Privacy Policy
Ocast is a platform for media buyers to view media information provided by media sellers (the "Service") powered by Ocast AB Swedish CNR 556910-7823, ( "Controller" “we” “us” etc.). It is important that persons using the Service ("Users”) feel safe with, and are informed about, how we handle their personal data.
This “Privacy Policy” describes how we process your Personal and explains your rights and freedoms.
1. General
The Users’ personal data is processed with the general purpose of providing the Service to our Customers ( “Customers”) in accordance with this Privacy Policy. Any questions regarding our processing may be directed to us via e-mail [email protected].
The Service is a platform where media sellers “Sellers” can produce a digital document to market their advertising for media buyers “Buyers” visiting www.ocast.com. Buyers can create an account in association with a media agency. A Seller may create a profile in the Service to list their media information as a “Profile”. The Profile is accessed through www.ocast.com. A User may log in to edit, change, give access (“Accounts”) to employees, consultants and/or other natural persons (“Users”).
The Profile is a description of the relevant facts regarding the Customer, such as contact information, target group et cetera. The Customer is responsible and are to be labelled Controller for any data in the Profile. Ocast’s responsibility as Controller is limited to such information that Ocast processes for the general purpose of providing the Service, marketing, et cetera unless otherwise specified in this Privacy Policy.
2. Collection and use of personal data
We process data differently depending on the category of Data Subject that the given subject falls within. Note that the same Data Subject may be part of more than one category. For the purpose of data processing, we have divided Data Subjects into the following categories:
Users – Users who are using Ocast’s service in their work for the Customer as an employee, consultant or otherwise.
“Influencer” – A Customer who is a natural person or a company so closely related to a natural person that the natural person may be identified using the company’s identity.
“Ocast contacts” – Representatives of Customers in the contractual relationship between Ocast and the Customer, such as the person responsible for the contract and other persons with whom Ocast has contacts. Note that the Customer may publish information in the Profile about whom to contact in certain matters, such contact persons are not Ocast-contacts, nor are we Controllers of such Personal Data.
“Leads” – Contact persons with companies that Ocast finds to be a potential, future, Customer.
All Personal Data is provided either by the User or by the Customer who owns the Profile to which the User’s Account is connected.
Data collected and processed regarding Users
The only information we collect and use regarding Users is the e-mail address used for login-purposes. We also use this information to contact Users regarding changes in the Service, support et cetera. The e-mail address is either provided by the User or by the Customer. This processing ceases when an Account is terminated. You may terminate your account at any time. However, you will not be able to use the Service without an Account.
The legal ground for this processing is our legitimate interest of providing the Customer with the Service. If you object to our processing of your e-mail address for this purpose you will not be able to use your Account. We do not require an e-mail address that is related to a natural person.
Data collected and processed regarding Influencers
If you are an Influencer, you will provide information regarding yourself that would normally not be considered Personal Data, such as your brand name, website URL and business information such as target audience.
By uploading such information, you consent to the information being published in the Service. To withdraw your consent, you may simply use your Account to delete the information from your Profile. Data deleted from the Profile will be permanently deleted.
Data collected and processed regarding Ocast-contacts
For normal customer-relation purposes, such as support issues, marketing and sales, invoicing et cetera, we need to have at least one Ocast-contact within the Customer’s organization. All such processing is performed on the legal ground of Ocast’s legitimate interest to maintain relationships with its Customers. We also have legal obligations to keep certain data (e.g. invoicing data, needs to be kept for seven years), such processing will end when there is no longer a legal requirement to keep such data.
This processing ceases when the Customer ceases to use the Service. Ocast-contacts may then, however, be considered Leads.
