Security and data protection

Svalna uses certified security solutions and all data traffic is encrypted. Our security architecture has been designed in accordance with the guidelines of the Open Web Application Security Project, and evaluated by Kirei, one of Sweden’s leading IT security companies. Our security architecture prevents personal data from being used for illegitimate purposes and disseminated to unauthorized third parties. All communication is SSL encrypted, and our servers are certified according to both ISO 27001 and PCI-DSS, a security standard developed by credit card companies.

For our app users, we collect data directly from the bank via a secure service provided by Tink AB. By accepting our terms of use and connecting your bank to the app, you agree that we collect information about when, where and how much money you spent, from your bank. You also agree that we use the information to categorize your purchases and estimate the emissions based on where you shopped. Together with Tink AB, we have developed a solution in which transaction data are not saved on our servers.

We are responsible for personal data in accordance with 3 § of the Personal Data Act – a responsibility that we take very seriously. Our privacy policy clarifies how we use your information (only available in Swedish). Please also read our terms of use (also only in Swedish). Our app users can terminate their accounts at Svalna at any time. If you choose to terminate your account, all information about you will be permanently deleted from our systems.

For our corporate customers and clients in the public sector, we develop client-specific agreements which regulate the access and handling of personal data and other sensitive information. Do not hesitate to contact us for more information about security and data protection!