Multiply - Privacy Policy

Privacy Policy

Last updated

January 26, 2026

Multiply takes your privacy very seriously and is committed to protecting your personal data. Please read this Privacy Policy (“policy”) carefully as it contains important information on who we are and how and why we collect, store, use and share any information relating to you (your “personal data”) in connection with your use of our Platform. It also explains your rights in relation to your personal data and how to contact us or a relevant regulator in the event you have a complaint.

‍

This privacy policy is divided into the following sections:

Who we are, purpose of this privacy policy and our processing role
Contact details
Personal data we collect about you
How your personal data is collected
How and why we use your personal data
Marketing
Who we share your personal data with
How long your personal data will be kept
Transferring your personal data out of the European Economic Area (EEA)
Cookies
Your rights
Keeping your personal data secure
How to complain
Changes to this privacy policy

‍

Any word with a capital letter in this policy shall have the same meaning as in the Platform Terms of Acceptable Use, unless otherwise stated. The Platform Terms of Acceptable Use are accessible at here.
‍

These Terms supplement any separate Subscription Agreement or proposal (Agreement) you have entered into if you are a corporate customer (Customer). In the event of a conflict between these Terms and your Agreement with us as. Customer, your Agreement will prevail. Customers are solely responsible for ensuring their Authorised Users comply fully with these Terms.
‍

Who we are, purpose of this policy and our processing role

Multiply Potential AB is a company registered in Sweden under company number 559225-3768 (“Multiply”). Multiply operates a web-based platform, website, mobile and desktop app as available (together, our “Platform”) which provides AI-powered workflows for marketing teams and agencies to get better insights, produce higher quality strategies, campaigns and content in less time.. For more information about us, please visit our “About us” page on our website: multiply.co. As such, we collect and use the personal data of Customers and their Authorised Users.

‍

For the avoidance of doubt, all Content uploaded on our Platform by or on behalf of a Customer or Authorised User shall remain the User’s or Customer’s property (as applicable). The Customer shall be considered a controller of all personal data contained in such Content, Multiply simply being a processor of such data, within the meaning of the applicable privacy laws.

‍

Multiply however collects, uses and is responsible for certain personal data about you. When we do so we are subject to the EU GDPR (the General Data Protection Regulation (EU) 2016/79, as amended from time to time) and the UK GDPR (the UK General Data Protection Regulation), as applicable based on your location in the European Union or the United Kingdom, and we are responsible as ‘controller’ of that personal data for the purposes of those laws.

‍

Contact Us

Please contact us if you have any questions about this policy or the information we hold about you.

If you wish to contact us, please send an email to privacy@multiply.co, write to Attn. Privacy Team, Multiply Potential AB c/o KIVRA: 559225-3768, 106 31 Stockholm, Stockholms län.

‍

Our collection of your personal data

We collect personal data about you when you access our Platform, create an account with us, contact us or sign up for our newsletter. The personal data we collect about you depends on the particular activities carried out through our website.

If you create an account on the Platform, we will collect and use the following data about you:

your name, address and contact information, including email address and telephone number and company details (where relevant)
account details, such as login details
IP address
location data (when you choose to give this to us)
details of Content you upload (which may contain personal data)
details of your usage and activity on the Platform
information to check and verify your identity, eg date of birth
details of any information, feedback or other matters you give to us by phone, email, post or via social media
your account details, such as username and login details
your activities on, and use of, our Platform
information about the services we provide to you
your contact history, purchase history and saved items
details of any social media or other online profiles you share with us
your responses to surveys, competitions and promotions
company’s name, address, number and other business informatio
account details, such as login details
number of permitted accesses/Authorised Users'details of Customer Authorised Users
details of Customer Authorised Users
email addresses and account details of Customer Authorised Users
Billing information, transaction and payment card or other payment method information
Information about the services we provide to you
Your contact history, contracts with us and any purchase history

If you do not provide personal data we ask for where it is indicated to be required at the point of collection, it will delay or prevent us from providing services to you as explained below.

‍

We collect and use this personal data for the purposes described in the section ‘How and why we use your personal data’ below.

