GDPR and data security – What data do we save and why?

Our philosophy is to track and store as little information as possible. Therefore, our website is cookie free and our apps do not store any personal information about the users. We use Open Source software as much as possible and store everything on our own servers in Sweden to have full control over all data.
On this page, you can read more about how we handle data security.

Technical solution

All apps developed by us are based on the same technical principle. We publish compiled apps that communicate securely with a database on our own server in Sweden. This database controls the functionality and content of the app. The customer can change the content of the database themselves through a CMS (content management system). OnSpotStory controls some settings and functions. The database contains information about the content of the app, not its users.

GPS positioning

Our apps are developed for mediation of local information and stories and the foundation of the apps is an interactive map. Gps is built into the app so that the user can see their own position on the map and receive notifications about places nearby. To get the most out of the app, users are therefore advised to allow GPS positioning. The GPS positions are never stored, the position is only used locally in the app for notification functionality. GPS positions are not sent to our servers.

Open Source

Our policy is to, as much as possible, use established Open Source software and operating systems on our own servers in Sweden. For statistics on how the apps are used, we use Matomo. Data is stored on our own servers in Sweden.

Data protection management

Our apps do not require user login. This means that we do not store any personal data such as name, email etc.

We collect and store data of how the app is used, not who is using it.  We do not use Google Analytics but Matomo on our own server. As a complete IP number is a personal data record only the first two positions of the IP number are collected.

GDPR on our website

OnSpotStory’s policy is to register as little as possible. Therefore, our website is Cookie free. This means that our website does not store any cookies on the visitors’ computers.

Cyber security

All software is continuously updated. A firewall is applied. Alarm system applied.

Authorization management

Only employees at OnSpotStory have access to the computer environment. We do not employ external consultants.

Operation and storage

All data is stored on our own redundant servers in Sweden in secure data halls. Backup takes place daily, weekly, monthly to physically external locations within Sweden. Cold storage is also applied.

Support 

The phone number for emergency support is available 24 hours a day. Otherwise, support is open on weekdays between 09.00 and 17.00 via telephone and e-mail.

For other questions about GDPR and data security:

Call +46 (0) 10-641 05 51

Email: info@onspotstory.com