Privacy Policy

MEV Privacy Policy


  1. Scope
  2. Information we may Collect from or About You
  3. Where we Store and access your Personal Data
  4. How we Use Information About You
  5. Transfer and Disclosure of information About You
  6. You can Opt-Out of E-Mail Correspondence and Access and Correct the Information we collect
  7. Data Integrity
  8. Security
  9. Limitation on Scope of Privacy Principles
  10. Compliance and Enforcement
  11. Unlawful Use of MEV Software
  12. We do not Knowingly Collect Information from Children who are Under 13 (or under 16 in the EU)
  13. Other Sites
  14. Your rights
  15. Data retention
  16. Changes to our Privacy Policy
  17. How to Contact Us
  18. MEV Subsidiaries
  19. Data processing terms & conditions


1. Scope

MATERIAL EXCHANGE VENTURES AB SWEDEN (“MEV”) IS committed to protecting and respecting your privacy.
This Privacy Policy (“Policy”) explains the basis on which we process any personal data we collect from or about you, or that you or any third party provide to us, not only from the use of our website, such as (our “Site”), but also in connection with managing our workforce, conducting our business, SaaS services, and from any other means. Please read the following carefully to understand our practices regarding how we process personal data and how we will treat it.
We may revise this Policy from time to time. The most current version of this Policy will govern our use of your personal data. If we decide to change our Policy, we will post the updated Policy on this site and update the Policy modification date. Please check back regularly to review any changes to this Policy.

“Personal data” means any information or set of information that relates to an identifiable individual, either directly or indirectly. Personal data does not include information that is encoded or anonymized.


2. Information we may Collect from or About You

Personal Data

We may collect and process the following data about you:

Whether or not you choose to provide the information we request is entirely up to you and you are not under any statutory or legal obligation to provide Personal Information. But if you choose not to provide the information we request, you may be unable to purchase products or services or access certain services, offers, and content on the Website.


IP addresses and other Technical Information

When you visit our site, we may collect information about your computer, including where available, your IP address, domain name, operating system and browser type, certain hardware or device information and other technical information. This is information about browsing actions and patterns and the use of certain software products and apps, and does not identify any individual except where user settings are configured by the user to provide personal data or where we have expressly notified you in the course of registering for, or accessing a service that personal data will be collected.


Website Cookies & Beacons

Our site uses cookies (a small piece of information that is placed on your computer when you visit certain websites) to distinguish you from other users, to track your browsing pattern and to build a profile of how you and other users use our site. This helps us to provide you with a good experience when you browse any of our sites and also allows us to improve our site. If you have an online account with us, MEV also uses cookies to recognize you to pre-fill forms to save you time. MEV does not mandate Cookies for you to access our sites, and you may freely set your browser to reject all Cookies or prompt you to accept or reject them. Some of the cookies we use are session cookies and only last until you close your browser, others are persistent cookies which are stored on your computer for longer. We may collect information through web beacons about your web browsing activities such as the address of the page you are visiting, the address of the referrer page you had previously visited, the time you are viewing the page, your browsing environment and your display settings. We do this in order to optimize your browsing experience, the use of web-based services and provide you with relevant information on MEV products and interest based advertising. Please be aware that if you choose to block cookies, you may not be able to sign in or use those features, and preferences that are dependent on cookies may be lost. If you choose to delete cookies, settings and preferences controlled by those cookies, including advertising preferences, will be deleted and may need to be recreated.


Do-Not-Track Signals and Similar Mechanisms

Some Web browsers may transmit do-not-track (DNT) signals to websites with which the browser communicates. We will automatically collect cookies and other non-personally identifying information when you visit our Website and, therefore, do not respond to DNT signals.


Third-Party Hosting

The Company contracts with a third party to maintain and host the Website. Therefore, any information you submit, including personal information, will be placed and stored on a computer server maintained by this third-party host. The third party has agreed to implement technology and security features and strict policy guidelines to safeguard the privacy of your personal information from unauthorized access or improper use.


Site Technologies

The Company does not provide the technologies used to build the Website, and therefore neither recommends nor endorses the same. Any information regarding identified technologies, including their capabilities, limitations, and applications, should be sought directly from their manufacturers. The Company hereby disclaims any rights to trademarks, service marks, trade names, logos, copyrights, patents, domain names, or other intellectual property interests of third parties.


