POWRS AB operates as an information society service provider who offer services for using the Vaulter Application and realization of final payment.
"VAULTER APPLICATION” users,
to persons who otherwise interact with us.
2. Our contact details
POWRS AB Sweden, Hammarbybacken 27, 120 30 Stockholm, Sweden, ID number: 559302-8045 processes your personal data in connection with the use of the SERVICES in the capacity of operator and is responsible for processing your personal data.
You can contact us via the e-mail address: firstname.lastname@example.org
3. Person for the protection of personal data
If you have questions regarding the protection of personal data, you can contact Powrs' personal data protection officer via the e-mail address: email@example.com
4. What personal data does POWRS process, legal basis and purposes?
The personal data we process depends on the type of interaction you have with Powrs. In this connection, we process the personal data of the following categories of persons to whom the data refer, namely:
persons who otherwise interact with us.
We also use BankID for the Vaulter web for the onboarding. We will use the info provided by Banking ID to create the Vaulter profile for the web interface.
4.1. Personal information of the "VAULTER APPLICATION" users
When creating a user account or using the Application, we process personal data that You voluntarily share with us and personal data that we generate automatically.
Powrs processes the Application user’s personal data, as follows:
User account data , including identification and contact data, credentials data (passwords, etc.), and user profile data for the purpose of:
- Registration and use of the Application based on the execution of agreements with Application Users, or taking actions at the request of the person to whom the data refer before entering into the agreement, and that: first name and family name, personal number, legal address, username and PIN, e-mail, phone number, selfie photo, user’s ID card photo and bank account number. The selfie and ID photos are used during onboarding for the identity verification process performed by our partner Shufti Pro Limited. After the identity verification process is complete, the selfie and ID photos are deleted and not stored by Powrs AB or our identity verification service provider, Shufti Pro Limited.
- Maintaining the required Application security level and prevention of frauds based on compliance with legal obligations.
Financial data for the purpose of sale and purchase and payment of the corresponding commission and fee for using the Application, based on execution of the agreement with members, compliance with the legal obligations and our legitimate interest.
Data on interaction with other users for the purpose of:
- implementation of sale and purchase, based on execution of the agreement with members,
- Maintaining the required Application security level and prevention of frauds, based on compliance with legal obligations.
Data on interaction with Powrs (customer support for the purpose of providing customer support, based on execution of the agreement with members and our legitimate interest.
IP addresses and browser fingerprint (internet browser and device characteristics, operating system, language selection, URL address from which you access the Application, location data, information about the websites You visit, time of access, frequency and duration of visit, links you access, etc.) for the purpose of fraud prevention, based on compliance with the legal obligations.
4.2. Personal data of the website visitors and persons otherwise interacting with us
When visiting the Powrs website or non-user interaction with Powrs, Powrs processes personal data, as follows:
IP addresses and browser fingerprint (internet browser and device characteristics, operating system, language selection, URL address from which you access the Application, location data, information about the websites you visit, time of access, frequency and duration of visit, links you access, etc.) for the purpose of fraud prevention, based compliance with the legal obligations and our legitimate interest.
Data on interaction with Powrs (customer support) for the purpose of providing customer support, based on our legitimate interest.
Cookies are small text files that are stored on your device when you visit our websites. There are different types of cookies used for different purposes on the Powrs websites. Cookies are set directly by Powrs (so-called first-party cookies) and by third parties (so-called third-party cookies).
The types of cookies we use are:
Necessary cookies - enable the basic functioning of the website and Application and as such are necessary for the proper functioning of our website.
Statistical cookies - allow us to analyse how visitors use our websites in order to improve the functionality of the website.
Functionality cookies - help us remember the choices you made and provide you with a better user experience (e.g., wish list, etc.).
Marketing cookies – to display content and advertisements, including those tailored to your interests. Marketing cookies are also used by other companies that Powrs cooperates with in order to show you advertisements related to products and services that interest you. The use of these cookies requires your prior consent.
Security cookies - enable safe and secure use of the website and Application, and the provision of our services.
5. Legitimate interest
In certain cases, Powrs processes your personal data based on our legitimate interest. We use this legal basis in situations where our legitimate interest prevails over your interests and basic rights and freedoms. Our legitimate interest is in maintaining the necessary level of security of our services and preventing fraud, as well as providing customer support services.
