Enter searchword
Menu
Back What is AAC Pathways User stories User conditions
Enter searchword

Start | Privacy Policy

Privacy Policy

General Privacy Policy for the Tobii group – last updated on the 25th of May 2018

Tobii AB (publ) is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using our websites, our services or our products (below we use the word "Services" for easier review), you can be assured that it will only be used in accordance with this Privacy Policy.

This Privacy Policy outlines how Tobii generally handles your personal data. In connection with some of our Services, we will give you more specific information about our handling of your personal data, and we will, where appropriate, ask for your consent before handling your personal data. At the end of this policy, there is information on how to contact us if you have any questions or if you think anything is unclear.  

1. What kind of personal data do we collect?

Depending on which Services you use, we must process different kinds of information from or about you.

Here's how:

  • Personal data and other information you (and others) give us. We collect the information that you (and others) give us when using our Services. For example:
    • When you register to use our Services, we may ask for information such as your name, email address and phone number.
    • For many of our Services, you will have the opportunity to create a user profile (for example in one of our web-based Services), and add information to your profile after registration.
    • If you buy something from us, we collect information about the transaction. This can include your payment information, purchase activity and delivery and contact details.
    • When you communicate with Tobii, you provide us with information such as your email address.
    • Depending on which Services you use, you have the option of submitting information about your physical features, such as information about your eyes and disabilities concerning your eyes, or other health related data.
    • If you seek customer support for one of our Services, then it's sometimes necessary for us to access your personal information to be able to help you with your problem (for example if we need to remotely control your device to troubleshoot). In those cases, we will either delete the data once the support matter has been resolved (as in the remote control case), or store the data according to applicable retention routines within the Tobii group, if we find that either you or Tobii has a legitimate interest in doing so.
    • We collect content and information about content that you create using our Services.
  • Personal data and other information which is automatically collected about you when you use our services. We also collect information automatically when you are connected to our Services. Depending on how you access and use our Services, we collect information such as:
    • Information about how you access our Services, including information about the type of device that you're using, its configuration (such as your operating system and graphics processing unit), your browser, and how your device is performing.
    • Information about the features you interact with on our Services. For example, when you use our devices, we may collect information on how often you use a certain feature, including from third parties. 
    • Information about you and your social media profile if you choose to access our Services with a social media profile. Please note that the information you share within the scope of those social media services, is not applicable to this Privacy policy.
  • Third parties may also collect information about you through the Services, or receive information collected about you through the Services, as described below.
    • Related companies.
      We may share your personal data within the Tobii group in order to develop and improve our products and Services. Such information, however, is anonymized to the best extent possible.
    • Third party companies.

      Some of our Services offers the opportunity to use a social media account as an access method to the Service. If you choose to do so, that social media platform will receive information that you chose that access method at one of Tobii’s Services, and we will receive some types of information from the social media site. How that social media platform processes your information falls outside the scope of this Privacy policy.

2. How do we use your personal data?

We use the information as set out below and to provide our Services to you and our partners. Here's how:

  • To provide and personalise our Services.  We use the information we collect to provide you with our Services. For example, we use this information to:
    • Provide you with hardware, content, games, apps and other needs;
    • Create accounts and user profiles;
    • Communicate with you about our Services;
    • Provide technical support;
    • Notify you about updates to our Services; and
    • Customise your usage based on your activities, including the content, games, apps and other experiences you interact with. This allows us to make our Services unique and relevant to you, for example by showing you content that is most relevant to you.
  • To improve and develop your experience and our Services. We also use the information that we collect to understand, develop and improve our Services. For example, we use the information to:
    • Seek and analyse input and feedback about our Services;
    • Identify and address technical issues on our Services;
    • Conduct and learn from research about the ways in which people use our Services; and
    • Improve services offered by others, such as third parties that offer games, apps and other content connected to our Services.
  • To promote our brand and Services. We use the information that we collect to send you promotional messages and content and otherwise market to you on and offer our Services. We also use this information to measure how users respond to our marketing efforts. If you would like to opt out of receiving marketing emails, then you can always do so by follow the instructions implemented in every such promotional message.
  • To promote safety and security. We use the personal data that we collect to help promote safety and security on and off our Services, such as by investigating suspicious activity or breaches of our terms or policies and protecting our or others’ rights or property. 