‍

How your personal data is collected

We collect personal data from you:

directly, when you enter or send us information, such as when you register or create an account with us, contact us (including via email), send us feedback or complete customer surveys, and
indirectly, such as via a Customer when you are one of Customer’s Authorised Users, or your usage activity while using your account on our Platform.

‍

For more information about information we collect indirectly about you using cookies and other similar technologies, please see the section on ‘Cookies’ below.

‍

How and why we use your personal data

We use this personal data to:

Create and manage your account with us
Verify your identity
Provide our services and Platform to you;
Customise our Platform and its content to your particular preferences and requirements
Notify you of any changes to our Platform or to our services that may affect you
Improve our Platform and services
Under data protection law, we can only use your personal data if we have a lawful basis for doing so, e.g.:
where you have given consent
to comply with our legal and regulatory obligations
for the performance of a contract with you or to take steps at your request before entering into a contract; or
for our legitimate interests or those of a third party.

‍

A legitimate interest is when we have a business or commercial reason to use your personal data, so long as this is not overridden by your own rights and interests. We will carry out an assessment when relying on legitimate interests, to balance our interests against your own. You can obtain details of this assessment by contacting us (see ‘How to contact us’ above).

‍

Purpose for processing your personal data	Lawful basis for processing including basis of legitimate interest
To create and manage your User or Customer account on our Platform.	Performance of a contract with you
To provide our Platform services to you.	Performance of a contract with you
To process and deliver your account purchase / subscription including to: Manage payments, fees and charges; Collect and recover money owed to us.	Performance of a contract with you Necessary for our legitimate interests (to recover debts due to us)
To manage our relationship with you which will include: Notifying you about changes to our Terms of Acceptable Use or other policies;‍ Asking you to leave a review or take a survey.	Performance of a contract with you Necessary to comply with a legal obligation Necessary for our legitimate interests (to keep our records updated and to study how Users use our Platform/services)
To conduct checks to identify you and verify your identity or to help prevent and detect fraud against you or us	To comply with our legal and regulatory obligations For our legitimate interests, i.e. to minimise fraud that could be damaging for you and/or us
To administer and protect our business and Platform (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data).	Necessary for our legitimate interests (for running our business, provision of administration and our Platform, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise) Necessary to comply with a legal obligation
To enforce legal rights or defend or undertake legal proceedings	Depending on the circumstances: —to comply with our legal and regulatory obligations —in other cases, for our legitimate interests, i.e. to protect our business, interests and rights
Customise our Platform and its content to your particular preferences based on a record of your selected preferences or on your use of our Platform	Depending on the circumstances: —your consent - see 'Cookies' below —where we are not required to obtain your consent and do not do so, for our legitimate interests, i.e. to be as efficient as we can so we can deliver the best service to you If you have provided such a consent you may withdraw it at any time by (this will not affect the lawfulness of our use of your personal data in reliance on that consent before it was withdrawn)
To use data analytics to improve our Platform, services, marketing, customer relationships and experiences.	Necessary for our legitimate interests (to define types of users for our materials and services, to keep our Platform updated and relevant, to develop our business and to inform our marketing strategy)
To make suggestions and recommendations to you about goods or services that may be of interest to you.	Necessary for our legitimate interests (to develop our materials/services and grow our business)
Updating and enhancing Customer and User records	Depending on the circumstances: —to perform our contract with you or to take steps at your request before entering into a contract —to comply with our legal and regulatory obligations —where neither of the above apply, for our legitimate interests, e.g. making sure that we can keep in touch with our Customers and Users about existing accounts and subscriptions and new services
Disclosures and other activities necessary to comply with legal and regulatory obligations that apply to our business, e.g. to record and demonstrate evidence of your consents where relevant	To comply with our legal and regulatory obligations
Marketing our services to existing and former Users and Customers	For our legitimate interests, i.e. to promote our business to existing and former Users and Customers See 'Marketing' below for further information
The audit of our business	For our legitimate interests, i.e. demonstrate we operate at the highest standards
To share your personal data with third parties that will or may take control or ownership of some or all of our business (and professional advisors acting on our or their behalf) in connection with a significant corporate transaction or restructuring, including a merger, acquisition, asset sale, initial public offering or in the event of our insolvency In such cases information will be anonymised where possible and only shared where necessary	Depending on the circumstances: —to comply with our legal and regulatory obligations —in other cases, for our legitimate interests, i.e. to protect, realise or grow the value in our business and assets

