Privacy Policy
Privacy policy
Personal data policy
In this personal data policy, we, Zelly AB, reg. no. 556820-4605, describe how and why we process personal data in our business and when we provide our services. Zelly is the data controller for the processing carried out by us in accordance with this privacy policy. We will collect and process personal data in accordance with this privacy policy, the General Data Protection Regulation (EU 2016/679), also known as the GDPR, and national legislation that complements the GDPR.
It is important to us at Zelly that you feel safe with how we handle your personal data. We are transparent about how we collect, process and use your personal data, which is stated in this personal data policy. You will also find information about your rights as a data subject and how you can exercise them.
In addition to what is stated in this privacy policy, Zelly may act as a data processor for its customers when providing its services. In that case, each customer is the data controller. The personal data processing that Zelly performs as a data processor is governed by the parties’ data processing agreements, which Zelly, where applicable, has entered into with the respective data controller customer. As a data processor, Zelly will only process personal data in accordance with the data controller’s instructions and the concluded data processing agreement.
More information on the services we provide is available on our website, www.zelly.se.
1. categories of data subjects and personal data
1.1.Zelly collects and processes personal data that you provide to us and that we collect when you use our services or visit our office. We process the following categories of personal data about the following categories of data subjects:
Customer: A person who uses our services or represents an organization that uses our services. Zelly may process the following personal data about customers: Name, telephone number, e-mail address, telephone number, postal address, visiting address, information in contracts, name of company, title, function, image, moving image from the entrances’ surveillance cameras, payment / billing information, username, personal information in emails and CRM systems and other information relevant to the purpose of the contact.
Business contacts, suppliers, consultants and other visitors: Anyone who visits or contacts us or accesses our website or social media. Zelly may process the following personal data about non-customer business contacts and other visitors: Name, e-mail address, telephone number, company name, title, function, moving image from entrance surveillance cameras, personal data in e-mails and CRM systems and other data relevant to the purpose of the contact. When you visit our website, we may collect certain visitor statistics and device information through cookies, as well as the information you choose to provide during your visit.
Job applicant: The person applying for a job at Zelly. Zelly may process the following data about job applicants: Name, telephone number, e-mail address, telephone number, postal address, social security number, age, work experience, educational history, grades, merits and other information that the job applicant chooses to provide in the CV and cover letter. When visiting Zelly’s offices, moving images from the entrance security cameras are processed.
1.2. We collect and process personal data that we receive from third parties. The personal data is collected from professional business information providers, such as Bisnode Sverige AB. We may also collect information from web service providers, such as Facebook, Google and Linkedin. More information about their processing of personal data can be found on the website of each provider. In addition, personal data may be obtained from publicly available sources. We process the following categories of personal data about the following categories of data subjects that we collect from third parties:
Potential customers: A person representing an organization that we believe may be interested in the services offered by Zelly. Zelly may process the following personal data about potential customers: Name, e-mail address, telephone number, postal address, visiting address, name of company, title, function and personal data in e-mails.
2. Purposes and legal basis for processing personal data
2.1.We collect and process personal data for the following purposes based on the following legal bases:
Customers:
- To administer and provide our services to the customer.
- To contact the customer’s contact person(s) regarding our services.
- To maintain and develop our services.
- To invoice and perform other administrative actions.
- To provide better service and adapt our services to the customer.
- To send you information and marketing about Zelly and our services.
Legal basis:
If Zelly has a contract directly with the data subject: performance of contract.
In other cases: Zelly’s legitimate interest.
Business contacts, suppliers, consultants and other visitors:
- To assist those who choose to contact us or visit our website.
- To establish and maintain business partnerships.
- To conclude contracts and use the services of suppliers.
- To provide better service and adapt our website to the visitor’s device.
Legal basis:
If Zelly has a contract directly with the data subject: fulfillment of contract.
In other cases: Zelly’s legitimate interest.
Potential customers:
- To send you information and marketing about Zelly and our services.
- To establish new customer relationships.
Legal basis: Our legitimate interest.
Jobseekers:
- To administer recruitment processes and hire staff.
Legal basis: Our legitimate interest.
- To save the jobseeker’s data for future recruitments.
Legal basis: Consent.
All categories above:
- In order to defend Zelly’s rights, for example in the context of an ongoing legal process
Legal basis: Our legitimate interest.
- To prevent and investigate crime through camera surveillance at entrances to the company’s offices.
Legal basis: Our legitimate interest.
- To comply with statutory accounting and other related legal requirements.
Legal basis: Comply with applicable legislation.
2.2. When processing based on the legal basis of legitimate interest, Zelly considers our processing to be legitimate in order for us to perform, fulfill and administer our business, provide our services to our customers and establish and maintain contact with customers, potential customers, business contacts, suppliers and others who contact us. Our legitimate interest in sending marketing and information about our business is based on the fact that such information may be of interest to the data subject and its organization and that any privacy risk to the data subject is limited. The data subject may object to our processing of the data subject’s personal data for marketing purposes at any time.