3. How is personal data shared?

To provide and support our Services, information that we have about you is shared in certain circumstances. The following can see information about you when you and others use our Services.

  • Developers, support and other online content providers on our services. You can interact with Third-party content, games, apps and other experiences through our Services. We may share information about you with these partners so they can provide you with the experiences that you've requested, such as:
    • Information in your Tobii profile and about how you use our Services. For example, we may provide a third-party games provider with your user id or similar, so that the games provider may deliver a game to you that you’ve purchased bundled with one of our products
    • Any other information that you choose to share with the third party through your use of the Services.
    • Sharing within related companies. Depending on which services you use, we share information with companies that are part of the same group of companies that Tobii is part of, or that become part of that group, such as Tobii Dynavox, Tobii Pro, and Tobii Tech.
  • Service providers. We share the information that we collect with vendors, service providers, researchers and other partners, who work at our direction to support the Services (such as hosting our Services, fulfilling orders, facilitating payments, analysing the way people use our Services, processing credit card payments, providing customer service or sending electronic communications for us).
  • Other parties in connection with certain business transactions. In the event that the ownership of Tobii (or any portion of our assets) changes as a result of a merger, acquisition or in the event of a bankruptcy, information from or about you or your device may be transferred to another company.
  • Law enforcement or legal requests. We share information with law enforcement or in response to legal requests in the circumstances outlined in Section 7 below.

We also share de-identified or aggregate data with others. “De-identified data” means information where we have removed identifiable data such as your name and other data that could reasonably be used to identify you. “Aggregate data” is data that has been combined with other data so that it doesn't identify any specific person. For example, we provide developers with aggregated statistics about the number of people from a particular region that use our Services, so developers can create content tailored for people in that market.

4. How the Tobii companies work together 

Tobii shares infrastructure, systems, and technology with other Tobii companies to provide an innovative, relevant, consistent and safe experience across all Services that you use.

5. Third parties that provide content, marketing or functionality on our services

Some of the content, marketing and functionality on our Services may be provided by third parties that are not affiliated with us. For example, we work with companies that help us provide content within the Service that you purchased.

6. Data retention and deletion

We store data that identifies you until it is no longer necessary to provide our Services, for example when you delete an account with us. This is a case-by-case determination that depends on things such as the nature of the data, why it is collected and processed, and relevant legal or operational retention needs. For example, we may retain certain purchase information for accounting and tax purposes even after you have deleted your account. 

When you delete an account with us, we delete or anonymise the data you provided us with and the data we collected during your use of the Services. Neither you nor us will be able to restore such deleted or anonymised data. 

7. How do we respond to legal requests and minimize harm? 

We access, preserve and share information with regulators, law enforcement or others:

  • In response to a legal request where we have a good faith belief that the response is required by law in that jurisdiction, affects users in that jurisdiction and is consistent with internationally recognised standards.
  • When we have a good faith belief that it is necessary to: detect, prevent and address fraud or other illegal activity; to protect Tobii, our Services, you and others, including as part of investigations; or to prevent death or imminent bodily harm.

8. How we operate and transfer data as part of our global services

We share information globally, both internally within the Tobii Group and externally with our partners to fully provide the Services you are entitled to receive based on the Service you have purchased or subscribed to and/or otherwise are entitled to receive. Information controlled by Tobii will be transferred or transmitted to, or stored and processed in the United States, China and/or other countries outside of where you live for the purposes as described in this policy. These data transfers are necessary for us to globally operate and provide our Services to you. We utilise standard contract clauses approved by the European Commission and rely on the European Commission's adequacy decisions about certain countries, as applicable, for data transfers from the EU/EEA to the United States and other countries.