P3P Policy Setting

All information contained within this Privacy Policy supersedes browser P3P Policy settings, which may have been set to insure maximum access to our software as a service applications, while at the same time maximizing the protection of our users. Only those representations presented here in writing will be honoured; any changes, oral, or otherwise, will not be honoured.


3. Where we Store and access your Personal Data

MEV is a global company and as such personal data may be accessed anywhere in the world. If you are visiting our site or communicating electronically with us, various communications will necessarily result in a transfer of information across international boundaries. Accordingly, by visiting our site and/or communicating electronically with us (including the in the process of our providing information, software or services to you), you acknowledge that your personal data may be processed in a country other than the one in which you reside.


4. How we Use Information About You

In general, we will only process personal data where the processing is in our legitimate business interests or required to perform a contract with you or our corporate client. We use personal data held about you in the following ways:

We may provide information to you in the form of emails, mailings, website displays or other correspondence methods.

We are interested in your views, and we value feedback, and we may therefore set up notice boards, newsgroups, community feedback sites, email systems, forum facilities and/or chat rooms on our sites. Any information that you disclose via such facilities will be used in accordance with the terms of service for the particular forum and in the absence of such terms of service, this Policy. However, we can of course not control and be responsible for other parties’ use of the personal data which you make available to them through such facilities and otherwise on our sites. We encourage you to be careful about what personal data you share in this way.

MEV will offer individuals the opportunity to choose (opt-out) whether they receive communications from MEV or its authorized resellers concerning MEV products and services (as described further below).

We will only use and share personal data in ways that are relevant for the purposes for which the information was collected or subsequently authorized by you.


5. Transfer and Disclosure of information About You

To Other Third Parties.

We may transfer or disclose personal data to other third parties who agree to process such personal data in accordance with our instructions and provide appropriate technical and organizational security measures. Such third parties may include:

It is MEV’s policy to never sell your information to list brokers or similar entities for commercial gain.


6. You can Opt-Out of E-Mail Correspondence and Access and Correct the Information we collect.

In certain circumstances you may have the right to ask us not to process your personal data (“opt-out”). We will usually inform you (before collecting your data) how we intend to use your data or if we intend to disclose your information to any third party for the purpose for which it was collected. If you want to opt-out please contact as set out below.

You may also opt-out of future marketing correspondence by updating your preferences using the link on the footer of e-mail correspondence.

Upon request, we will provide you with reasonable access to personal data about you in our possession, and will take reasonable steps to permit you to correct, amend, or delete personal data that you demonstrate to be inaccurate or incomplete. If you have a online account, you may access the data that has recorded and update or correct the information at any time. You may also opt-out of future correspondence by updating your preferences. To do this go to and visit your accounts. If you don’t have an account or are unable to locate your account information, you can create one or you may request a copy of the personal data we have stored and/or exercise your opt-out right by contacting When updating personal data about you, we may ask you to verify your identity before we can act on your request.

We may reject requests that are fraudulent, unreasonably repetitious, require disproportionate technical effort (for example, developing a new system or fundamentally changing an existing practice), or would be extremely impractical (for example, requests concerning information residing on backup tapes).

Where we can provide information access and correction, we will do so at no cost to you, except where it would require a disproportionate effort. We aim to protect information from accidental or malicious alteration or destruction. Accordingly, after your information is deleted, we may not immediately delete residual copies from our active servers or remove information from our backup systems.


7. Data Integrity

We will take reasonable steps to ensure that personal data that we process is reliable for its intended use, accurate, complete, and current. You are responsible for the accuracy of all personal data you provide to us. We will use reasonable efforts to maintain the accuracy and integrity of the personal data we obtain, and to update it as appropriate. We will take reasonable steps to ensure that personal data is reliable for its intended use.


8. Security

We have implemented, and will maintain current, reasonable physical, technical, and organizational security measures for the purpose of protecting the personal data in our possession from loss, misuse, and unauthorized access, disclosure, alteration, or destruction.

Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we have security measures in place to protect your personal data, we cannot guarantee the security of your data transmitted to our sites; any transmission is at your own risk.


9. Limitation on Scope of Privacy Principles

Adherence by MEV to this privacy policy may be limited to the extent required to meet a legal, governmental, national security, or public interest obligation.


10. Compliance and Enforcement

MEV will conduct periodic internal compliance audits of our relevant privacy practices to verify adherence to this privacy policy. We encourage individuals covered by this Policy to raise any concerns they have about the way we process their personal data by contacting us at the address below.

