Privacy Policy

When you use Areff System AB’s services, you trust us with your information. This Privacy Policy is meant to help you understand what data we collect, why we collect it, and what we do with it. This is important; we hope you will take time to read it carefully. And remember, you can always get in touch with us to manage your information and protect your privacy and security.

There are different ways you can use our services – to order personalized cards or tags containing -management technology which can hold visual or digital personal data. We do also expose portals towards our clients through which personal information can be submitted and retrieved. All this solely for you being able to make use of the system in order to satisfy the system’s needs. As you use our services, we want you to be clear seen to how we’re using information and the ways in which you can protect your privacy.

Our Privacy Policy explains:

  • What information we collect and why we collect it.
  • How we use that information.
  • The choices we offer, including how to access and update information.

We’ve tried to keep it as simple as possible, but if you’re not familiar with terms like cookies, IP addresses, pixel tags and browsers, then please read about these first for a general understanding. Your privacy matters to Areff Systems AB so whether you are new to using our services or a long-time user, please do take the time to get to know our practices – and if you have any questions, please contact us.

COOKIE POLICY uses cookies. According to the Electronic Communications Act, which came into force on the 25th of July 2003, all visitors to websites using cookies must be informed about this. The visitor must also be able to prevent cookies from being stored on his/her computer.

A cookie is a file stored on your computer. The cookie contains no personal information but is used to make it easier for you to use our services.

If you do not want cookies to be stored on your computer, you can disable the feature in your browser’s settings. However, please be aware that the functionality of can be limited by disabling such.


We collect information for the sole purpose of being able to offer you the service in question. Your company may get evaluated and card orders may require personal information for the given cardholder. Additionally billing related information is required from our side to fulfill your order, aside from any requirements you may state for us to fulfill the order.

We collect information in the following ways:

  • Information you give us.For example, our portal services require you to sign up for an account. When you do, we’ll ask for personal information, like your name, email address, telephone number, invoice and delivery addresses. Additional information about your company may also be required, for specifics we kindly ask you to read the given services FAQ. This does also stand true for any personal information for cardholders for whom you may place card orders.
  • Information we get from your use of our services.We are required to collect personal information for all cardholders you may place card orders for, in order to provide you with such access cards.

Device information

  • We collect device-specific information(such as your hardware model and operating system version).

Unique application numbers

  • Some applications we offer, such as”ID06kort”, include a unique application number. This number and information about your installation (for example, the operating system type and application version number) are being sent alongside every order you place.

Local storage

  • We do collect and store order information (including personal information) locally on your device using mechanisms available from the exposed APIs from iOS/Android.

Cookies and similar technologies

  • We and our 3rd party partnersuse various technologies to collect and store information when you visit an Areff Systems AB service, and this may include using cookies or similar technologies to identify your browser or device.


We use the information we collect from all of our services to provide, maintain, protect and improve them, to develop new ones, and to protect ourselves and our users.

When you contact Areff Systems AB, we keep a record of your communication to help solve any issues you might be facing. We may use your email address to inform you about our services, such as letting you know about upcoming changes or improvements.

We use information collected from cookies and other technologies, like pixel tags, to improve your user experience and the overall quality of our services. One of the products we use to do this on our own services is Google Analytics.

When a service we offer you, requires further transmission of your supplied information, we will transfer this securely to the 3rd party. This in order to ensure you being able to enjoy the service in question, an example of such a service could be the ID06 ecosystem.

We will inform you before using your information for a purpose other than those that are set out in this Privacy Policy.


People have different privacy concerns. Our goal is to be clear about what information we collect, so that you can make meaningful choices about how it is used. For example, you can:

Review certain types of information tied to your account by using our various portal services and the available functions through them.

You may also set your browser to block all cookies, including cookies associated with our services, or to indicate when a cookie is being set by us. However, it’s important to remember that many of our services may not function properly if your cookies are disabled.


Whenever you use our services, we aim to provide you with access to your personal information. If that information is wrong, we strive to give you ways to update it quickly or to delete it – unless we have to keep that information for legitimate business or legal purposes. When updating your personal information, we may ask you to verify your identity before we can act on your request.

We may reject requests that are unreasonably repetitive, require disproportionate technical effort (for example, developing a new system or fundamentally changing an existing practice), risk the privacy of others, or would be extremely impractical (for instance, requests concerning information residing on backup systems).

Where we can provide information access and correction, we will do so for free, except where it would require a disproportionate effort. We aim to maintain our services in a manner that protects information from accidental or malicious destruction. Because of this, after you delete information from our services, we may not immediately delete residual copies from our active servers and may not remove information from our backup systems.


We do not share personal information with companies, organizations and individuals outside of Areff Systems AB unless one of the following circumstances applies:

We will share personal information with companies, organizations or individuals outside of Areff Systems AB when we have your consent to do so. We require opt-in consent for the sharing of any sensitive personal information.


We provide personal information to our affiliates or other trusted businesses or persons to process it for us, based on our instructions and in compliance with our Privacy Policy and any other appropriate confidentiality and security measures. For services requiring transmission of personal information to a 3rd party, for that service to function, the information is being transmitted in compliance with our Privacy Policy and any other appropriate confidentiality and security measures.

We will share personal information with companies, organizations or individuals outside of Areff Systems AB if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to:

  • meet any applicable law, regulation, legal process or enforceable governmental request.
  • enforce applicable Terms of Service, including investigation of potential violations.
  • detect, prevent, or otherwise address fraud, security or technical issues.
  • protect against harm to the rights, property or safety of Google, our users or the public as required or permitted by law.

We may share non-personally identifiable information publicly and with our partners – like publishers, advertisers or connected sites. For example, we may share information publicly to show trends about the general use of our services.

If Areff Systems AB is involved in a merger, acquisition or asset sale, we will continue to ensure the confidentiality of any personal information and give affected users notice before personal information is transferred or becomes subject to a different privacy policy.


We work hard to protect Areff Systems AB and our users from unauthorized access to or unauthorized alteration, disclosure or destruction of information we hold. In particular:

  • We encrypt many of our services using SSL.
  • We review our information collection, storage and processing practices, including physical security measures, to guard against unauthorized access to systems.
  • We restrict access to personal information to Areff Systems AB employees, contractors and agents who need to know that information in order to process it for us, and who are subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations.


Our Privacy Policy applies to all of the services offered by Areff Systems AB, but excludes services that have separate privacy policies that do not incorporate this Privacy Policy.

Our Privacy Policy does not apply to services offered by other companies or individuals, including products or sites that may be displayed to you in search results, sites that may include Areff Systems AB services, or other sites linked from our services. Our Privacy Policy does not cover the information practices of other companies and organizations who advertise our services.


We regularly review our compliance with our Privacy Policy. We also adhere to several self-regulatory frameworks, including the EU-US Privacy Shield Framework. When we receive formal written complaints, we will contact the person who made the complaint to follow up. We work with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints regarding the transfer of personal data that we cannot resolve with our users directly.


Our Privacy Policy may change from time to time. We will post any privacy policy changes on this page and, if the changes are significant, we will provide a more prominent notice. We will also keep prior versions of this Privacy Policy in an archive for your review.