Privacy Policy

Last updated: January 2025

Introduction

This privacy policy applies to the use of the website emfas.ai and related services, which are operated by Emfas AB ("Emfas", "we", "us", or "our"). We are the data controller of the data collected through the use of our website and services.Emfas AB
Org.nr 559488-6649
Maria Prästgårdsgata 24, 118 52 Stockholm
Email: privacy@emfas.ai

Information We Collect

We collect and process the following types of information:

Account Information: Name, email address, and authentication credentials when you create an account
Product Data: Product catalog information, descriptions, images, and metadata that you upload to our platform
Usage Data: Information about how you interact with our services, including page views, features used, and session duration
Technical Data: IP address, browser type, device information, and cookies
Communications: Messages you send through our support chat or email

How We Use Your Information

We use your information to:

Provide and maintain our AI-powered product information management services
Process and enrich your product catalog data using artificial intelligence
Authenticate your account and maintain security
Communicate with you about your account and our services
Analyze and improve our platform performance and user experience
Comply with legal obligations

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to provide you access to various functions, analyze your behavior, and improve your experience when visiting our website.Most web browsers are set to accept cookies by default. You do not have to accept cookies to visit our website, but it may limit functionality if you do not allow certain cookies.

Types of Cookies We Use

Necessary Cookies

Necessary cookies enable basic website functionality, including authentication, security, and session management. These cookies are essential for the website to function properly and cannot be disabled.

Analytics Cookies

We use analytics cookies to gather statistics about website usage and traffic patterns. This includes:

Google Analytics: Tracks page views, user behavior, and traffic sources to help us understand how visitors use our website. You can opt out using the Google Analytics Opt-Out Browser Add-on.
PostHog: Product analytics tool that helps us understand feature usage and improve our platform.

Third-Party Services and Data Processors

We work with third-party service providers who process data on our behalf to deliver and improve our services:

Essential Service Providers

Clerk: Authentication and user management service. Privacy policy: https://clerk.com/legal/privacy
Amazon Web Services (AWS): Cloud hosting and infrastructure provider. Our servers are located in the EU (Stockholm, Sweden). Privacy policy: https://aws.amazon.com/privacy/
Amazon CloudFront: Content delivery network for faster content delivery. Privacy policy: https://aws.amazon.com/privacy/

AI Service Providers

We use artificial intelligence services (OpenAI, Anthropic, and Google Gemini) to enrich and process your product catalog data. These services receive product information and technical identifiers (such as organization and user IDs) but do not receive personal information such as names or email addresses. Data is processed according to their respective data processing agreements.

Analytics and Business Intelligence

Metabase Cloud: Business intelligence and analytics platform used internally by our team. Only aggregated and anonymized analytics data is sent to this service. Privacy policy: https://www.metabase.com/privacy

Communication Services

Intercom: Customer support chat platform. Privacy policy: https://www.intercom.com/legal/privacy
Loops: Email communication service. Privacy policy: https://loops.so/privacy

E-commerce Platform Integrations

If you connect external data sources (such as Shopify, Centra, or other e-commerce platforms), we will access and process product data from those platforms according to the permissions you grant. Please refer to your respective platform's privacy policy for information about how they handle data.

Data Storage and Security

Your data is stored securely on servers located in the European Union (Stockholm, Sweden) through Amazon Web Services. We implement industry-standard security measures including:

Encryption of data in transit and at rest
Regular security assessments and monitoring
Access controls and authentication mechanisms
Regular backups with encrypted storage

Data Retention and Deletion

We retain personal information according to the following policies:

Active Accounts: Data is retained as long as your account remains active and is necessary to provide our services
Deleted Accounts: Upon account deletion, your data is retained for 30 days to allow for account recovery and backup purposes, after which it is permanently deleted
Log Files: Server logs and technical logs are automatically deleted after 30 days
Legal Obligations: We may retain certain data longer if required by law or to resolve disputes

You may request deletion of your personal data at any time by contacting us at privacy@emfas.ai. Upon verifying your identity, we will delete your data unless we are required to retain it for legal or operational reasons.

Your Rights

Under the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), you have the following rights:

GDPR Rights (EU/EEA Users)

Right to Access: Request a copy of your personal data
Right to Rectification: Request correction of inaccurate or incomplete data
Right to Erasure: Request deletion of your personal data
Right to Restrict Processing: Request limitation on how we process your data
Right to Data Portability: Receive your data in a structured, machine-readable format
Right to Object: Object to processing of your data for certain purposes
Right to Withdraw Consent: Withdraw consent at any time where we rely on consent as the legal basis for processing

CCPA Rights (California Users)

Right to Know: Request information about the categories and specific pieces of personal data we have collected
Right to Delete: Request deletion of your personal data
Right to Opt-Out: Opt out of the sale of personal data (Note: We do not sell personal data)
Right to Non-Discrimination: Exercise your privacy rights without discrimination

To exercise any of these rights, please contact us at privacy@emfas.ai. We will respond to your request within 30 days.

International Data Transfers

While our primary data storage is located in the European Union (Stockholm, Sweden), some of our third-party service providers may be located outside the EU/EEA. When we transfer data internationally, we ensure appropriate safeguards are in place, such as:

Standard Contractual Clauses approved by the European Commission
Data Processing Agreements with all service providers
Adequacy decisions by the European Commission where applicable

Children's Privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal data, please contact us at privacy@emfas.ai.

Changes to This Privacy Policy

We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the new privacy policy on this page and updating the "Last updated" date. Your continued use of our services after such changes constitutes acceptance of the updated policy.

Contact Us

If you have any questions, concerns, or requests regarding this privacy policy or our data practices, please contact us at:Emfas AB
Maria Prästgårdsgata 24
118 52 Stockholm
Sweden
Email: privacy@emfas.aiIf you are located in the EU/EEA and believe we have not adequately addressed your concerns, you have the right to lodge a complaint with your local data protection authority.

emfas

emphasisnoun/ˈɛmfəsɪs/special attention given to something because it is important