MEV commits to resolve questions and complaints about your privacy and its collection or processing of your personal data. Individuals who believe that MEV is not complying with the terms of this Policy, can contact MEV by email at We will answer any questions and to investigate any concerns or complaints. We will do our best to internally resolve any complaints and disputes regarding the use and disclosure of personal data brought to our attention.

Our IT Security & Privacy Officer

We have appointed an IT Security & Privacy Officer, who is responsible for ensuring that the protection of your Personal Information or other information collected is carried out in accordance with this Privacy Disclosure. The following person serves as our IT Security & Privacy Officer: Petersbergsstigen 9C, 144 52 RÖNNINGE, Sweden or


11. Unlawful Use of MEV Software

MEV regards software piracy as the crime it is, and we view offenders accordingly. We do not tolerate the unlawful use of MEV software products, and we pursue those who do so using all legal means available, including public and private surveillance resources. As part of these efforts, MEV utilizes data monitoring and scouring technologies to obtain and transmit data on unauthorized use of software. Such data may be transferred and processed in a country other than the one where the software is being used or accessed. If you are using an unauthorised or unlicensed copy of our software, cease using it immediately and contact MEV to obtain a legally licensed copy. By using an unauthorized or unlicensed copy of MEV software, you should be aware that MEV will collect, use, and transfer personal data internationally for the purposes of identifying users of such software. This personal data may include online identification, such as IP address, MAC address and geolocation.


12. We do not Knowingly Collect Information from Children who are Under 13 (or under 16 in the EU)

Our site is not directed to children younger than age thirteen (13) or under the age of sixteen 16 in the EU. We do not knowingly collect personal data from children under these ages on any of our sites and we will delete any such information later determined to be from such young person, unless we have received consent to collect such personal data from the child’s parent or guardian. In the event a parent or guardian believes that his/her child has provided information to MEV and wishes that data to be removed or corrected, please contact MEV as described below.


13. Other Sites

Our site may, from time to time, contain links to and from the websites of our authorized resellers, business partners, industry forums, analysts and to other sites that are relevant to our products and services. Additionally, for some of the functions within our websites we link to/use third party suppliers for example, when you visit a page with videos embedded from or links to YouTube or slideshare. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.


14. Your rights

In certain circumstances, if you are an EEA resident, you may exercise the rights available to you under applicable data protection laws as follows:


17. How to Contact Us

If you have any questions or concerns about our use of your personal information or this Privacy Policy, please contact us using the following details: IT Security & Privacy Officer Petersbergsstigen 9C, 144 52 RÖNNINGE, Sweden or

Version: August 15, 2018:


In the provision of certain services under the terms of the Agreement as defined below, Customer, as controller will require MEV to process certain personal data received from Customer. The parties agree that these terms and conditions shall apply to all such processing undertaken by MEV on behalf of Customer and shall be supplemental to the terms of the Agreement. 1. Appointment.

Customer as controller of certain personal data appoints MEV as processor to process the personal data listed in the Schedule(s) (the “Data”) for the purposes also described in the Schedule(s) (or as otherwise agreed in writing by the parties) (the “Permitted Purpose”). Each party shall comply with the obligations that apply to it under Applicable Data Protection Law.



In these terms and conditions, the following terms shall have the following meanings:

  1. Agreement”: Any agreement between MEV and Customer under the terms of which MEV provides services or licenses to Customer, including but not limited to MEV SaaS Service Terms and Conditions;
  2. controller”, “processor”, “data subject”, “personal data”, “personal data breach” “processing” (and “process”) and “special categories of personal data” and “supervisory authority” shall have the meanings given in Applicable Data Protection Law; and
  3. Applicable Data Protection Law” shall mean, where personal data of EU residents is processed (i) prior to 25 May 2018, the EU Data Protection Directive (Directive 95/46/EC); (ii) on and after 25 May 2018, the EU General Data Protection Regulation (Regulation 2016/679), and (iii) where personal data of non-EU residents is processed any applicable privacy law in the relevant jurisdiction. All other terms shall be as defined in the applicable Agreement.


International transfers

MEV may need to transfer personal data out of the country that the Customer or the data subjects are located. All such transfers shall be in accordance with MEV’s Global Data Transfer Agreement, or such other measures that permit the lawful transfer of personal data out of the EEA such as transferring the personal data to a recipient that has achieved binding corporate rules authorisation in accordance with Applicable Data Protection Law, or to a recipient that has executed standard contractual clauses adopted or approved by the European Commission.


