Codeunit Solutions International AB ("Codeunit") is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, protect, share, and delete personal data in compliance with the General Data Protection Regulation (GDPR) and other applicable laws and regulations.
This Privacy Policy covers the information practices of the website codeunit.io.
1. Who We Are
Codeunit Solutions International AB is a software development company specialising in cloud-based integrations for Microsoft Dynamics 365 Business Central.
Codeunit is registered and headquartered in Sweden.
Contact details:
- Address: Hyllie Boulevard 40, 215 35 Malmö, Sweden
- Email: dataprotection@codeunit.io
- Phone (USA): +1 925 289 9275
- Phone (Sweden): +46 40-670 70 40
2. Data We Collect and How We Collect It
If you choose to interact with us, we may collect the following categories of personal data:
- Identity data – such as your name and company name
- Contact data – such as your email address and phone number
- Transaction data – such as details of products and services you have purchased from us
- Usage data – anonymised and aggregated information about how visitors interact with our website (see Analytics section below)
We do not collect sensitive personal data through our website.
3. How We Use Your Personal Data
We will only use your personal data when the law allows us to. We use your personal data for the following purposes:
- To respond to your enquiries and process your requests
- To deliver and manage the services you have contracted with us
- To fulfil our legal and contractual obligations
We do not use your personal data for marketing or promotional purposes.
4. Analytics
We use Fathom Analytics (usefathom.com) to understand how visitors interact with our website. Fathom is a privacy-first analytics tool that does not use cookies, does not track individuals, and does not collect any personally identifiable information. The data collected is fully anonymised and aggregated, and is used solely to help us understand overall website traffic and improve our content. Fathom is GDPR-compliant and does not share data with third parties for advertising purposes.
5. Cookies
We do not use cookies or any other tracking technologies on our website. No information about your browsing behaviour is collected, stored, or shared through our website.
6. How We Store and Protect Your Data
We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or misuse. These measures include:
- Restricting access to personal data to only those employees and personnel who require it to perform their duties
- Processing data in secure Microsoft Azure datacenters located in the EU or USA, defaulting to the region geographically closest to you
- Requiring all staff with access to personal data to comply with strict confidentiality obligations
7. How We Share Your Data
We do not sell or share your personal data with third parties for marketing or advertising purposes. We may share your data with the following categories of third parties only where necessary to deliver our services:
- Microsoft – as our cloud infrastructure sub-processor
- Supervisory authorities or legal bodies – where required by law or regulation
Any sub-processors we engage are bound by written agreements that impose the same data protection obligations as those set out in our Data Processing Agreement.
8. Data Retention and Deletion
We only retain personal data for as long as necessary to fulfil the purposes for which it was collected, or as required by applicable law.
If you are a customer, your personal data is retained for the duration of our agreement and for a period thereafter as required by applicable law (for example, for accounting or legal compliance purposes). Upon termination of our agreement, personal data will be deleted in accordance with our Data Processing Agreement, with a default retention period of one month unless otherwise instructed.
If you wish to request deletion of your personal data, please contact us at dataprotection@codeunit.io. We will respond to your request within 30 days in accordance with applicable data protection laws, including the GDPR.
9. Your Rights
Under the GDPR, you have the following rights in relation to your personal data:
- Right of access – you can request a copy of the personal data we hold about you
- Right to rectification – you can ask us to correct inaccurate or incomplete data
- Right to erasure – you can ask us to delete your personal data where there is no legitimate reason for us to continue processing it
- Right to restriction – you can ask us to restrict the processing of your personal data in certain circumstances
- Right to data portability – you can request that we transfer your data to you or a third party in a structured, commonly used format
- Right to object – you can object to our processing of your personal data in certain circumstances
To exercise any of these rights, please contact us at dataprotection@codeunit.io. We will respond within 30 days.
10. Data Breaches
In the event of a personal data breach, we will notify the relevant supervisory authority without undue delay and, where required, notify affected individuals in accordance with the GDPR.
11. Third Party Links
Our website may contain links to third-party websites. We are not responsible for the content, security, or privacy practices of those websites and encourage you to review their privacy policies.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Any changes will be posted on this page and will take effect immediately upon posting. We encourage you to review this page periodically.
13. Governing Law and Supervisory Authority
This Privacy Policy is governed by the laws of Sweden and the GDPR. The Swedish Data Protection Authority (Integritetsskyddsmyndigheten, IMY) is the supervisory authority responsible for overseeing compliance with data protection law in Sweden.
If you have concerns about how we handle your personal data that we are unable to resolve, you have the right to lodge a complaint with IMY or your local data protection authority.