We Value Your Privacy

INTRODUCTION

Your privacy is important to us. This Privacy Policy describes how and why WarOnCancer process your personal data which you share with us and which we collect when you visit our website, buy merchandise in our web shop or use our social network platform. Personal data means any information which may be used to identify you. WarOnCancer AB, company registration number 559119-1555, is the data controller for the use and processing of your personal data as described in this Privacy Policy.


WHEN DO WE COLLECT PERSONAL DATA?

We collect personal data when you:


Create a User Account

When you create a user account for our platform, we collect the personal data that you provide, such as [contact information].


Use our Platform

When you use the platform, we collect information that you share using the platform as well as how the platform is accessed and used. If your share special categories of personal data (sensitive personal data) about your health when using the platform we will also process such sensitive personal data.


Use the Website

If you browse our website, we collect certain technical information, e.g. IP addresses.


Make a Payment

If you buy merchandise in our web shop, we collect your [identity information, contact information and purchase information].


Communicate with Us

When you communicate with us for example if you e-mail us, we collect the information you provide. This may include your [identity information, contact information and communication].


WHAT PERSONAL DATA DO WE PROCESS AND WHY?

Provide the Platform and Communicate with You Regarding Our Platform

We use your personal data in order to provide our platform and communicate with you regarding the platform. For this purpose we process [identity information, contact information, communication, demographic information, location data, health data and user generated data].


Special categories of personal data (sensitive personal data) about your health are processed based on the consent you provided when you created your user account. It is voluntary to provide your consent to the processing of sensitive personal data, but if you do not want to give your consent you cannot use the platform. You may at any time withdraw your consent by unregistering you user account.


The processing of your personal data is necessary for the performance of a contract with you (the terms of service). Your personal data is stored for this purpose as long as your user account is active.


Carry out Surveys on our Platform

We use your personal data in order to carry out surveys on our platform. For this purpose we process your [identity information, demographic information, communication and, in certain cases, your health data]


The processing of your personal data is based on our and our partners’ legitimate interest of carrying out surveys on the platform. It is of course voluntary to participate in a survey and if you decide to share any special categories of personal data (sensitive personal data) about your health, you give your explicit consent to our processing of your sensitive personal data for this purpose. Your personal data is stored for this purpose during the time the survey is conducted and for a period of 3 months thereafter in order to compile the answers. Reports on an aggregated level which do not include personal data may be stored until further notice or until they are deleted.


Provide Our Newsletter

If you sign up for our newsletter, we use your personal data to provide the newsletter to you. For this purpose we process your [identity information and contact information].


The processing is based on our legitimate interest of providing our newsletter. You can at any time unsubscribe from our newsletter by clicking on the unsubscribe link in the letter. Your personal data is stored for this purpose until you choose to unsubscribe from the newsletter.


Handle Orders

If you place an order in our web shop, we will use your personal data to handle the order and communicate with you regarding the order. For this purpose we process your [identity information, contact information, and purchase information].


The processing of your personal data is necessary to fulfil the contract with you. Your personal data is stored for this purpose until the order has been processed and delivered to you and for a period of 36 months thereafter in order to handle potential complaints or legal claims or the longer time necessary in order to handle the complaint or the legal claim.


Analyse the Use of Our Platform

We use your personal data to analyze the use of the platform, e.g. to collect and analyze usage statistics of how the platform is used. For this purpose we process [identity information and user generated information].


The processing is based on our legitimate interest of analysing how the platform is used. Your personal data is stored for this purpose as long your user account is active. Statistics and reports which do not include any personal data are stored until further notice or until deleted.


Analyse the Use of Our Website

We use your personal data to analyze the use of our website, e.g. to collect visitor statistics. For this purpose we process [user generated information].


The processing is based on our legitimate interest of analysing how our website is used. Your personal data is stored for a period of 1 month for this purpose. Statistics and reports which do not include any personal data are stored until further notice or until deleted.