6. Method of processing your personal data
Personal data processed by Powrs is disclosed to various data recipients, for the purpose of executing and processing the transaction, i.e., at the request of state authorities.
6.1. Data processors with whom we share your personal data
The recipients of data with whom we share your personal data are most often legal entities that process your personal data in the capacity of processor, based on the contractual relationship they have with Powrs and based on our instructions.
Our data processors are:
the Bank for the BankID verification and AISP for AIS request,
the financial institution from Sweden (a bank or a payment institution or an electronic money institution). The financial institution provides payment services to the User, who appears as the issuer of all payment orders,
our business partners who perform rental services of equipment,
hosting provider of companies on whose servers we store data,
Other external collaborators with whom we cooperate (e.g., IT support, marketing agencies).
In certain cases, we are obliged to share your personal data with authorities. Thus, for example, Powrs has a legal obligation to present, based on the appropriate judicial or administrative act, all data based on which the detection or prosecution of perpetrators of criminal acts can be undertaken.
7. Period of processing and storing your personal data
We store your personal data and payment and transaction information for as long as necessary to achieve the purpose of the processing, i.e., until you withdraw your consent (if the processing is based on consent) i.e., and longer if it is prescribed by local law. (e.g., accounting obligation).
8. Your rights regarding personal data
8.1. Right to be informed
8.2. Right to access
The right of access - Users have access to a complete electronic copy of all personal data about them. Also, the right to access your personal data, meaning that you are entitled to obtain confirmation whether personal data is processed concerning you. In your request, please specify clearly what data you wish to obtain.
8.3. Right to rectification
The right to rectification - The user can correct and update profile information at any time. If a user believes that we hold other information about them that needs to be corrected, they should contact us asap.
8.4. Right to erasure
The right to erasure - A user can at any time request the deletion of the personal data about them that has been stored. But, in certain cases it will be necessary for us to retain specific information after a user has requested deletion, for reasons of legal obligations or to protect our users and ourselves from fraudulent activity and misuse of our services.
You can contact us with a request to delete the personal data that Powrs processes about you. However, please note that this right will not always apply. For example, when Powrs processes personal data based on compliance with a legal obligation, it will not be obliged to act on your request to delete personal data. We also give users the ability to decide whether they want to be removed from mailing lists used for marketing campaigns.
8.5. Right to object/opt-out
You have the right to object to an organization processing (using) your personal data at any time. This effectively means that you can stop or prevent the organization from using your data.
However, the right to object only applies in certain circumstances, and they may not need to stop if the organization can give strong and legitimate reasons to continue using your data.
Individuals have the absolute right to object to the processing of their personal data if it is for direct marketing purposes.
Individuals can also object if the processing is for:
for a task carried out in the public interest;
for the exercise of official authority; or
for your legitimate interests (or those of a third party).
In these circumstances the right to object is not absolute.
If the data is processed for scientific or historical research, or statistical purposes, the right to object is more limited.
8.6. Right to data portability
If our processing of your personal data is based on the performance of a contract with you or your consent, you have the right to receive the personal data you have provided us relating to you in an electronic format. You also have the right to have the personal data transferred from us directly to another data controller, where technically feasible.
8.7. Right to withdraw consent
The right to move personal data is called the right to data portability in the data protection regulation.
If you have agreed to provide your personal data to a personal data controller or if you have provided the data due to an agreement, you can request to obtain the data.
In addition to requesting to obtain the data, you can also request that the personal data be transferred to another personal data controller, for example another company if you want to use their services instead. The data controller only needs to transfer the data to another company if it is technically feasible.
When the processing of your personal data is based on consent, you can withdraw your consent at any time via the e-mail address firstname.lastname@example.org. The revocation of consent does not entail any consequences and does not affect the permissibility of the processing that was carried out before the revocation.
As part of its operations, Powrs performs profiling of persons to whom the data refer for the purposes of obtaining status within the Application. Also, for safety and security purposes, Powrs profiles the identity of the perpetrator of fraudulent behaviour. Keep in mind that this may result in incorrect forecasts and predictions, but that decision-making on rights and obligations is always accompanied by the human factor, and that in any case, you can contact us via the e-mail address email@example.com to pointed out a possible error.