To ensure the protection of your security, we use the Transport Layer Security (TLS) protocol to transmit personal information within our system.
All data stored in our system is securely protected and accessible only to our employees. Our employees are bound by strict confidentiality agreements, and a violation of this agreement would result in the termination of the employee.
Sweaka respects the privacy of individuals and ensures the confidentiality of personal data entrusted to our clients, which is processed in our solutions. The Sweaka Platform and related Software as a Service (SaaS) offerings are business-to-business services and are not intended for use by individual customers.
This Privacy Policy for the Sweaka Platform (along with our Terms of Service and any other referenced documents) aims to establish the basis for the processing of Personal Data that we collect (or that is provided to us) from businesses that use the Sweaka Platform and SaaS services offered by Sweaka to businesses (e.g., Sweaka® Pay, Sweaka® Buy, and Sweaka® Engage), including Personal Data associated with authorized users of these companies.
In this document, the terms "you" and "your" refer to users of the Sweaka solution on behalf of a business. Furthermore, we have drafted this policy to address you as a user.
This policy does not cover the processing of personal data collected by Sweaka from visitors or provided by visitors of the marketing pages of the website, trainings, webinars, conferences, and other business activities of Sweaka. The processing of personal data by Sweaka in connection with these business activities is governed by Sweaka's Website Privacy Policy.
Please read the following carefully to understand our views and practices regarding your Personal Data and how we, as the data controller, interact with it.
The Sweaka Platform and Software Services (collectively referred to herein as the “Sweaka Platform” or the “Platform”) are operated by Sweaka Inc., (“Sweaka” or “we”), with certain operations subcontracted to Sweaka affiliates and subcontractors. our address is as follows: Villejuif 94800 Paris, France.
The “Personal Data” means identifiable information associated with an individual, such as name, email address and username, as indicated below.
The Sweaka Client refers to the business or commercial entity that is registered on the Sweaka Platform or authorized to use it, which may include a Sweaka reseller. Sweaka Clients use the Sweaka platform as “buyers” or “suppliers” to collaborate and exchange business documents and take advantage of other offers (whether from Sweaka or third-party service companies) accessible through the Sweaka Platform.
The User refers to any person who uses our Platform (whether or not such persons have paid for such use) and “Users”, “you” and “your” are interpreted accordingly. Each User is associated with and uses the Platform on behalf of a designated Sweaka Client sometimes referred to herein as “your company”.
When you register on the Platform:
User accounts:
When you register your company on the Platform or add a new User to your company’s account, we collect the person’s first and last name, a username, the country of activity and the company’s email address. People can also indicate a business phone number and function. We do not collect a person’s home address. People should not provide personal credit card numbers or tax identifiers on the Platform.
Cookies :
Cookies are text files placed on your computer to collect standard Internet log information and visitor behavior information. When you visit, register and use our Platform, we may automatically collect information about you through cookies or similar technologies. Our cookie policy describes what data we collect from users of the Platform and what we do with it when you browse our Site (e.g., your IP address).
Personal data related to transactions:
Some business documents exchanged on the Platform and via the various services available from the Platform may include Personal Data, which you are not required to provide. Increasingly, companies do not include names of people to contact but rather email addresses and phone numbers for their service departments on their transaction documents.
The professional contact details (including Personal Data) of your company’s business partners may also be stored on the Platform to facilitate interaction as part of the Services.
Information related to use:
Information about how you conduct transactions using the Platform using our Services, including access time, “login” and “logout” data, browser type and language, country and language preferences of your device, IP address, other attributes about your browser, mobile device and operating system, features you use, and date and time of use of the Services.
Device information:
Information about your device, including hardware model, operating system and version, device name, unique device identifier and information about mobile network and device interaction with our Services.
