Privacy Policy
Introduction
Welcome to Monitums Privacy Policy. We are committed to protecting your personal data and respecting your privacy. The policy applies for the companies Monitum AB org nr: 559408-4385, Hästholmsvägen 28, 131 30 Nacka & Monitum UAB org nr: 306337205 Vilnius, Upės g. 21-1.
This policy explains:
- Why we process your personal data
- What personal data we collect
- How we protect your data
- Your rights regarding our use of your data
This policy applies when you:
- Visit our websites, monitum.io and muuun.com
- Are a potential customer
- Are a customer
- Contact us via LinkedIn
Monitum AB (monitum.io) and Monitum UAB (muuun.com) are responsible for the processing of personal data described in this policy. This means we determine how and why personal data is processed and ensure that your rights under the GDPR are upheld.
2. How do we process your personal data
2.1 Website visitor
Contact forms
Personal data: Name, email, phone number, employer, title, country
Purpose: The data is processed to answer questions, engage in discussions, and explore potential business collaborations.
Lawful basis: We process this data based on our legitimate interest in handling inquiries and maintaining relevant communication with those who reach out to us.
Retention period: Data will be processed for as long as necessary to fulfill the purpose of communication and potential partnership.
2.2 Potential customer
Marketing – newsletter
Personal data: Name, employer, title, and email address (collected through our contact forms when responding to inquiries).
Purpose: To send relevant promotional materials about our products and services to individuals who have shown interest in what we offer.
Lawful basis: We have a legitimate interest in informing potential customers about our offerings. Recipients always have the option to opt out of further communication.
Retention period: Data is retained for as long as there is an ongoing interest in our services. If we discontinue our newsletter, or if the recipient opts out, their data will be deleted without undue delay
Marketing – Business outreach
Personal data: Name,employer, title, email address, phone number, country
Purpose: To initiate contact with potential business partners and explore opportunities for collaboration.
Lawful basis:We reach out to relevant professionals to explore potential business opportunities, based on our legitimate interest. We always respect preferences, and recipients can opt out at any time.
Retention period: Data will be processed for as long as necessary to fulfill the purpose of communication and potential partnership.
2.3 Customer
Provide our service
Personal data: Name, employer, title, phone number and email address (collected either directly from you or provided by your company when ordering our services).
Purpose: Respond to your inquiries, manage customer relationships, and deliver requested services.
Lawful basis: We have a legitimate interest in processing this information, based on the contract we have entered into with your employer. This allows us to fulfill our contractual obligations, provide the agreed-upon services efficiently, and maintain necessary communication throughout the business relationship.
Retention period: We store the information for as long as the organization you represent remains our customer. After the contract has been terminated, we retain the data for 7 years afterward.
2.3 Get in touch with us via LinkedIn
Personal data: Name, email address, phone number, country, employer
Purpose: To engage with individuals who have shown an interest in our services, explore potential business opportunities and partnerships, and connect with prospective customers.
Lawful basis: We process this data based on the legitimate interest of responding to individuals who have actively engaged with us, such as requesting to be contacted or signing up for communication.
Retention period: Personal data is retained for as long as necessary to maintain relevant communication. If no further interaction occurs, or upon request, the data will be deleted.
4. Who We Share Your Personal Data With
We may share your personal data with carefully selected third parties that provide essential services supporting our business operations. These parties process your data only as necessary to perform their functions and are contractually bound by confidentiality and data protection obligations.
As part of the processing activities described above, we may share your personal data with the following categories of recipients:
- Customer Relationship Management (CRM) Providers – To manage customer interactions and communication.
- IT and System Service Providers – To maintain, secure, and support our business applications and infrastructure.
- Hosting and Infrastructure Providers – To host our website, store data, and ensure service availability.
- Marketing and Lead Management Platforms – To manage outreach, analytics, and customer engagement.
- Advertising and Social Media Platforms (such as LinkedIn) – To provide targeted advertising and improve marketing effectiveness.
- Payment Processing Services – To facilitate transactions and handle secure payment processing.
- Corporate Group and Affiliates – Within our group company, Monitum, to improve our services and internal operations.
When engaging external providers, they process your personal data under our instructions and in accordance with data processing agreements (DPAs), ensuring they meet the same strict data protection standards that we apply.