3. storage of personal data
3.1.We retain personal data only for as long as necessary for the purposes of the processing. Personal data is stored as follows.
Customers: We retain personal data for as long as a data subject has a valid relationship with us, such as a customer contract, either by themselves or through a connection via a customer organization or a partner, and for a maximum of 12 months thereafter.
Business contacts, suppliers and consultants: To establish a business relationship and thereafter for as long as Zelly has a business relationship with the business contact and/or its organization.
Other visitors: When visiting our website, during the visit. When contacting us, personal data is stored for as long as necessary to assist the person contacting us.
Jobseeker: Until the position applied for has been filled. If the jobseeker agrees, the data is stored for as long as the agreement remains.
To send you information and marketing about Zelly and our services: For as long as we send out such information, unless you object to receiving the information. Personal data that is necessary to send information according to this paragraph is saved even if a shorter time is specified above.
Data required by applicable law or to defend Zelly’s rights: Notwithstanding what has been stated in the paragraph above, we may retain personal data for longer if it is necessary to comply with legal requirements, such as seven years under the Accounting Act, or to defend Zelly’s legal interests, e.g. if there is a legal process.
Recorded material regarding entry and exit from the office’s security cameras is stored for thirty (30) days after which it is deleted if a security incident has not occurred
3.2. When the personal data is no longer to be stored by us as set out in this chapter above, the personal data will be removed by deletion or anonymized.
4. Disclosure and sharing of personal data
4.1. We may disclose personal data to third parties to the extent necessary to provide our services, administer our business, subcontract, purchase goods and services, and if disclosure is required by applicable law. We may share your personal data with suppliers we use to provide our services, such as software and data storage provider Microsoft, payment service providers, IT service providers, social media providers, marketing agencies, accounting firms, advisors (e.g. for legal services), business consultants and other administrative service providers. We may also share recorded video footage from the company’s surveillance cameras with the police if an incident occurs that leads to a criminal investigation.
4.2. In the event of a transfer of personal data, we remain the data controller for our own processing, while the recipient becomes either the data controller for its further processing or the data processor to us, depending on the circumstances of the specific case.
4.3. When we engage suppliers who will process personal data on our behalf, we will enter into a data processing agreement with the processor. We do this to ensure that the processor processes personal data in accordance with our instructions and applicable law.
5. Security and geographical location of processing of personal data
5.1. We take appropriate technical and organizational measures to ensure a level of security appropriate to the risk represented by our processing of personal data.
5.2. Our services are provided from data centers located in the EU and EEA and we will mainly process your personal data within the EU and EEA. However, we may process your personal data outside the EU and EEA, in which case we will take the necessary steps to ensure that the processing is carried out securely and in accordance with applicable law, including the GDPR.
6. cookies
6.1. A cookie file is a text file that can be placed on your computer or mobile device with your permission. If you agree, your browser will add the text to a separate file.
6.2. We use cookies to help us analyze the traffic on our website by knowing how our website has been used, from what type of device and at what time.
7. Your rights as a data subject
7.1. The GDPR gives you as a data subject a number of rights regarding the processing of personal data. It is our task to fulfill these rights as data controller.
7.2 Right of access: You have the right to obtain confirmation as to whether or not personal data relating to you are being processed by us and, if so, to obtain information about the processing. In accordance with the GDPR, we cannot disclose personal data if it could adversely affect the rights and freedoms of others.
7.3 Right to rectification: If personal data being processed is inaccurate or incomplete, you as a data subject can request that we rectify it without undue delay.
7.4. Right to erasure: In some cases, as a data subject, you have the right to request the erasure of your personal data (“the right to be forgotten“). An example is when the personal data is no longer necessary for the purposes for which it was collected or otherwise processed. However, there may be contractual or legal requirements that prevent us from deleting your personal data.
7.5 Right to data portability: As a data subject, you have the right to transfer personal data that you have provided to us to another controller, if the processing is based on the legal grounds of performance of a contract or consent. The personal data shall be provided to you in a structured, commonly used and machine-readable format. If technically feasible, you as a data subject may request that the data be transmitted directly to another controller. This right only applies to the personal data that you have provided to us.
7.6 Right to restriction of processing: In certain cases, you as a data subject have the right to demand that we restrict the processing of your personal data, i.e. restrict the processing to certain limited purposes. The right to restriction applies, among other things, when you as a data subject believe that the personal data is incorrect and have requested that these be corrected. You can then request that the processing of your personal data be restricted while the accuracy of the data is being investigated. When the restriction ends, you will be informed of this.
7.7 Right to object: As a data subject, you have the right to object to the processing of personal data based on the legal ground of legitimate interest. In the event of an objection, we shall cease processing if we cannot demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or if the processing of personal data is carried out for the establishment, exercise or defense of legal claims.