9. Changes to this policy

If we make changes to this Privacy Policy, we will provide notice of such changes as appropriate, such as by sending you an email notification to the address that you've provided, and/or providing notice through the Services. If we make an administrative change, we may update the "Last Updated" date at the top of this Privacy Policy.

The Data Protection Officer for Tobii AB can be contacted at dpo@tobii.com. You also have the right to lodge a complaint with the Swedish lead supervisory authority, the Datainspektionen, www.datainspektionen.se

10. What is our legal basis for processing data? 

The legal ground for processing personal data varies depending on the types of data and the situation. The legal grounds we rely on at Tobii are the following:

  • If processing is necessary to fulfil our contract with you, i.e. what we are obliged to provide under the agreement between you and us. Our obligations to you vary depending on the Service you are using. 

    For example, we may need to store your name and address to keep track of our warranty obligations to you.
  • With your consentwhich you may withdraw at any time.
    For example, when you have given your consent for Tobii to use your eye images and other personal data to develop our algorithms and thus our products. 

    It should be noted that a withdrawal of a consent shall, and cannot, affect the lawfulness of processing that has already been carried out based on that consent before its withdrawal. 
  • As necessary to comply with our legal obligations;

    For example, Tobii must store some purchase information to comply with tax and accounting regulations. The legal ground for this processing (storing) is therefore necessary for compliance with legal obligations.
  • Occasionally to protect your vital interests or those of others.
    • On rare occasions, we may process your data if doing so is necessary to protect your vital interests. For example, in situations where there is an immediate risk to your health we may share information with your caregiver.   
  • As necessary for our (or others) legitimate interests,

    Tobii has a legitimate interest in providing an innovative, personalised, safe and profitable service to our existing and future users and partners, unless those interests are overridden by your interests or fundamental rights and freedoms that require protection of personal data. 

11. How can you exercise the rights provided to you under the GDPR? 

Under the General Data Protection Regulation, you have the right to: 

Access your data 
You have the right to obtain from Tobii a confirmation of whether or not personal data concerning you is being processed, and if that is the case, a right to access information including, but not limited to, the purpose of the processing and the categories of personal data that Tobii has concerning you. By your request, Tobii is required to provide you with a copy of undergoing processing of your personal data.  

Rectify your data
If it comes to your knowledge that certain personal data of yours which is being processed by Tobii is inaccurate, you have the right to obtain a rectification and in some cases a right to have incomplete data completed.


Port your data 
If the legal ground for a processing of personal data is based on either (i) consent or (ii) fulfilment of a contract between you and Tobii, you have a right to receive data which you have provided us in a commonly used and machine-readable format and have the right to transmit such data to another controller.

Erase your data
You have the right to obtain from Tobii the erasure of your personal data when, for example, (i) the data no longer is necessary in relation to the purpose for which it was collected, (ii) if you withdraw a consent, (iii) if you object to the processing and there are no overriding legitimate grounds for the processing, or if (iv) the personal data have been unlawfully processed.


Restrict and object to certain processing of your data. 
you have the right to restrict Tobii from processing your data when, for example, (i) you contest the accuracy of the personal data, or (ii) if Tobii no longer needs certain data for the purposes of the processing.

Find out more about these rights, and how you can exercise them by either contacting Tobii at dpo@tobii.com or obtain information from the appropriate supervisory authority.

12. Contacting us 

The data controller responsible for your information is Tobii AB (publ) which you can contact by e-mail at dpo@tobii.com or by post at: 


Att: Data Protection Officer
Tobii AB (publ): 

Box 743 
182 17 Danderyd 

© Copyright 2018 Tobii Dynavox

Terms & ConditionsLegal NoticeReturn PolicyPrivacy Policy