Ensure Technical Functionality and the Security of our Platform and Website

We use your personal data to ensure the technical functionality and the security of our platform and website. For this purpose we process the personal data collected for the other purposes outlined in this Privacy Policy.


The processing is based on our legitimate interest of ensuring the technical functionality and the security of our platform and website. If you have a user account your personal data is stored for this purpose until your user account is deleted. Personal data in technical logs is stored for a period of 13 months from the date of the log event.


Develop and Improve our Platform and Website

We continuously strive to provide the best experience possible. We therefore use your personal data to develop and improve our platform and website. For this purpose we process the personal data collected for the other purposes outlined in this Privacy Policy.


The processing is based on our legitimate interest of developing and improving our platform and website. Your personal data is stored for this purpose for such period as is necessary in order to anonymize the data, test features or functionality and deploy patches and other bug fixes.


Other Purposes

Manage and Defend Legal Claims

If necessary we may use your personal data to manage and defend legal claims, e.g. in connection with a dispute or a court proceeding. We will in such case process the personal data collected which is necessary in order to manage and defend the legal claim in question. The processing is based on our legitimate interest of managing and defending legal claims. Your personal data is stored for this purpose for such period as is necessary in order to manage or defend the legal claim.


For this purpose, we may also share certain information with other parties, please see below.


Fulfill Legal Obligations


Finally, we use your personal data to fulfil legal obligations that we have, e.g. accounting requirements or obligations under data protection laws. We will in such case process the personal data collected which is necessary in order to fulfill the legal obligation in question. Your personal data is stored for such period as is necessary in order to fulfill respective legal obligation. Accounting information is retained for 7 years calculated after the end of the calendar year the relevant financial year ended.


For this purpose, we may share your personal data with other parties, see below.


SHARING OF PERSONAL DATA

Sharing by You

The platform allows you to share content with others. Any personal data that you publish on your profile or in a blog post is public and visible to others.


Sharing by Us

We share information with certain recipients as explained below:


Service Providers


We use certain third-party service providers which provide for example IT services to us. Where a third-party service provider processes personal data on our behalf they act as data processors and we are responsible for the use of your personal data. They may not use your personal data for their own purposes and they are obligated to protect your personal data.


Partners


We use certain third-party service providers which provide for example IT services to us. Where a third-party service provider processes personal data on our behalf they act as data processors and we are responsible for the use of your personal data. They may not use your personal data for their own purposes and they are obligated to protect your personal data.


Partners


We share aggregated information with our partners, e.g. reports based on surveys made on the platform which do not include any personal data.


Moreover, we may also share personal data collected in connection with surveys carried out on the platform with our partners for the partners’ own processing for the purpose of evaluating the result of survey. The transfer is based on our and the partner’ legitimate interest of evaluating the result of the survey. To the extent the personal data includes special categories of personal data (sensitive personal data) such data will only be shared with the partners if you have given your explicit consent to this.


Partners include, but are not limited to, pharmaceutical companies, hospitals, universities and other educational institutions.


Payment Service Providers


We use payment service providers in order to process payments and share for this purpose the following information with such payment service providers: [identity information, contact information and purchase information]. The transfer of personal data is necessary in order to fulfil the contract with you.


Other Sharing

In addition to the above, we may if necessary, share your information with other recipients for the following purposes:

• to allow a merger or an acquisition (based on our legitimate interest of allowing a merger or an acquisition of our business)

• to manage or defend a legal claim (based on our legitimate interest of managing and defending legal claims)

• to respond to lawful requests from authorities according to mandatory applicable laws (where necessary to fulfill legal obligation to which we are subject).


TRANSFER TO OTHER COUNTRIES

We transfer personal data to our service providers which are located outside the European Union (EU) and the European Economic Area (EEA)). In order to ensure that your personal data is always protected we ensure that there are adequate safeguards in place, e.g. data transfer agreements. If you have questions regarding to which countries your personal data is transferred and which safeguards we take to protect your personal data, or to request a copy of such safeguards respectively information where they are available, please contact us at support@waroncancer.com.


