Privacy Policy – Provider of the Ngager Service
The provider of the cloud-based software service Ngager (“the Provider”, “we”, “us”) processes personal data for the purpose of providing, administering, and developing the Service (“the Service”), as well as fulfilling our legal and contractual obligations towards the Customer and its users.
This privacy policy (“the Policy”) describes how the Provider collects, uses, stores, protects, and transfers personal data. All processing is carried out in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and applicable Swedish legislation.
1. Data Controller
Ngager Communication Group AB (the Provider)
Company registration number: 559372-8297
Norra Allégatan 7
SE-413 01 Gothenburg
Sweden
Email: admin@ngager.com
The Provider is the data controller for the processing covered by this Policy. For questions regarding the processing of personal data or the exercise of data subject rights, the Customer should contact the Provider using the details above.
2. Definition of Personal Data
Personal data means any information that directly or indirectly relates to an identified or identifiable natural person, such as name, email address, telephone number, IP address, customer number, or electronic identifiers.
3. Collection of Personal Data
The Provider collects personal data when:
the Customer registers an account or uses the Service
the Customer or the Provider’s partner organization enters into an agreement with the Provider
the Customer signs up for newsletters, demonstrations, or webinars
the Customer’s employer grants users access to the Service
the Customer uses the Provider’s website or communicates with us
Personal data may also be generated automatically through use of the Service.
4. Categories of Personal Data Processed by the Provider
Depending on how the Customer or User interacts with the Service, the Provider may process the following categories of personal data:
4.1 Contact Details
Used for customer administration, communication, and account management.
name
email address
telephone number
address
organization number
4.2 Account Information and Authentication
Used to create and manage user accounts in the Service.
username
password (stored in encrypted form)
4.3 User Data in the Service
Generated when the User uses the Service and required to deliver functionality, reporting, and follow-up.
completed courses, training sessions, and assignments
responses in activities and interactions
viewed or interacted content
user behavior and activity logs
4.4 Technical Data
Collected automatically to ensure operation, security, and performance.
IP address
browser type
operating system
device identifiers
logs and technical events
4.5 Data from Integrations
Processed when the Customer connects external systems or services to the Service.
data transferred via API connections or imports
(e.g. from CRM systems, HR systems, or other tools connected by the Customer)
The Provider processes only personal data that is necessary to provide, administer, and improve the Service.
5. Purposes of Processing
The Provider processes personal data for the following purposes:
to provide, configure, operate, and develop the Service
to administer customer relationships and fulfill contractual obligations
to comply with legal requirements, such as accounting legislation
to communicate with the Customer and its users, including information and marketing communications (only where consent is required and obtained)
6. Legal Basis for Processing
The processing of personal data is based on:
Contract – necessary for the Provider to fulfill agreements with the Customer or the Customer’s employer
Legal obligation – for example, requirements under accounting legislation
Consent – for marketing activities not covered by contract or legitimate interest
The Customer or User may withdraw a given consent at any time.
7. Marketing
The Provider may contact the Customer or the Customer’s representatives via email or telephone to provide information about the Service. The Customer may unsubscribe from communications at any time via the link included in each message or by contacting the Provider.
8. Recipients of Personal Data
The Provider discloses personal data only to third parties that meet documented data protection requirements and that act in accordance with the Provider’s instructions under data processing agreements.
The Provider’s data processors are covered by the Ngager DPA and are listed in a separate document.
Processors may only process personal data for purposes consistent with this Policy and the Provider’s instructions.
9. Transfers to Third Countries
The Provider strives to ensure that personal data is processed within the EU/EEA. If transfers to third countries occur, the Provider ensures—through standard contractual clauses and other technical and organizational safeguards—that the level of protection corresponds to GDPR requirements.
10. Retention Period
Customer and supplier data is retained for seven (7) years in accordance with accounting legislation.
Other personal data is retained only for as long as necessary for the purposes set out in this Policy, and no longer than one (1) year after the contractual relationship has ended, after which the data is deleted or anonymized.
11. Data Subject Rights
The data subject has the following rights under the GDPR:
Right of access – to receive information about which personal data is being processed
Right to rectification – to have incorrect or incomplete data corrected
Right to erasure – when the legal requirements are met
Right to restriction of processing – for example, while the accuracy of data is being verified
Right to data portability – to receive and transfer data that the data subject has provided
Right to object – to processing based on legitimate interest or direct marketing
To exercise your rights, please contact: admin@ngager.com
12. Cookies
The Provider uses cookies to:
improve the user experience
analyze user behavior
enable technical functionality
provide relevant marketing
The website offers a consent management system where the Customer can choose which cookies to allow. A detailed list of cookies is available in the Provider’s Cookie Policy.
13. Changes to the Policy
The Provider may update this Policy as needed. The latest version is always available on the Provider’s website.
This Policy was last updated on 10 December 2025.
14. Complaints
Questions or comments regarding the processing of personal data may be sent to: admin@ngager.com.
The data subject also has the right to lodge a complaint with the Swedish Authority for Privacy Protection (IMY): www.imy.se.
[Version 251217i]