Data collected and processed regarding Leads
From publicly available sources, such as company websites and the company registry, from providers of lead-data and from the networks of our employees, we collect information regarding contact information of relevant persons with potential Customers ( “Lead Companies”) for direct marketing purposes. Such collection is based on our legitimate interest to market the Service. We inform Leads about this collection when we contact them. If a Lead Company proves to not be interested or not interesting, the Personal Data about Leads in such a Lead Company is deleted. If the Lead Company becomes a Customer, the Lead, or someone else, will be converted into an Ocast-contact. If you are contacted by Ocast and request us not to contact you with offers regarding our Service we will also delete your Personal Data.
3. Storage and transfers
We only process Personal Data within the EU/EEA, or where the adequate safeguards to protect the rights of the data subjects are in place. To obtain documentation regarding such adequate safeguards, contact us using the Contact details listed in paragraph 9.
4. Your rights
You have the right to request information about the personal data that is being processed by us, by notifying us in writing, using the contact details listed in paragraph 10. Users have the right to one (1) copy of the processed personal data which belongs to them without any charge. For further demanded copies, the Controller has a right to charge a reasonable fee based on administrative expenses for such a demand.
You have the right to, if necessary, demand rectification of inaccurate personal data concerning you, via a written request, using the contact details listed in paragraph 10.
You have the right to demand deletion or restriction of processing, and the right to object to processing based on legitimate interest under certain circumstances.
You have the right to revoke any consent to processing that has been given by you.
Under certain circumstances, you may have the right to data portability, i.e. the right to obtain the personal data digitally and/or to transfer such data to another controller.
If you suspect or deem our Processing of your Personal Data to not comply with current legislation or this Privacy Policy, please contact us using the contact details listed in paragraph 9. We will handle such a request and take appropriate action quickly. You also have the right to lodge a complaint to the relevant supervisory authority.
5. Security
We value your personal integrity and work actively to ensure that the Users Personal Data is processed with utmost care. We take reasonably expected measures to the make sure that the Users Personal Data and others are processed securely and in accordance with this Privacy Policy and the GDPR.
We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of your Personal Information, username, password, transaction information and data stored on our Site and in the Service.
Sensitive and private data exchange between the Site/Service and its Users/visitors is made over a SSL secured communication channel and is encrypted and protected with digital signatures.
Transfers of information over the internet and mobile networks are never entirely risk free. Therefore, all transfers are made at the person transferring the data’s own risk. It is important that Users also take responsibility to ensure that their data is protected. It is the responsibility of the User that their login information is kept secret and secured.
6. Transfer of personal data to third party
We will not sell or otherwise transfer Users’ personal data to third parties.
We may transfer Users’ Personal Data to:
- I. Our contractors and sub-contractors, acting as our Processors and Sub-Processors in accordance with our instructions, for the provision of the Service;
- II. authorities or legal advisors in case criminal or improper behaviour is suspected; and
- III. authorities, legal advisors or other actors, if required by us according to law or authority’s injunction.
We will only transfer Users’ personal data to third parties that we have confidence in. We carefully choose partners to ensure that the User’s personal data is processed in accordance to current privacy legislation. We use the following categories of processors to process Personal Data:
- - E-mail services,
- - Server infrastructure providers.
7. Aggregated data (NON-IDENTIFIABLE PERSONAL DATA)
We may share aggregated data to third parties. The aggregated data has in those cases been compiled from information that has been collected through the Service and can, for example, consist of internet traffic statistics or the geological location for the use of the Service. The aggregated data does not contain any information that can be used to identify individual persons and is therefore not to be labelled as personal data.
8. Changes
We have the right to, at any time, make changes or additions to the Privacy Policy. The latest version of the Privacy Policy will always be available through the Service. A new version is considered communicated to the Users when the User has either received an email informing the User of the new version (using the e-mail stated by the User in connection to the use of the Service) or when the User is otherwise informed of the new Privacy Policy.
9. Contact
For questions or for further information regarding our handling of Personal Data or for contact with us in other matters, please use the following contact details:
Regeringsgatan 38 5 tr.
SE 111 56 Stockholm
[email protected]