Request for quote
Skip to content
Axema
Log in
Svensk flagga

Privacy Information

General Information About Us and the GDPR

Who are we and what do we do?

Axema is a company that provides products and systems for tenant-owner associations, property owners, and other organizations (“customers”). Through Axema’s access control system, Axema VAKA, customers can securely control access to various areas in their properties such as multi family buildings, offices, retail, industrial and public facilities. For Axema VAKA, there are additional products for door entry systems, digital information displays, booking systems, alarm control, and parcel/mailbox units. When a customer decides to use Axema VAKA, the system is installed locally at the customer’s site. In general, it is the customer themselves, or the person responsible on behalf of the customer (e.g., an installer), who manages system permissions.

Axema also provides digital services through Axema VAKA Online, enabling the customer—directly with Axema or via third‑party applications—to administer and/or control functions in a locally installed VAKA system. Axema also provides a customer portal for administration and control of Axema VAKA Online.

Axema’s role as data controller and data processor

When a customer implements and uses an Axema system, personal data is registered and processed about the individuals who use the system. The customer is the data controller under the General Data Protection Regulation (GDPR) for their processing of personal data in Axema’s systems. For services in which Axema accesses, stores, or otherwise handles personal data in the customer’s Axema system—for example, support, troubleshooting, or remote administration—Axema acts as a data processor. More information on Axema’s role as data processor is located further down the page.

When Axema enters into agreements with its customers, Axema processes personal data about the individuals who represent and act as contact persons for the customer. Axema also processes personal data about individuals who visit our website, apply for a job, or otherwise interact with us. For these activities, Axema acts as data controller.

This information explains how Axema processes personal data in its role as data controller. Here you will also find information about your rights under the GDPR and contact details you can use if you have questions about how your personal data is processed. We always take the utmost care to protect your privacy and ensure that your personal data is handled with caution and diligence.

What is personal data and why is it important?

Personal data is any information that directly or indirectly can identify a living individual. It does not matter whether you can be directly identified through the information or whether additional information is required. Examples of personal data include name, phone number, and email address.

To protect your personal data and ensure that you are informed about and can control how your data is processed, the GDPR and other frameworks regulate how companies, authorities, and other actors may process your personal data.

What is the processing of personal data?

Processing of personal data includes essentially anything done with the data—from collection or registration to analysis, sharing, or deletion.

What is a data controller?

As the name suggests, the data controller is the party responsible for the processing of personal data. Under the GDPR, this is the entity that determines the purposes (“why”) and means (“how”) of the processing. For example, if a tenant‑owner association decides to register the personal data of its members into a system that helps the association and its members digitally administer door access, door entry systems, etc. (such as Axema VAKA), the tenant‑owner association is the data controller for the personal data activities carried out using the system.

The data controller is ultimately responsible for ensuring compliance with the GDPR.

Contact details of the data controller

Axema Access Control AB, Reg. No. 556446-1472  

Delivery Address: Byängsgränd 20, 120 40 Årsta

Postal Address: Box 90215, 120 23 Stockholm, Sweden

E-post: [email protected]

Telefon: +46 8 722 34 40 

For customer or supplier representatives

Axema processes personal data about individuals employed by or representing a customer or supplier for the purpose of communicating about agreed services and maintaining Axema’s customer and supplier relationships. Personal data processed includes contact information such as first and last name, phone number, personal identity number (for sole proprietors), email address, company, and any payment information. The legal basis is our legitimate interests in fulfilling agreements and maintaining business relationships.

We process your personal data for as long as you are a contact person for a customer or supplier with whom Axema has an active business relationship.

For representatives of Axema’s partners (installer / reseller / other partners)

Our website offers the ability to register as a partner, providing access to our customer portal. Axema processes personal data about you if you are employed by or represent a partner for the purpose of granting and managing access to your account and communicating with you regarding our collaboration. Personal data may include username, password, first and last name, company and title, personal identity number (sole proprietors), address, email address, and phone number. The legal basis is our legitimate interest in establishing and administering a partner account and managing our collaboration.

We process personal data for as long as we have an active partnership with you or the organization you represent.

For newsletter subscribers

Our website allows you to subscribe to our newsletter to receive news and offers. For newsletter subscribers, we process your name and email address for the purpose of sending newsletters. The legal basis is our legitimate interest in providing you with news and offers.

To send you these mailings, we require your consent under the Swedish Marketing Act (2008:486). You can withdraw your consent at any time using the link in our emails or by emailing [email protected].

We process your personal data as long as we have your consent.

Contact, support, and course participation

You may contact us in various ways through forms on our website or via phone and email. You may also register for our training sessions and courses. In these cases, we process personal data for the purpose of assisting and administering your inquiries and registrations. Data processed includes first and last name, company, email address, mobile number, payment information (if applicable), and any additional personal data you provide. The legal basis is our legitimate interest in communicating with you, managing your case, and providing support or agreed training.

We process your personal data for as long as necessary to manage your case or provide the agreed service.

For job applicants

If you apply for a job or internship with Axema—whether directly, internally, or via a third party (such as LinkedIn or a recruitment agency)—we process the personal data you provide. This typically includes your name, personal identity number, contact details (address, email, phone number), grades, references, certificates, and other application‑related information (e.g., LinkedIn profile, work experience, cover letter). If you complete tests or interviews, we also process notes and results from these activities. We may also obtain information from references, LinkedIn, and other public sources.

We process your personal data on the basis of legitimate interest to review your application, assess your suitability, compare with other candidates, and administer the recruitment process. If we wish to retain your data for future recruitment opportunities, we will do so only with your consent.

We also process your personal data to comply with Axema’s legal obligations, including labor‑law requirements.