Confidentiality of processing

MEV shall ensure that any person it authorises to process the personal data (an “Authorised Person”) shall protect the personal data in accordance with have committed themselves to preserve the confidentiality of such personal data.



MEV shall implement the technical and organisational measures as set out in the Schedule to protect the personal data (i) from accidental or unlawful destruction, and (ii) loss, alteration, unauthorised disclosure of, or access to the personal data.


Cooperation and data subjects’ rights

MEV shall provide reasonable and timely assistance to Customer (at Customer’s expense) to enable Customer to respond to: (i) any request from a data subject to exercise any of its rights under Applicable Data Protection Law (including its rights of access, correction, objection, erasure and data portability, as applicable); and (ii) any other correspondence, enquiry or complaint received from a data subject, regulator or other third party in connection with the processing of the Data. In the event that any such request, correspondence, enquiry or complaint is made directly to MEV, MEV shall promptly inform Customer providing full details of the same.


Personal Data Breach

If it become aware of a confirmed personal data breach, MEV shall inform Customer without undue delay and shall provide reasonable information and cooperation to Customer so that Customer can fulfil any data breach reporting obligations it may have under (and in accordance with the timescales required by) Applicable Data Protection Law. MEV shall further take such any reasonably necessary measures and actions to remedy or mitigate the effects of the personal data breach and shall keep Customer informed of all material developments in connection with the personal data breach. Deletion or return of Personal Data Upon termination or expiry of the Principle Agreement, MEV shall (at Customer’s election) destroy or return to Customer all personal data in its possession or control. This requirement shall not apply to the extent that MEV is required by applicable law to retain some or all of the personal data, or to personal data it has archived on backup systems, which personal data MEV shall securely isolate and protect from any further processing except to the extent required by such law.



Each party’s liability to the other in respect of any individual claim for breach of contract, negligence, breach of statutory duty or otherwise in relation to these terms and conditions will be limited in accordance with the terms of the Principal, which personal data MEV shall securely isolate and protect from any further processing except to the extent required by such law.



The laws governing the Agreement shall apply to these terms and conditions except in the case where personal data of EU citizens is being processed and the jurisdiction of the Principle Agreement is not that of a member state of the EU, in which case the laws of the Republic of Ireland shall apply in default. These terms and conditions and the terms of the Principle Agreement referred to herein embody the whole agreement of the parties with respect to its subject matter.



Security Measures

Description of the technical and organisational security measures implemented by MEV as processor:

  1. Secure user authentication protocols including:
    • Control user IDs and other identifiers
    • Provide a reasonably secure method of assigning and selecting passwords (or use an alternative authentication technology such as
    biometrics or token devices)
    • Control data security passwords to ensure that such passwords are kept in a location and/or format that does not compromise the
    security of the data they protect
    • Restrict access to active users and active user accounts only
    • Block access to user identification after multiple unsuccessful attempts to gain access or the limitation placed on access for
    the particular system
    • Restrict access to records and files containing personal information to those who need such information to perform their jub duties
    • Assign unique identifications plus passwords, which are not vendor supplied default passwords, to each person with customer
    access, that are reasonably designed to maintain the integrity of the security of the access controls
  2. Encrypt (to the extent technically feasible) all transmitted records and files containing personal information
    that will travel across public networks, and encryption of all data to be transmitted wirelessly
  3. Implement reasonable monitoring of systems, for unauthorized use of or access to personal information
  4. Encrypt all personal information stored on laptops or other portable devices
  5. Provide reasonably up-to-date firewall protection and operating system security patches for files containing
    personal information on a system that is connected to the Internet, designed to maintain the integrity of the
    personal information
  6. Provide reasonably up-to-date versions of system security agent software, which must include malware protection
    and reasonably up-todate patches and virus definitions, or a version of such a software that can still be supported
    with up-to-date patches and virus definitions, and is set to receive the most current security updates on a regular basis



Data subjects

The Personal Data relating to the following categories of data subjects:

Personal Data Categories Name, Company, organisation, business contact details, interactions with MEV’s products and services such as logfiles and incident reports, training records and data that may be processed by MEV’s products and other personal data that an individual may share with MEV. IP addresses, cookie data, device identifiers and similar device-related information.
Permitted Purpose: To DELIVER MEV SOFTWARE & SERVICES to Customer in accordance with the terms of the Agreement and Customer’s instructions.