Sign in
Create account
language
SwedishEnglish

Privacy Policy

Privacy Policy – Janus

Effective from: 1 December 2025
Data Controller: BalancePoint AB, reg. no. 556788-8622 (the “Supplier”)
Website: https://dinunderhallsplan.se (and any domains redirecting to it)
Contact: info@balancepoint.se

This Privacy Policy (the “Privacy Policy”) describes how the Supplier processes Personal Data in connection with the Janus service (the “Service”) and the Website. Capitalized terms have the same meaning as in the Service’s Terms and Conditions (the “T&C”).

1. Roles and Responsibility

1.1 When the Supplier is the Data Controller

The Supplier is the data controller for Personal Data processed in order to:

  • create and administer user accounts
  • enable login and access control
  • send system notifications
  • maintain secure operations, troubleshooting, and incident handling
  • administer subscriptions, payments, and customer relationship

1.2 When the Supplier may act as Data Processor

The Customer may store or otherwise process Data in the Service that may contain Personal Data (the “Customer’s Data”). For such processing, the Customer is normally the data controller and the Supplier the data processor, to the extent the Supplier processes Personal Data solely on the Customer’s instructions to provide the Service.

If a data processing agreement is required for the Customer’s use of the Service, the Supplier will provide such agreement upon request.

2. What Personal Data do we process?

2.1 Account and Access Data

We process the following Personal Data in the Service:

  • Email address (mandatory)
  • Name (optional)
  • Phone number (optional)
  • User ID and role/permissions (e.g., administrator/user)
  • Timestamp of last login (for security and account administration)

For administrators, a verified email address is required. For other Users, email verification is not required.

2.2 Technical and Security-Related Information

To maintain secure operations, we may process technical logs and security-related information linked to accounts and use of the Service (e.g., last login timestamp and operations/troubleshooting logs).

2.3 Subscription and Payment

For subscription and payment administration, information related to payment and billing may be processed (e.g., subscription tier and payment status). Card details are not handled by the Supplier but by the payment service provider.

3. Purposes and Legal Basis

We process Personal Data for the purposes of providing the Service, administering accounts, ensuring secure operations, handling subscriptions and payments, and fulfilling legal obligations in accordance with applicable data protection laws.

4. Cookies

The Service uses only strictly necessary session cookies to enable login and secure operation. We do not use cookies for statistics, analytics, profiling, or marketing in the Service.

See the Cookie Policy for more information.

5. System Notifications and Marketing

The Service may send necessary system notifications from the dinunderhallsplan.se domain (e.g., verification for administrators and password reset).

We do not send newsletters or marketing to Users within the Service. Any marketing for BalancePoint AB is conducted separately (e.g., via balancepoint.se) and is then subject to separate communications and applicable rules.

6. Recipients and Sub-processors

We may share Personal Data with Sub-processors to the extent necessary to provide the Service, for example:

  • AWS (operations and storage in EU regions, including eu-north-1 and eu-central-1)
  • SendGrid (sending system notifications)
  • Stripe (payment processing)
  • Google Maps (map functionality, to the extent used)

We do not disclose Personal Data to third parties for their own marketing purposes.

7. Transfers Outside the EU/EEA

The Supplier’s objective is for Personal Data to be processed within the EU/EEA. However, certain providers or corporate structures may mean that Personal Data in some cases is processed or becomes accessible from outside the EU/EEA (e.g., for support or operations).

Where transfers outside the EU/EEA occur, appropriate safeguards under the GDPR are ensured, such as the EU Commission’s Standard Contractual Clauses (SCC) and, where necessary, supplementary measures.

8. Retention and Deletion

Personal Data is retained as long as there is an active account or customer relationship and otherwise as long as necessary for the stated purposes.

After subscription termination, the Customer’s Data and account information are deleted in accordance with the T&C, normally within 30 days, unless longer retention is required by law.

Data that must be retained by law (e.g., accounting records) is retained for the legally required period.

9. Security

The Supplier applies reasonable technical and organizational security measures to protect Personal Data against unauthorized access, loss, and misuse, including access controls and backups.

10. Your Rights

In accordance with the GDPR, you have the right to:

  • request access (data subject access request)
  • request rectification
  • request erasure (where applicable)
  • request restriction of processing
  • object to processing based on legitimate interests
  • request data portability (where applicable)

To exercise your rights, contact info@balancepoint.se.

You also have the right to lodge a complaint with the Swedish Authority for Privacy Protection (IMY).

11. Changes

We may update this Privacy Policy as needed. The latest version is always published on the Website.

Product

Resources

  • Blog
  • FAQ lock
  • Support lock

Company

ⓒ BalancePoint AB 2025