1. Controller and Contact
Controller: Settlewell Technologies AB (Org. no. 559542-0646)
Address: Sveavägen 10, 672 41 Töcksfors, Sweden
Affiliate office: Settlewell Spain SL, Calle Hilera 8, 29002 Malaga, Spain
Email: support@settlewell.io
This policy explains how we collect and process personal data when you visit https://settlewell.io/, contact us, or use our web/app services (the “Services”).
2. Categories of Personal Data
- Account & Contact Data: name, email, phone, country, language, preferences.
- Service Data: information submitted in forms (e.g., checklists, relocation interests, partner requests), documents you upload, and messages you send to us or providers.
- Communications: support tickets, emails, in-app/chat messages; audio/video recordings and transcripts only if you give explicit consent before recording.
- Usage & Device Data: IP address, device and browser type, settings, timestamps, pages/screens viewed, crash/diagnostic logs.
- Cookie/Identifier Data: cookies, local storage, pixels/SDKs (see Cookie Policy).
- B2B Partner/Advertiser Data (where applicable): company details, role, orders, invoicing.
We do not intentionally collect special categories of personal data. Please do not submit such data unless we specifically ask for it and provide a lawful basis.
3. Sources
- Directly from you (account, forms, uploads, support).
- Automatically from your device when you use the Services (incl. cookies/SDKs).
- From partners you ask us to contact on your behalf.
4. Purposes and Legal Bases (GDPR)
- Provide and operate the Services (accounts, checklists, routing your enquiries to providers you choose, and troubleshooting).
- Legal bases: contract (Art. 6(1)(b)) and/or legitimate interests (Art. 6(1)(f)).
- Customer support and quality assurance (including optional call/video recording for training/QA, with your consent).
- Legal bases: legitimate interests; consent for recordings (Art. 6(1)(a)).
- Security and fraud prevention (detect, investigate, respond to incidents; platform integrity).
- Legal bases: legitimate interests; legal obligation, where applicable.
- Analytics and product improvement (measure usage to improve features; non-essential analytics only with consent in the EEA/UK).
- Legal bases: legitimate interests; consent for non-essential cookies/IDs.
- Marketing and communications (newsletters, product updates, partner offers that you opt into; permitted B2B outreach).
- Legal bases: consent (and legitimate interests where e-privacy rules allow). Opt out anytime.
- B2B partner/advertiser relations (orders, performance reporting, invoicing).
- Legal bases: contract, legitimate interests, legal obligation (tax/accounting).
- Compliance and enforcement (respond to lawful requests; enforce our Terms of Use).
- Legal bases: legal obligation, legitimate interests.
5. Sharing and Recipients
We share personal data only as needed:
- Processors/service providers: hosting/CDN, analytics, communications, CRM/support, email delivery, error monitoring. This includes Zoho for certain customer data processing. Processors act on our instructions under written agreements that are consistent with the GDPR.
- Payment processing: Stripe, Inc. — processes payment card data for Settlewell Plus subscriptions under a data processing agreement.
- Providers you choose: when you ask us to connect you with utilities, telecom, banking, insurance, housing, or similar providers. After sharing at your request, each provider becomes an independent controller under its own privacy policy.
- Authorities and legal requests: where required by law.
- Business transfers: in connection with reorganization, merger, or sale (with notice where required).
6. International Transfers
When data is transferred outside the EU/EEA to countries without an adequacy decision, we rely on appropriate safeguards, such as the EU Standard Contractual Clauses (SCCs), and implement supplementary measures where necessary. Contact us to obtain further information.
7. Retention
We retain personal data only for as long as needed:
- Account data: for the life of your account, then deletion or anonymization after a defined period.
- Support communications: typically up to 24 months, unless a longer legal retention period applies.
- Recordings (with consent): typically up to 12 months or until consent is withdrawn, unless a legal retention duty applies.
- Cookie/identifier data: per durations shown in the cookie banner/manager.
- Subscription and billing records: retained for the duration of the subscription plus the applicable statutory period for financial records (7 years in accordance with Swedish bookkeeping law).
- Financial/records required by law: in accordance with statutory retention periods.
8. Your Rights
Where GDPR or similar laws apply, you have the right to access, rectify, erase, restrict processing, object to processing, and port your data, and to withdraw consent at any time (without affecting processing carried out before withdrawal).
To exercise rights: support@settlewell.io. We may need to verify your identity.
You may lodge a complaint with a supervisory authority. In Sweden, the Swedish Authority for Privacy Protection (IMY).
9. Children
Our Services are not directed to children. Do not use the Services or provide personal data if you are under the age at which you can lawfully consent in your country without parental/guardian consent.
10. Security
We apply administrative, technical, and organizational measures designed to protect personal data (access controls, need-to-know, encryption in transit where appropriate, logging, incident response). No method is 100% secure; we work to prevent and mitigate risks.
11. Cookies and Similar Technologies
See our Cookie Policy for the cookies/SDKs we use, purposes, retention, and your consent choices.
12. Changes to this Policy
We reserve the right to update this Privacy Policy periodically. Material changes will be posted on the Site and, where appropriate, notified to you.