Elfskot Privacy and Cookie policy

1. Applications

This privacy- and cookiepolicy applies to all Elfskot applications:

2. Datacollection

If you use our applications, Elfskot and third parties collect data with the help of cookies and- or other techniques.

3. What data does Elfskot collect?

By entering data in one of Elfskot's application you agree to the saving and publishing of the entered data. Elfskot will standard only collect data that is entered by the user or otherwise explicitly is pushed into our database ,e.g. by applications developed with our SDK (sync applications and the like).
NOTE: The SDK can only be used by customers of Elfskot.

3.1 List of personal data that could be entered

3.2 Product data

All entered data about a product that can be configured. e.g. product- images, texts, prices etc.

3.3 Google Analytics

If a customer of Elfskot has implemented Google Analytics, that customer of Elfskot and Google will collect information about the users' surf- and watch-habits and location. This data can only be seen by Google and the Admin(s) of the respective Google Analytics account, not by Elfskot.

3.4 Application Insights

Elfskot applies Application Insights (Microsoft analytics). All data that is collected this way is anonymous. All Application Insights data cannot be linked to a person. Refer to Microsofts documentation to see what data Application Insights collects, via this link.

4. What does Elfskot do with the collected data?

Elfskot saves the collected data to a database and is only visible for Elfskot and the respective customer of Elfskot. A customer of Elfskot can set what access each user has.
NOTE:This does not apply to the Google Analytics data.

5. Purpose of collecting the different data

Elfskot only stores data to make Elfskot's applications work correctly (data from point 3.1 and 3.2) and to watch for problems in one of our applications (data from point 3.4). The data collected with Application Insights (3.4) we use for statistics like creating charts for most configured products and the like, as well as for security- and application improvements purposes.

6. How long do we store personal data?

We do not store personal data longer than that is necessary to realise the purpose for which they where intended. We do not store any other personal data longer than necessary for the purpose for which it was collected, for the performance of legal duties and the fulfillment of legal obligations or the execution of agreements (think of limitation periods), but ofcourse also in accordance with the applicable statutory retention periods.

7. Sharing of data

Elfskot does not share data with other parties than the customers of which they where intended for and employees of Elfskot. All employees of Elfskot are subject to confidentiality.

8. Cookies

What is a cookie? Cookies are small files which are stored on a user's computer. They are designed to hold a modest amount of data specific to a particular client and website, and can be accessed either by the web server or the client computer. This allows the server to deliver a page tailored to a particular user, or the page itself can contain some script which is aware of the data in the cookie and so is able to carry information from one visit to the website (or related site) to the next.

8.1 Which cookies are there per application and what are they used for?

8.1.1 EMS
8.1.1.1 ARRAffinity

This cookie is set by websites run on the Windows Azure cloud platform. It is used for load balancing to make sure the visitor page requests are routed to the same server in any browsing session. Does not expire.

8.1.1.2 access_token

This cookie is used for authenticating a user's requests to our server. Is valid for 30 minutes but is refreshed every 10 minutes for a persisting good user experience.

8.1.2 Configurator
8.1.2.1 _ga

This cookie name is asssociated with Google Universal Analytics - which is a significant update to Google's more commonly used analytics service. This cookie is used to distinguish unique users by assigning a randomly generated number as a client identifier. It is included in each page request in a site and used to calculate visitor, session and campaign data for the sites analytics reports. By default it is set to expire after 2 years, although this is customisable by website owners.

8.1.2.2 access_token

This cookie is used for authenticating a user's requests to our server. Is valid for 30 minutes but is refreshed every 10 minutes for a persisting good user experience.

8.1.2.3 ARRAffinity

This cookie is set by websites run on the Windows Azure cloud platform. It is used for load balancing to make sure the visitor page requests are routed to the same server in any browsing session. Does not expire.

8.1.2.4 Youtube cookies

When a youtube video is shown, Youtube will also set cookies these are:

8.1.3 Login
8.1.3.1 .AspNetCore.Antiforgery.[random id]

This cookie is used for security purposes in the logging in process. This cookie does not store any data, its sole purpose is to securely log a user in.

9. Reading, editing, deleting your own data

You have the right to read, edit or delete your own data. To do this send a detailed request to info@elfskot.com Make sure that the address you send the email from is the same as your user-account, or for quotation requests please mention your suppliers name so we can redirect the request. You will receive a reaction within at least 4 weeks of the send-date.

10. Securing the data

We take security very serious and take all appropriate actions to secure ALL sensitive data and prevent unwanted information-disclosing, misuse, loss, unallowed access to and unallowed changing of any data. If you think we did not store or handle your data securely please contact us via info@elfskot.com

11. This privacy statement

Customers of Elfskot can extend this privacy policy by creating an appendix.

11.1 Third parties privacy statement

Elfskot cannot take responsibility for what our customers do with the data they collect. For this read the (if applicable) appendix created by the owner of the EMS and/or Configurator environment.

11.2 Changes to this Privacy Statement

Elfskot can change this statement. The newest version of this document can always be found here.

This privacy statement is last updated at 12 june 2018