privacy notice

Inriver AB (“we”, “our” or “inriver”) is committed to protecting your information. This Privacy Notice explains why we collect personal information about you and what we do with it, what personal information we collect, for how long we store it and who we may share it with. We encourage you to read the Privacy Notice carefully, as it also specifies the rights you have regarding your personal data and how you can exercise your rights. If you are visually impaired, you may access this Privacy Notice through your browser’s audio reader.

We at inriver take your privacy seriously and we are sensitive to potential concerns about how we use the personal information, as defined by applicable privacy laws, that we may collect from time-to-time from and about you. This Privacy Notice includes information for U.S. residents and individuals located within the European Union.

California residents: Please refer to the California Privacy Addendum available here.
Colorado residents: Please refer to the Colorado Privacy Addendum available here.
Virginia residents: Please refer to the Virginia Privacy Addendum available here.

Inriver’s whistleblowing policy can be found here.

B2B

inriver is a B2B (“Business to Business”) company. This term means that we are a company that creates services geared toward other businesses. Therefore, we do not typically collect general information from individual consumers except from individuals as authorized users of a business that utilizes or subscribes to one of our services, or who may become a customer. Our services are not designed for children under 13, and in compliance with the Children’s Online Privacy Protection Act (“COPPA”), we do not intentionally or knowingly collect personal information from users who are under the age of 13 or from other websites or services directed at children. If we discover that a child under 13 has provided us with personal information, we will delete such information.

By registering with us or by using the inriver PIM Service, you are authorizing us to collect, store and use your email address, and other such personal information you provide during registration or through the use of the inriver PIM Service, in accordance with this Privacy Notice. inriver is the Controller of such personal information. As used in this Privacy Notice, personal information means information that relates, and is capable of being linked, to a particular person. It does not include de-identified or aggregate information.

In compliance with the CAN-SPAM Act, all emails sent from our organization will clearly state who the email is from and provide clear information on how to contact the sender. In addition, all commercial email messages will also contain concise information on how to remove yourself from our mailing list so that you receive no further e-mail communication from us.

