users and prevent fraudulent use of user accounts.
  • Notice acceptance cookies
    • Type: Persistent cookies
    • Administered by us
    • Purpose: These cookies identify if users have accepted the use of cookies on the Swarmia website.
  • Functionality cookies
    • Type: Persistent cookies
    • Administered by us
    • Purpose: These cookies allow us to remember choices a user makes when using the Swarmia website, such as remembering their login details or language preference. The purpose of these cookies is to provide a more personalised experience and to avoid a user having to re-enter their preferences every time they use the Swarmia website.
  • Tracking and performance cookies
    • Type: Persistent cookies
    • Administered by third-parties
    • Purpose: These cookies are used to track information about traffic to the Swarmia website, how Users use the website and to display relevant advertisements to Users. We may also use these cookies to test new advertisements, pages, features or new functionality of the website to see how our users react to them.

More detailed information on the type of cookies, their purposes and duration can be found in our cookie consent tool by clicking "Manage Cookies" on the bottom of our website.