Last updated: April 2, 2025
At Textalk Media AB, we are committed to protecting your privacy and processing your personal data correctly in accordance with applicable data protection legislation, including the EU General Data Protection Regulation (GDPR). We are transparent about how we handle data so that you can feel confident about how your information is used. Here, we explain what information we collect, why we collect it, how we use it, how long we keep it, and what rights you have.
This policy applies to individuals who use websites and services connected to Prenly, as well as customer representatives who communicate with us or have agreements with us. The policy does not apply to end users of our customers’ publications, where we act as a data processor under separate agreements.
Textalk Media AB, company registration number 559070-3608, is the data controller for the processing described in this policy.
Textalk Media AB
Krokslätts fabriker 12
431 37 Mölndal, Sweden
Contact regarding data protection issues: dpo@textalkmedia.se
This policy applies when we, as the data controller, process your personal data in connection with your use of Prenly-related administrative tools, related websites, and other digital tools, insofar as these involve the processing of personal data.
This includes when you:
We process the following categories of personal data necessary to deliver our services:
In addition, we may process further information in our tools if you provide consent for such processing.
We process personal data to manage logins, accounts, and permissions. The legal basis for this processing is the performance of the applicable contract.
We process personal data to provide support via email or chat. The processing is based on the applicable contract. In order to use the built-in chat function in Prenly Workspace, your consent is also required.
We process technical information to prevent intrusions, detect errors, and ensure stable operation of our services. The legal basis is our legitimate interest in maintaining a high level of IT security and protecting our systems and your personal data against unauthorized access or misuse.
We process data to manage billing, customer relationships, and legal requirements under accounting laws. The legal basis is both the contract and our legal obligations.
We process personal data to maintain contact with existing and potential customers, for example in connection with inquiries, quotes, or other communications. The purpose is to ensure smooth communication and good service. The legal basis is our legitimate interest.
We share personal data with our parent company Textalk AB (company registration number 556586-1472) for the operation and development of our services. We may also engage trusted providers who process personal data on our behalf if needed to provide or improve the services.
If you use a web service covered by this policy, the relevant consent management platform (CMP) may indicate which data is shared, with which recipients, and for what purpose.
We may also disclose personal data if required by law or to respond to a request from a public authority.
We do not retain your personal data longer than necessary for each purpose or as required by law. When the data is no longer needed, it will be deleted or anonymized.
The storage period may vary depending on the category of data. For example, data related to contracts and billing must be kept for at least seven years in accordance with accounting legislation. Technical logs are normally stored for a limited period (usually up to 12 months) to enable operations and troubleshooting. Exact retention periods may vary depending on the system.
Regardless of the category, you always have the right to request deletion of your personal data in accordance with your rights described below.
You have rights that give you control over your personal data. These rights vary depending on the legislation applicable in the country where you are located.
Since Textalk Media AB is established in Sweden, GDPR generally applies to our processing. We also apply these principles to customers outside the EU where possible and relevant. In general, the rights include:
You have the right to know whether we process personal data about you and, if so, to obtain a copy of the data.
You have the right to request correction of inaccurate or incomplete personal data.
You have the right to request that your personal data be erased when it is no longer needed, if you withdraw your consent, or when the processing is not permitted under applicable legislation.
You have the right to request that the processing of your personal data be restricted under certain circumstances, for example while we investigate an objection to the processing.
You have the right to object to certain processing, for example when it is based on legitimate interest.
Where technically feasible and legally applicable, you have the right to receive the personal data you have provided to us in a structured format, or, where technically feasible, to request that we transfer it to another data controller.
Where our processing is based on consent, you have the right to withdraw that consent at any time. This does not affect the legality of processing carried out before the withdrawal.
You have the right to contact a competent supervisory authority if you believe we are processing your data incorrectly. Within the EU, you should primarily contact the supervisory authority in the country where you live or work. In Sweden, this is the Swedish Authority for Privacy Protection (IMY).
For customers outside the EU, we recommend contacting IMY as our primary supervisory authority, but you may also contact the relevant authority in your own country if one exists.
We take the security of personal data very seriously. We work both technically and organizationally to protect data against unauthorized access, loss, misuse, or other unlawful processing. Among other measures, we use access controls, logging, encryption, and procedures for authorization management and incident handling.
Our operating environments are protected by firewalls and monitored around the clock. We also engage in continuous risk management and staff training to ensure a high level of security awareness throughout the organization. Our systems and processes are regularly tested and improved to maintain a high level of information security.
We may update this policy as needed, for example if there are changes in legislation or in our services. The latest version is always published on our website. Major changes will be communicated to affected customers.