Frequently asked questions

We use the personal information to be able to deliver the products or services, to validate access to the inriver PIM Service and to track the use of the inriver PIM Service, and to provide support to the services. We need the personal information to send you operational information about the services, and for contractual and financial reasons. We use your personal information to market our services, and to provide information about new services, newsletters and invitations to our events. The personal information that you provide us with will be used for responding to your questions or requests and will be stored in our systems due to administrative and back-up reasons.
Processing for sales and marketing
We collect the personal information that you provide us with when you sign up on inriver’s e-mailing lists or register for inriver newsletters or other forms on www.inriver.com. We might also collect personal information about you from other sources, such as social media sites like LinkedIn and/or the website of the company you work for. If we collect personal information about you from any other source than yourself, we always specify where we got the information by e-mail to you. We collect, store and use your personal information when you contact us, for example if you visit our website, make an enquiry on our website, send us an e-mail or phone us.
Processing in the inriver PIM Service and Support
We collect personal information that you, your employer or principal provide us with when you use the inriver PIM Service or for granting you access to the inriver PIM Service. We also collect personal information that tracks your use of the inriver PIM Service, when you contact inriver support function, or create an account at the inriver support function.
Processing for sales and marketing
The information we collect will in most cases include your name, e-mail, phone number, address, job title, company, the content of your message to us and other information you provide us with. We might also collect IP addresses, user ID’s, Twitter, LinkedIn or other social media accounts, and activities on inriver’s website.
For the purpose of hosting events our marketing department may also collect food preferences for a specific event. Responses to questions regarding special dietary requirements can potentially reveal the religious affiliation or health information of the attendee and should be treated as sensitive data. At events organized by inriver we collect your name, e-mail, company details, invoice postal address, VAT number/TAX ID and the comments/requests you provide us with in the registration form. We may also collect personal information when in contact with you regarding an event by e-mail or by phone. We will take photos and film during events, which may contain images of you. inriver will collect, store and use this personal data for the purpose of providing you with the services you are entitled to as a participant of the event, answering inquiries/questions regarding the event and may also use your personal information for sending you newsletters and/or information about inriver events and services. The photos/films taken of an event may be used publicly, for example by posting on our website and/or on social media platforms, for purposes of marketing events. The processing of your personal information is based on our legitimate interest and is necessary for inriver’s performance of events and for direct marketing purposes of inriver. Your submission of personal information is necessary for participating in events, and without it you will not be able to attend such events. We may pass your personal information on to third-party service providers, partners and/or sponsors.
As part of the services, we may provide links to or compatibility with other websites or applications; however, we are not responsible for the privacy practices employed by those websites or the information or content they contain nor are we liable for third party products, services, acts and/or omissions. This Privacy Notice applies solely to information collected by us in relation to the services and your use of the services. Therefore, this Privacy Notice does not apply to your use of a third-party website accessed by selecting a link via the services. To the extent that you access or use the services through or on another website or application, then the privacy notice of that other website or application will apply to such access and/or use. We encourage our users to read the privacy statements of other websites before proceeding to use them.
The legal basis for our processing of your personal information is that processing is necessary for the purpose of the legitimate interests of inriver to market our products and services, to respond to your questions and enquiries and to host inriver events together with sponsors. inriver may under certain circumstances process personal information based on consent. inriver may request consent from you in order to process certain information and/or to transfer such information to a third party. In such case you must explicitly consent to the processing in question prior to inriver processing the data. You may at anytime withdraw your consent to a specific processing activity by notifying inriver of such withdrawal by emailing or contacting the contact person as described below.
Processing in the inriver PIM Service and Support
For the provision of the inriver PIM Service inriver will process a user’s name, login information (e-mail address) and other account information and track your usage of the inriver PIM Service. As part of our support processes, we may ask you for copies of the database and log files from your inriver server for the purposes of resolving any technical issues.
The legal basis for our processing of your personal information is that processing is necessary for the purpose of the legitimate interests of inriver to provide its products and services, to validate access to the inriver PIM Service, to track the use of the inriver PIM Service and to provide support to our customers.
Surveys
We may provide you with the opportunity to participate in surveys through our website, products and/or services to determine customer satisfaction levels. If you participate, we may request certain personal information from you. Participation in surveys is completely voluntary and you therefore have a choice whether to disclose such information.
Cookies
Please review our Cookie Policy for more information on how we use Cookies and other tracking technologies.
We may pass your personal information on to third-party service providers contracted by us; to contracted inriver Partners or to other legal entities within the inriver group of companies, i.e. inriver AB, inriver B.V., inriver Inc., and inriver Ltd. We use software service providers for storing of data, providing support to our services, managing and administering customer relations and managing and administering our marketing and sales activities. All contracted third-party service providers are obliged to keep your details securely, and to use them only to fulfill the service they provide us, or our customers on our behalf. inriver may share your contact information with contracted inriver Partners for the purpose of marketing and sales activities related to the inriver PIM Service or ancillary services.
If your personal information is transferred to or accessed by a third party outside the European Union or the European Economic Area (EU/EEA) inriver will secure that appropriate safeguards are in place which provide adequate levels of protection of your personal information as required by GDPR or other applicable data protection or privacy laws. For example, this may include the use of intercompany or external data processing agreements as well as the EU approved Standard Contractual Clauses or such other mechanisms as have been recognized or approved by the relevant authorities from time to time.
We have two ( 2 ) networked data centers (one in Ireland and another in the U.S.). We utilize Microsoft Azure architecture to host customer environments.
Apart from contracted third-party service providers, contracted inriver Partners or other legal entities within the inriver group of companies your information will not be shared with anyone else. Please note however, that we can provide access to your personal information in case of illegal or abusive use, or in case we receive orders from a competent legal authority. We may also disclose your personal information as required by law, such as in response to a subpoena, a lawful request by a public authority, in response to a law enforcement warrant, or similar legal process.
Our processing of your personal information is carried out in accordance with the European Data Protection legislation, which prevents us from making unlawful use of your personal information.
At any time, you have the right to:
- Right to be informed: about how your personal information is being processed.
- Right of access by the data subject: to the personal information we hold about you. You have the right to request copies of your personal information.
- Right to rectification: this means you have the right to have your personal information corrected if it is inaccurate and to have incomplete personal information completed. This can also be done if you have an online account with us.
- Right to erasure (“right to be forgotten”): this means that under certain circumstances, you have the right to request we remove your personal information from our system.
- Right to restrict processing: this means that in certain conditions you have the right to restrict processing of your personal information.
- Right to data portability: you have the right to request us to transfer the data that we have collected to another organization/ company, or directly to you, under certain conditions.
- Right to object: this means that under certain conditions, you have the right to object to the processing of your personal information.
- Rights in relation to automated decision making, including profiling: this means that if applicable, you have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
All this is provided to you free of charge. To exercise your rights, please contact us. If you have a complaint about how we use your personal information, you have the right to lodge a complaint with the supervisory authority (in Sweden; Integritetsskyddsmyndigheten, Box 8114, 104 20 Stockholm).
We implement security measures designed to protect your information from unauthorized access, alteration, disclosure and/or destruction. Because no method of transmission over the Internet, or method of electronic storage, is fully secure we cannot warrant the security of any information a user transmits to us or guarantee that information on the services may not be accessed, disclosed, altered, and/or destroyed by breach of any of our physical, technical and/or managerial safeguards. Any account you have with us is protected by your account password and we urge you to take steps to keep your personal information safe by not disclosing your password and by logging out of your account after each use. You are responsible for any access to or use of your account by someone else that has obtained your password, whether or not such access or use has been authorized by you. You should notify us of any unauthorized use of your password or account.
While we use reasonable efforts to protect your personal information from unauthorized access, use, or disclosure, we cannot guarantee the security of your personal information. In the event that we are required by law to inform you of a breach to your personal information we may notify you electronically, in writing, or by telephone, if permitted to do so by law.
inriver is the responsible controller for the processing of your personal information as described in this Privacy Notice. If you wish to contact us regarding your personal information, please use the following contact information:
E-mail legal @inriver.com
You can write to (based in Europe)
inriver AB
Attn: Data Protection Compliance
Södra Tullgatan 4
211 40 Malmö
Sweden
You can write to (based in US)
inriver Inc.
Attn: Privacy Compliance
125 South Wacker Drive, #1550
Chicago, IL 60606

Changes to this Privacy Notice

We keep this Privacy Notice under regular review and will place any updates on this website or notify you via the services or products. The Privacy Notice was last updated on April 20, 2023.

privacy notice

B2B

Frequently asked questions

Why do we collect personal information?

How do we use the personal information?

Where and how do we collect the personal information?

What information do we collect from you?

How long do we keep hold of your information?

Who might we share your information with?

How do we protect your personal information?

Identity and details of inriver

Changes to this Privacy Notice