7.8. Right to object to direct marketing: Where personal data is processed for direct marketing purposes, you as a data subject have the right to object at any time to the processing of personal data for that purpose. If you object to the processing of personal data for direct marketing purposes, we will cease such processing of your personal data.
7.9. Right to lodge a complaint: If you wish to lodge a complaint against our processing of your personal data, you are welcome to contact us at the contact details provided below. You also have the right to lodge a complaint about our processing of your personal data with the Data Protection Authority.
8. Amendments to the policy
8.1. We may update and change this policy. The latest version is available on our website.
8.2. This Privacy Policy was last updated on October 5, 2022.
__________
Contact details
If you have any questions about our processing of personal data or to exercise your rights as a data subject, please contact us and we will assist you.
Zelly AB
Hammarbybacken 27
120 30 Stockholm
E-mail: info@zelly.nu
www.zelly.se
Data Protection Officer: Security Solution Scandinavia AB, dso@securitysolution.se
Cookie policy
This Cookie Policy was last updated on April 21, 2026 and applies to citizens and legal permanent residents of the European Economic Area and Switzerland.
1. Introduction
Our website, https://zelly.se/en (hereinafter: “the website”) uses cookies and other related technologies (for convenience all technologies are referred to as “cookies”). Cookies are also placed by third parties we have engaged. In the document below we inform you about the use of cookies on our website.
2. What are cookies?
A cookie is a small simple file that is sent along with pages of this website and stored by your browser on the hard drive of your computer or another device. The information stored therein may be returned to our servers or to the servers of the relevant third parties during a subsequent visit.
3. What are scripts?
A script is a piece of program code that is used to make our website function properly and interactively. This code is executed on our server or on your device.
4. What is a web beacon?
A web beacon (or a pixel tag) is a small, invisible piece of text or image on a website that is used to monitor traffic on a website. In order to do this, various data about you is stored using web beacons.
5. Cookies
5.1 Technical or functional cookies
Some cookies ensure that certain parts of the website work properly and that your user preferences remain known. By placing functional cookies, we make it easier for you to visit our website. This way, you do not need to repeatedly enter the same information when visiting our website and, for example, the items remain in your shopping cart until you have paid. We may place these cookies without your consent.
5.2 Statistics cookies
We use statistics cookies to optimize the website experience for our users. With these statistics cookies we get insights in the usage of our website. We ask your permission to place statistics cookies.
5.3 Marketing/Tracking cookies
Marketing/Tracking cookies are cookies or any other form of local storage, used to create user profiles to display advertising or to track the user on this website or across several websites for similar marketing purposes.
5.4 Social media
On our website, we have included content from LinkedIn, Instagram and Facebook to promote web pages (e.g. “like”, “pin”) or share (e.g. “tweet”) on social networks like LinkedIn, Instagram and Facebook. This content is embedded with code derived from LinkedIn, Instagram and Facebook and places cookies. This content might store and process certain information for personalized advertising.
Please read the privacy statement of these social networks (which can change regularly) to read what they do with your (personal) data which they process using these cookies. The data that is retrieved is anonymized as much as possible. LinkedIn, Instagram and Facebook are located in the United States.
6. Placed cookies
7. Consent
When you visit our website for the first time, we will show you a pop-up with an explanation about cookies. As soon as you click on “Spara preferenser”, you consent to us using the categories of cookies and plug-ins you selected in the pop-up, as described in this Cookie Policy. You can disable the use of cookies via your browser, but please note that our website may no longer work properly.
7.1 Manage your consent settings
8. Enabling/disabling and deleting cookies
You can use your internet browser to automatically or manually delete cookies. You can also specify that certain cookies may not be placed. Another option is to change the settings of your internet browser so that you receive a message each time a cookie is placed. For more information about these options, please refer to the instructions in the Help section of your browser.
Please note that our website may not work properly if all cookies are disabled. If you do delete the cookies in your browser, they will be placed again after your consent when you visit our website again.
9. Your rights with respect to personal data
You have the following rights with respect to your personal data:
- You have the right to know why your personal data is needed, what will happen to it, and how long it will be retained for.
- Right of access: You have the right to access your personal data that is known to us.
- Right to rectification: you have the right to supplement, correct, have deleted or blocked your personal data whenever you wish.
- If you give us your consent to process your data, you have the right to revoke that consent and to have your personal data deleted.
- Right to transfer your data: you have the right to request all your personal data from the controller and transfer it in its entirety to another controller.
- Right to object: you may object to the processing of your data. We comply with this, unless there are justified grounds for processing.
To exercise these rights, please contact us. Please refer to the contact details at the bottom of this Cookie Policy. If you have a complaint about how we handle your data, we would like to hear from you, but you also have the right to submit a complaint to the supervisory authority (the Data Protection Authority).
10. Contact details
For questions and/or comments about our Cookie Policy and this statement, please contact us by using the following contact details:
Sweden
Website: https://zelly.se/en
Email:
This Cookie Policy was synchronized with cookiedatabase.org on April 21, 2026.