The reasons why we need this data:
User accounts:
We will need your name and username to authenticate your User Account and validate it with your company’s use of our Platform so that your company can benefit from the software services provided to it. We will need your email address to send you an activation link for your profile so that you can receive business documents and network requests on behalf of your company. We will also need your email address if you forget your password or if you want to receive emails from us containing information about our services or changes to our policies or terms and conditions. We record your IP address associated with transactions and activities on the Platform in order to limit spam, fraud or violations on our Platform. We will keep this data for as long as necessary for the purposes of the Services, as agreed in our agreement with your company, unless we are required, for legal reasons or in exceptional cases, to keep this data for an extended period of time, or unless its deletion is technically impossible. As long as they are stored, we guarantee the confidentiality of personal data in accordance with Sweaka’s Information Security Policy and as agreed with your company.
Personal data related to transactions:
Sweaka customers decide on the amount of Personal Data to include in business documents exchanged on the Platform. However, Sweaka customers cannot authorize the sending of medical information, tax identifiers or personal financial information (“Sensitive Personal Data”) or other sensitive personal data requiring special protection measures based on local legislation on the Platform.
Sweaka customers use the Platform to store the professional contact details of their business partners in order to facilitate interaction and collaboration between these parties, with Sweaka acting on behalf of the customer. In order for Sweaka to perform certain actions related to supplier integration on behalf of a buyer, Sweaka requires the professional contact details of certain business partners, which may include Personal Data.
How we use this data:
We use your user account data to administer the Platform, record transactions and provide Services as agreed with your company. Other people within your company may also have access to your user account data and may be the ones managing changes to that data.
We will not share your login data (your name, username, email address and IP address) with anyone other than our service providers and other people in your company (or the Sweaka customer managing your user account), except as mentioned in this policy or as agreed with the Sweaka customer.
From time to time, we communicate with users using the email address they provided to inform them of updates or changes to the Platform or Services, announce changes to policies and request information about a support issue and other standard communications associated with the operation and management of an online service. In most cases, these communications will be addressed to “Admin” level users, who will then exchange with other users in their company.
As a representative of a Sweaka customer, we may periodically send you information, updates and commercial offers that you can refuse to receive by simply clicking “unsubscribe” in the relevant email.
Sweaka may use the business contact details you have stored on the Platform as part of performing Services on behalf of the Sweaka customer, such as supplier integration activities, and if required by law for compliance purposes.
All the information you provide us with is stored on secure servers managed by us, an affiliate or a service provider. The Sweaka Platform, used by companies outside of China, is primarily hosted in a data center in Ireland, although integrated services may be hosted in other countries. Personal data may be transferred internationally between different data centers and integrated service sites.
Your account will be secured by a password that will allow you to access the Platform. You must ensure the confidentiality of this password. You should never share your password with anyone. Unfortunately, the transmission of information via the Internet is not completely secure. Although we do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Platform, any transmission being at your own risk. Once we have received your information, we use strict security procedures and devices to try to prevent unauthorized access, as stipulated in Sweaka’s Information Security Policy.
We will need your help to ensure that the Personal Data you have provided to us is accurate and up-to-date. If you wish to correct and update any of your Personal Data, you can do so by updating the Personal Data through the preferences available in your account. Your company’s administrator may also be able to assist you in making changes. Please note that some modifications or deletions on your account may require a more formal request from your company’s administrator, as Sweaka operates the system for the benefit and on behalf of the Sweaka customer.
If European Union law applies to your Personal Data, please note that Sweaka is a “processor” of your information on behalf of your company which is the “controller”. Sweaka will work with the controller to help you exercise your data protection rights (access, correction, erasure, etc.), but only with consent and according to the controller’s instructions.
Transfers to foreign countries:
In the event of transfers of personal data to foreign countries, Sweaka retains responsibility for authorizing the processing of data abroad by third parties acting on our behalf only in a manner consistent with our agreement with your company or the Sweaka customer, including, as may apply to personal data of citizens of the European Union and other countries with restrictions on international transfer in their data protection laws, Standard Contractual Clauses and/or a Data Processing Agreement signed between Sweaka and the Sweaka customer.