YOUR RIGHTS

You have certain rights in relation to the use of your personal data. If you wish to exercise your rights,please contact us at: support@waroncancer.com.


You have the right to:


Access Your Personal Data

You have the right to request access to your personal data and request a copy of your personal data that we store. If you have created a user account, you can view certain information directly in your account.


Update Your Personal Data

You have the right to request that personal data that is incorrect or incomplete is corrected or completed. If you have created a user account, you can update certain information directly in your account.


Withdraw Consent

If we rely on your consent to the use of your personal data you have the right to, at any time, withdra your consent. [Please note that if you withdraw your consent to our processing of special categories of personal data (sensitive personal data) about health, you can no longer use the platform.]


Delete Your Personal Data

You can at any time request that your user account is deleted. Moreover, under certain circumstances, you have the right to request that your personal data shall be deleted. We may, however, still need to keep your personal data if we are obligated to keep the data in order to fulfill legal obligations or to manage or defend legal claims.


Unsubscribe from Marketing Communication

You have the right to at any time oppose to our use of your personal data for promotional and marketing purposes. You can opt-out from marketing communication by clicking on an unsubscribe link in the communication.


Restrict the Use of Your Personal Data

You have under certain circumstances the right to request that the use of your personal data is restricted. If you have requested restriction of the use of your personal data, please note that you cannot use the platform during the time that the use of your personal data is restricted.


Object to the Use of Your Personal Data

Certain use of your personal data is based on our or others legitimate interest. You have the right to object to the use of your personal data based on a legitimate interest for reasons which concerns your particular situation. In such a situation, we will stop using your personal data where the use is based on a legitimate interest, unless we can show that the interest overrides your privacy interest or that the use of your personal data is necessary in order to manage or defend legal claims.


Transfer Your Personal Data (Data Portability)

You have the right to obtain a copy of certain information that you have provided to us in a structured machine-readable format which allows you to transfer the data to another recipient.


USE OF COOKIES

We use cookies on our website and in the platform. A cookie is a text file stored on your computer or mobile device when you visit a website. Cookies are used to recognize your device the next time you visit the website. We use cookies in order to provide functionality on the website and in the platform and in order to analyze the use of the website and the platform. You can handle your cookie settings in the settings in your browser, e.g. to block all cookies, only allow certain cookies or that cookies shall be deleted when you close your browser. Please note that if you choose to block cookies in your browser certain parts of the website and or the platform may not work properly.


CHANGES TO THE PRIVACY POLICY

We update this Privacy Policy on a regular basis, e.g. if we decide to collect additional information, use collected information for new purposes not described in this Privacy Policy or if share your personal data with additional recipients. In case of any changes, we will notify you in advance in an appropriate way, e.g. by displaying a notice in the platform or by sending you an e-mail.

IF YOU HAVE QUESTIONS

If you have any questions regarding this Privacy Policy or our use of your personal data, please contact us at support@waroncancer.com.


If you are not satisfied with our response, you have the right to lodge a complaint with your data protection authority. In Sweden, we are supervised by the Swedish data protection authority (Datainspektionen).


WarOnCancer AB

559119-1555

Birger Jarlsgatan 57C

Box 89

113 56 Stockholm, SWEDEN


INFORMATION REGARDING CATEGORIES OF PERSONAL DATA

Please see the table below for further information regarding the categories of personal data that we process.


Category
Examples of Personal Data

[Audio and video material]

Pictures, videos, audio

Identity information

Name, IP-address, [user-ID]

Contact information

E-mail address, address

Communication

Contents of communication (comments, e-mails etc.), survey responses

Demographic information

Age, gender

Health data

Diagnosis, date of diagnosis, stage, medication, other conditions, treating hospital, relation

Location data

Location

[Purchase information]

Purchased products, amount, payment method, date of transaction

[User generated data]

Click history, user settings