All legal documents

Privacy Policy

Effective: 2024-09-14Last updated: 2026-03-18

Adcyma AB (“Adcyma,” “we,” “us”) provides Identity Governance and Administration (IGA) services. This Privacy Policy explains what personal data we collect, why we collect it, and how we protect it.

1. Information We Collect

Personal Information: When you or your organization use our Services, we may collect names, display names, employee IDs, email addresses, phone numbers, company names, job titles, departments, countries, cities, manager details, mobile numbers, language preferences, employment dates, and mail nicknames.

Account Information: Your username and login credentials.

Usage Data: We collect technical data such as IP addresses, device information, operating system, browser type, pages visited, and time spent on pages. This helps us understand how the Services are used and where we can improve.

2. How We Use Your Information

We use your data to:

  • Run, maintain, and improve the Services
  • Manage your account and provide support
  • Send you communications related to the Services
  • Monitor usage patterns and fix issues
  • Meet legal obligations
  • Protect the rights and safety of our users and ourselves

3. Legal Basis for Processing (GDPR)

If you are in the European Economic Area, we process your data based on one or more of the following grounds:

  • Contract: We need to process your data to deliver the service you signed up for
  • Consent: You have given us explicit permission
  • Legitimate interest: Processing is necessary for our business operations, as long as it doesn't override your rights
  • Legal obligation: We are required to by law

4. Who We Share Data With

We may share your data with:

  • Service providers: Companies that help us operate the platform (see our subprocessor list)
  • Business transfers: If Adcyma is involved in a merger, acquisition, or sale of assets
  • Affiliates: Who are bound by this Privacy Policy
  • Others: Only with your consent

We do not sell your personal data.

5. Security

We use administrative, technical, and physical safeguards to protect your data. That said, no system is perfectly secure. We do our best, but we cannot guarantee that unauthorized access will never occur.

6. Your Rights Under GDPR

If you are in the EEA, you have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate or incomplete data
  • Delete your data (the “right to be forgotten”)
  • Object to how we process your data
  • Restrict processing in certain circumstances
  • Port your data to another service
  • Withdraw consent at any time, without affecting processing that already took place

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

7. Third-Party Links

Our Services may link to other websites. We are not responsible for how those sites handle your data. We recommend reading their privacy policies before sharing any personal information.

8. Changes to This Policy

We may update this Privacy Policy when needed. When we do, we will update the “Last Updated” date at the top of this page. For significant changes, we will notify you by email or through the Services.

9. Contact

If you have questions about this Privacy Policy or how we handle your data, reach out to us at [email protected].

10. Children's Privacy

Our Services are not designed for anyone under 16. If we discover that we have collected personal data from a child, we will delete it promptly.

11. International Data Transfers

Adcyma is based in Sweden and processes data within European infrastructure. Your data stays in Europe. If this ever changes, we will update this policy and make sure appropriate safeguards are in place.