However, some third parties, such as advertising and social media platforms, may process your personal data as independent controllers, meaning they determine their own purposes and means of processing. In such cases, their processing is governed by their respective privacy policies, and we encourage you to review their terms for more information.
We do not share your personal data with third parties beyond what is necessary to provide our services.
5. Transfer of Personal Data to Third Countries
We may transfer your personal data to suppliers, which may result in your personal data being processed in countries outside the EU/EEA. Such processing may involve specific risks, as a supplier in the country where the personal data is handled may not be subject to the same level of protection provided by EU data protection legislation. Therefore, specific requirements apply to such transfers, and we monitor our suppliers to ensure that appropriate protective measures are implemented.
If the European Commission has not determined that a country to which your personal data is transferred provides an adequate level of protection (i.e., a level of protection equivalent to that within the EU/EEA), which is the case for our subcontractors in the United States that have certified their compliance under the EU-US Data Privacy Framework, you have the right to request a description of the protective measures implemented or the lawful basis on which we rely to ensure that the transfer of your personal data is conducted in accordance with European data protection legislation.
Please contact us to obtain information on whether we have transferred your personal data to a country outside the EU/EEA, which countries your personal data has been transferred to (if applicable), and what security measures have been implemented for the transfer.
6. How we keep your data safe
We implement appropriate technical and organizational measures to protect your data against unauthorized access, alteration, or destruction.
7. Your Rights
To exercise your rights, please contact us through the contact forms on our websites here https://www.monitum.io/contact or here https://muuun.com/book-a-demo/ or contact us on email here: hello@monitum.io.
7.1 Right of access
The right of access includes three different components:
- Confirmation as to whether data about the person is processed or not,
- Access to this personal data and
- Access to information about the processing, such as purpose, categories of data and recipients, duration of the processing, data subjects’ rights and appropriate safeguards in case of third country transfers.
7.2 Rectification
If you find that any personal data we process about you is inaccurate, please contact us and let us correct it.
7.3 Erasure
You have the right to erasure of your personal data where:
- The processing is based on your consent,
- The information is no longer necessary to achieve its intended purpose,
- You object to processing which is based on our legitimate interest and where we find no overriding legitimate grounds for continued processing (your objection will always lead to erasure where we process personal data for direct marketing purposes and you object to this),
- Has been carried out in an unlawful way (obviously).
The right of erasure does not apply where the personal data is processed based on legal requirements.
7.4 Restriction
You have the right to require that we temporarily limit the processing of your personal data. This kind of limitation would for example be applicable:
- During the time that we verify that your personal data is correct,
- During the time it takes us to verify whether our legitimate interest for the processing is indeed stronger than your interests and fundamental rights in relation to this processing,
- Where you need it to defend legal claims,
- If the processing is illegal but you want it to be limited and not erased.
7.5 Objection
You always have the right to object to processing we base on our legitimate interest. If you make such an objection, we will make an assessment based on our legitimate interests and your rights and freedoms. Basically, all our legitimate interest assessments try to include every possible person and scenario, but we want (and need) to take your circumstances, specifically, into consideration should you ask us to.
7.6 Data Portability
You have the right to get personal data sent to you or another controller (another person or organisation), in cases where you initially provided the data to us and where we processed it based on consent or contract. We will then provide it in a structured, commonly used and machine-readable format.
Contact Us
If you have any questions or concerns about this Privacy Policy or our data practices, please reach out via the contact forms on https://www.monitum.io/contact or https://muuun.com/book-a-demo/ or contact us on email here: hello@monitum.io.
Data Protection Officer
We have appointed a Data Protection Officer (DPO) to oversee matters related to data protection and privacy. If you have any questions about how we process personal data or wish to exercise your rights under GDPR, you can contact our DPO:
Julianne Ahlesten, GDPR Hero AB, dpo@monitum.io
Supervisory Authority
You always have the right to lodge a complaint with a supervisory authority regarding our processing of your personal data. The supervisory authority in Sweden is the Swedish Authority for Privacy Protection (IMY), and their contact details can be found here.
However, if you have any concerns or questions about our processing, we encourage you to contact us first, so we have the opportunity to assist you and address your inquiries.
Changes to This Policy
We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated effective date.
Current version: 2025:1