Data Rights Finder

Menu

iZettle

We read iZettle's privacy policy so you don't have to.

  • Find out what they do with data about you
  • Contact them if you have a request about that data
Make a data request

Organisation information

Description

Point of sale products for small businesses

Registration country

Sweden

Registration number

556806-0734

Data Protection Officer

Organisations that use special categories of data, are public bodies, or do large scale processing must appoint a Data Protection Officer.

This section hasn't been completed yet. Help us by updating it on GitHub.

Data categories collected

Organisations must give details about what categories of data are stored and processed.

iZettle's privacy policy says they collect the following categories of data:

  • Bank account details

  • Bank transactions

  • Credit history

  • Device information

  • Email address

  • Names

  • Online activity

  • Passwords

  • Postal address

  • Telephone number

Our Observations

Examples given under broader categories

Unusual processing purposes

Organisations must provide information about what they do with data. This section highlights less common uses of data.

Our Observations

"To be able to administer participation in competitions and/or events"

Third parties

Organisations must give details about other parties that personal data is shared with.

iZettle's privacy policy says they share data with the following third parties:

List of third parties

  • Rest of iZettle Group

  • Merchants (when a customer is using an iZettle Merchant)

  • Bisnode

  • Schufa

  • Experian

  • Callcredit

  • LexisNexis

  • Creditsafe

  • UC AB

  • Designated banks and relevant card networks

  • IT suppliers

  • Marketing suppliers

  • Tax authorities

  • Law enforcement

How specific is this information?

Third parties are listed as groups

Our Observations

Credit agency partners are listed by name

Retention rules

Organisations must give details about how long data is kept.

Summary

Preventing, detecting and investigating money laundering, terrorist financing and fraud: minimum five (5) years after termination of the business connection

Bookkeeping regulations: seven (7) years

Details on performance of an agreement: up to ten (10) years after end of customer relationship to defend against possible claims

Recorded telephone calls to our support: up to ninety (90) days from telephone call to support.

Our Observations

States that retention rules vary from country to country. Retention rules relate to reasons for keeping data.

How specific is this information?

  • Retention rules are given without mentioning specific categories of data

  • Specific times are given for how long data is kept

Lawful bases

Organisations must justify collection and use of data under six lawful bases and provide information about their decisions

iZettle's privacy policy says they use the following lawful bases to collect and use data:

Our Observations

This information is available on the privacy policy under "What information do we process about you, for what purposes and how is it lawful for us to do it?" Each processing activity is sometimes split across two lawful bases

Security standards

Organisations must ensure that data is stored and processed securely.

Our Observations

Appropriate technical measures have been implemented. iZettle is PCI-DSS Level 1 certified.

How specific is this information?

This organisation provides general details about how they secure data

Data processing addendum

Some organisations offer a data processing addendum that gives data adequate protections when it leaves the EEA.

Type

Adequate protections are provided by this organisations Terms of Service

Our Observations

Uses Standard Contractual Clauses for third country transfer, and Privacy Shield for US transfer. Also mentions transfer to Australia under standard clauses.

Automated decision making

Organisations must give details about how data is used to make decisions without human involvement.

Summary

This organisation does not use automated decision making

Complaint information

Organisations must give details about how to make a complaint with a data protection authority.

Summary

This privacy notice contains information about to make a complaint to a data protection regulator

Our Observations

Details for Swedish and British data regulators.

How specific is this information?

This privacy notice contains specific contact details for a data protection regulator

Design recommendations

Organisations are required to provide privacy information in a transparent way. The Article 29 Working Party has provided recommendations on how to do this.

Assessment

This privacy notice:

  • Has language that is easy to understand

  • Is designed in a way that makes it easy to find information

  • Can be easily found on the organisation's website

Make a data request

You have rights to control data about you. Click on the rights to see why you might want to use each one.

We've also prepared email templates to help you contact iZettle to use the rights.