We process your data as long as needed for the purposes described. If we wish to save your application for future recruitments, we will always request your consent first.

Cookies

We use cookies on our website. For more information, click the cookie icon at the bottom left of our website.

Who has access to personal data?

We strive to process your personal data only within the EU/EEA, but may sometimes need to use subprocessors located outside the EU/EEA. When we use such service providers (e.g., for email distribution), we enter into data processing agreements and ensure that appropriate safeguards are in place for international transfers, such as adequacy decisions or certification under the EU‑US Data Privacy Framework.

Your rights

Below is a summary of your rights when we process your personal data. If you wish to exercise any of these rights, contact us using the details above. We will inform you of the actions taken as soon as possible and within the timeframes required by the GDPR.

More information is available from the Swedish Authority for Privacy Protection (IMY)

  • Right to information
    When we collect personal data about you, you have the right to specific information about how we process it. This document provides that information. You are always welcome to contact us if you need more details.
  • Right of access
    You have the right to know what personal data we process about you. Upon request, we will provide a copy of the data processed (a “subject access request”). For additional copies, we may charge a reasonable administrative fee.
  • Right to rectification
    You have the right to request correction of inaccurate personal data and to have incomplete data completed. For example, if you change your last name or email address, please contact us so we can update your data.
  • Right to erasure
    In certain circumstances, you have the right to have your personal data erased—for example, when it is no longer necessary for the purposes for which it was collected. This right is not absolute; for instance, we cannot erase data we are legally required to retain.
  • Right to object
    You may object at any time to processing based on our legitimate interests. If you do so, we may no longer process your data unless we demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or if the processing is necessary for legal claims.
  • Right to restriction
    You may request restricted processing in certain situations, such as when you contest the accuracy of your data or object to specific processing.
  • Right to data portability
    In certain cases, you have the right to receive your personal data in a structured, commonly used format and request its transfer to another controller—e.g., when processing is based on consent or contract.
  • Right to withdraw consent
    Whenever processing is based on your consent, you may withdraw that consent at any time. 
  • Right to lodge a complaint
    If you believe Axema processes your personal data incorrectly, you may file a complaint with the Swedish Authority for Privacy Protection (IMY)

Information for when Axema is the Data Processor

General

The customer who has purchased and uses an Axema system for their operations is the data controller under the GDPR. If you use an Axema system—for example, as a resident, tenant‑owner, employee, etc.—the controller responsible for your personal data is your housing association, property owner, employer, etc. Axema acts as data processor when Axema accesses, stores, or otherwise handles personal data in the customer’s Axema system (e.g., for support, troubleshooting, or remote administration).

To be transparent about how personal data is processed in our services, we describe below what personal data the Axema VAKA system is designed to handle and how processing typically occurs. 

What personal data is collected when using Axema VAKA?

To create electronic keys for all users and assign proper access rights, the following personal data is collected and processed:

  • First and last name
  • Email address
  • Apartment number / floor
  • Event log (information about system activities performed with your electronic key and timestamps)
  • E‑key number
  • Phone number (if using the door entry system)

Sources of personal data

Personal data is usually collected directly from you or from registries already accessible to the data controller, such as a tenant register for a housing association.

Purposes of processing

  • Axema VAKA access control system

Names and apartment numbers are processed to link each individual to the correct electronic key. This allows the system to control which doors each key/user may open. Your email address and/or phone number is also needed to communicate with you regarding system access and usage.

  • Axema Door Entry System

If the door entry system is used and you choose to be included in its directory, your name and phone number are processed so visitors can find and call you from the entry panel.

  • Axema Information Display and Booking System

If used, these systems process your data to enable booking of shared facilities (e.g., laundry room or common areas) and to ensure access to information from your data controller. Your email address and password are processed as login credentials for the web booking system.

  • Event logs

Activities performed using your electronic key—such as opening doors—are logged for maintenance, statistics, troubleshooting, and security‑related investigations.

Who has access to the personal data?

Because Axema VAKA is installed locally, only designated administrators appointed by the data controller have access. The data controller may grant Axema, installers, or third parties remote access via remote login or Axema VAKA Online for support, troubleshooting, or administration.

If a door entry system is used, names of residents or companies in the property will be visible on the unit display for visitors.

Privacy Policy – VAKA Mobile

Effective from: 2025‑04‑24

VAKA Mobile (“the app”) is developed and maintained by Axema Access Control AB (“we”, “us”, “our”). This privacy policy describes how we collect, use, and protect your information when you use our mobile application.

For questions, contact: [email protected]

1. Information we collect

Name and email address:
Collected during login or account activation; used only for authentication and access management.

Device information:
Operating system language: Automatically collected to set the correct app language.

2. How we use the information

All collected data is used solely for the app’s core functionality, including:

  • Secure user authentication
  • Access control
  • Language‑adapted user experience

We do not use your data for advertising, profiling, or analytics.

3. Sharing of information

We do not share user data with third parties.

4. Third‑party services

  • VAKA Mobile uses the following third‑party libraries/services:
  • flutter_secure_storage — secure local storage
  • syncfusion_flutter_calendar / localizations — calendar UI and translations
  • shared_preferences — user preference storage
  • http — secure communication

5. Data retention and deletion

Users can delete their account and data via: Settings > Delete Account

6. Children’s privacy

The app is not directed at children. We do not knowingly collect data from children under 13 (or the applicable legal age).

7. Data security

We protect your information through:

  • Secure storage
  • Encrypted communication
  • Permission and authentication controls

8. Changes to this policy

Changes are reflected in the date above. Continued use of the app constitutes acceptance of updated terms.

By using VAKA Mobile, you accept this privacy policy.