Service providers:
We use service providers to perform tasks and provide us with services. If permitted by law, we may share your Personal Data with such service providers, subject to obligations consistent with this policy and any other appropriate privacy and security measures, and provided that third parties use your personal data only on our behalf and in accordance with our instructions. Sweaka maintains a list of service providers that perform tracking processing of Personal Data called the List of Subcontractors for the Sweaka Platform. We strive to keep this list up-to-date and each Sweaka customer can request the latest list at any time.
Authorized personnel:
Our employees, agents, consultants, subcontractors or other authorized personnel may have access to user information if it is necessary in the normal course of our activities, to participate in the smooth running of operations, customer service and communications, usage tracking, processing of requested transactions and security incident investigations.
Business transfers:
If the Platform, a specific business sector, a Software Service, Sweaka or substantially all of its assets were acquired, liquidated or dissolved, user information, including Personal Data, would be part of the transferred assets, but the acquiring company would be bound by the terms of our agreements with Sweaka customers, including this policy.
Government, law enforcement and third parties:
We may disclose information, including but not limited to Personal Data to comply with applicable laws, regulations, legal proceedings or government requests, including export laws from different countries to prevent access and use of the Services by certain entities and individuals. We reserve the right to disclose a user’s Personal Data if we believe in good faith that the user is violating the Terms of Use or any other agreement with Sweaka, even without subpoena, warrant or other court order.
We offer you the possibility of exercising certain controls and making choices regarding the collection, use and sharing of your information. However, since your user account is managed by the Client Sweaka, some choices must be made through your company and not by you as an individual.
If you have a Sweaka account, you can ensure that your contact information and preferences are accurate, complete and up-to-date by logging into your Sweaka account. For other Personal Data that we hold, we will provide you with access for any purpose, including to ask us to correct the data if it is inaccurate or to delete it if we are not required by law to keep it or for legitimate business reasons. We may refuse to process requests that are abusive/vexatious, that endanger the privacy of others, that are very difficult to respond to or for which access is not required by local legislation.
We have implemented physical, electronic, and procedural controls to prevent unauthorized access, ensure data security, and appropriately use the information we collect online. These protective measures vary depending on the sensitivity of the information we collect and store. Sweaka's Information Security Policy provides additional information about our approach to securing the underlying systems of the platform.
While most changes are likely to be minor, we may make occasional modifications to the Privacy Policy of our Sweaka platform, at our sole discretion and subject to our agreements with Sweaka Clients. We encourage visitors to check this page frequently for any potential modifications to the Privacy Policy of the Sweaka platform. Your continued use of the platform following any changes to this policy will indicate your acceptance of them.
By using the Platform and/or certain software Services, you acknowledge that you agree to the practices and policies described in this Privacy Policy of the Sweaka platform and consent to the transfer and processing of your data on computers located outside of your state, province, country, or other governmental jurisdiction where data protection laws may differ from those in your jurisdiction. If you do not agree to this Privacy Policy, please refrain from using the Platform.
The Platform is controlled and operated by Sweaka from the United States, with data centers located in multiple jurisdictions, as mentioned above. If you are not a resident of the United States or are accessing the Platform from outside the United States and choose to use the Platform or provide us with information, please note that we may transfer this information, including Personal Data, to the United States and process it there.
By accepting this Privacy Policy and subsequently providing such information, you ensure your agreement and consent to such transfer. We make no representation or warranty that the Platform, or any portion of the software Services, is appropriate or available for use in any given jurisdiction. Individuals who choose to access the Platform do so on their own initiative and at their own risk, and are responsible for compliance with all local laws, rules, and regulations. You are also subject to U.S. export controls in connection with your use of the Platform and are responsible for any violation of such controls, including, without limitation, any U.S. embargoes or other federal rules and regulations that restrict exports.
We may limit the availability of the Platform, in whole or in part, to any person, geographic area, or jurisdiction of our choosing, at any time and at our sole discretion.