  • See data they hold about you

    You can ask to see what data iZettle has about you. They usually can’t charge for this, and they must respond to your request within a month.

    Why you might make this request

    You might want a copy of the data about you to understand what data the organisation has collected about you.

    Email the organisation

    Copy and paste this template into an email and send it to iZettle at dataprotection@izettle.com

    Copy template to clipboard

    Contact the organisation by post

    iZettle AB, Attn: Privacy Function, Regeringsgatan 59, 111 56 Stockholm, Sweden

    Use this template message above to help you write a letter to the organisation.

  • Change data they hold about you

    You can ask iZettle to change inaccurate or incomplete data about you. They must respond to your request within a month. Sometimes your request can be refused.

    Why you might make this request

    If an organisation is using information about you which is incorrect, you can ask them to correct it.

    Email the organisation

    Copy and paste this template into an email and send it to iZettle at dataprotection@izettle.com

    Copy template to clipboard

    Contact the organisation by post

    iZettle AB, Attn: Privacy Function, Regeringsgatan 59, 111 56 Stockholm, Sweden

    Use this template message above to help you write a letter to the organisation.

  • Delete data they hold about you

    You can ask that iZettle delete information about you. They must respond to your request within a month. Sometimes your request can be refused.

    Why you might make this request

    You might want to delete data about you if, for example, you have stopped using an organisation’s services.

    Email the organisation

    Copy and paste this template into an email and send it to iZettle at dataprotection@izettle.com

    Copy template to clipboard

    Contact the organisation by post

    iZettle AB, Attn: Privacy Function, Regeringsgatan 59, 111 56 Stockholm, Sweden

    Use this template message above to help you write a letter to the organisation.

  • Limit how they use data about you

    You can ask that iZettle only store data about you and not use it. They must respond to your request within a month.

    Why you might make this request

    You might want the accuracy of the data to be verified or you might want the organisation to hold on to data so you can make a legal claim against them.

    Email the organisation

    Copy and paste this template into an email and send it to iZettle at dataprotection@izettle.com

    Copy template to clipboard

    Contact the organisation by post

    iZettle AB, Attn: Privacy Function, Regeringsgatan 59, 111 56 Stockholm, Sweden

    Use this template message above to help you write a letter to the organisation.

  • Stop their use of data about you

    You can ask iZettle to stop using your data for particular reasons. They must respond to your request within a month.

    Why you might make this request

    You might want to stop the organisation using your data to for direct marketing.

    Email the organisation

    Copy and paste this template into an email and send it to iZettle at dataprotection@izettle.com

    Copy template to clipboard

    Contact the organisation by post

    iZettle AB, Attn: Privacy Function, Regeringsgatan 59, 111 56 Stockholm, Sweden

    Use this template message above to help you write a letter to the organisation.

  • Export data they hold about you

    You can ask iZettle to move data about you to another service or provide it in a format that can be used by another service.

    Why you might make this request

    You might want to move your data to another organisation to get a better deal.

    Email the organisation

    Copy and paste this template into an email and send it to iZettle at dataprotection@izettle.com

    Copy template to clipboard

    Contact the organisation by post

    iZettle AB, Attn: Privacy Function, Regeringsgatan 59, 111 56 Stockholm, Sweden

    Use this template message above to help you write a letter to the organisation.

  • Challenge an automated decision

    You can ask iZettle to give you information about how they use automated decision making, or ask for a person to review an automated decision.

    Why you might make this request

    You might want to find out about an automated decision if, for example, you were rejected for a bank loan or account.

    Email the organisation

    Copy and paste this template into an email and send it to iZettle at dataprotection@izettle.com

    Copy template to clipboard

    Contact the organisation by post

    iZettle AB, Attn: Privacy Function, Regeringsgatan 59, 111 56 Stockholm, Sweden

    Use this template message above to help you write a letter to the organisation.

Last updated 2018-09-27 at 09:09:29 • Download as JSONAPI documentationView on GitHubView on OpenCorporates

Back to top