‍

How and why we use your personal data—Special category personal data

Certain personal data we collect is treated as a special category to which additional protections apply under data protection law. Such data includes personal data revealing racial or ethnic origin, political opinions, religious beliefs, philosophical beliefs or trade union membership, genetic data, biometric data (when used to uniquely identify an individual and data concerning health, sex life or sexual orientation.

‍

We do not collect such data unless you choose to give it to us or where you make such data manifestly public (such as by posting the same on the Platform). Where we do process such special category personal data, we will always ensure we are permitted to do so under data protection laws. Please note that any such special category data contained in any Content posted to our Platform is under the control of theCustomer(or its Authorized Users) posting such Content and you must contact such Customer if you have any questions in respect of such Special category personal data. If you have a complaint about how another Customer uses your Special category personal data on our Platform contained in Content that you cannot resolve with such Customer directly, then please do contact us using the details above: ‘Contact Us’.

‍

Marketing

We would like to send you information about the Platform and our services, including exclusive offers, promotions or new services, which may be of interest to you. Where we have your consent to do so or it is in our legitime interest to do so, we may do this by email, telephone, text message, post or automated call.

‍

If you are an existing Customer or Authorized User or have been in touch with us about our Platform and Services, we may have a legitimate interest in using your personal data for marketing purposes (see above ‘How and why we use your personal data’). This means we do not need your consent to send you marketing information which relates to our Platform or services or anything that this similar to these. If we change our marketing approach in the future so that consent is needed, we will ask for this separately and clearly.

‍

In all other cases, we will only ever send you marketing materials where we have your prior consent to do so.

‍

In all cases, you have the right to opt out of receiving marketing communications at any time by:

using the ‘unsubscribe’ link in emails or ‘STOP’ number in texts, or
contacting us at unsubscribe@multiply.co.

We may ask you to confirm or update your marketing preferences if you ask us to provide further services in the future, or if there are changes in the law, regulation, or the structure of our business.

We will always treat your personal data with the utmost respect and never sell OR share it with other organisations for marketing purposes.

For more information on your right to object at any time to your personal data being used for marketing purposes, see ‘Your rights’ below.

‍

Who we share your personal data with

We share your personal data such with:
‍

third parties we use to help deliver our Platform and services to you, e.g. payment service providers; and
other third parties we use to help us run our business and Platform, e.g. marketing agencies or website hosts, developers, AI providers and analytics providers.

Some of those third parties may be based outside the EEA. When that is the case, we only allow those organisations to handle your personal data if we are satisfied they take appropriate measures to protect your personal data. We also impose contractual obligations on them to ensure they can only use your personal data to provide services to us and to you. For further information including on how we safeguard your personal data when this occurs, see ‘Transfer of your information out of the EEA’ below.

‍

We or the third parties mentioned above occasionally also share personal data with:

our and their external auditors, e.g. in relation to the audit of our or their accounts, in which case the recipient of the information will be bound by confidentiality obligations
our and their professional advisors (such as lawyers and other advisors), in which case the recipient of the information will be bound by confidentiality obligations
law enforcement agencies, courts, tribunals and regulatory bodies to comply with our legal and regulatory obligations
other parties that have or may acquire control or ownership of our business (and our or their professional advisers) in connection with a significant corporate transaction or restructuring, including a merger, acquisition, asset sale, initial public offering or in the event of our insolvency—usually, information will be anonymised but this may not always be possible. The recipient of any of your personal data will be bound by confidentiality obligations

‍

Transferring your personal data out of the UK and EEA

Countries outside the UK and EEA have differing data protection laws, some of which may provide lower levels of protection of privacy.

‍

It is sometimes necessary for us to share your personal data to countries outside the UK or EEA. In those cases, we will comply with applicable UK or EEA laws designed to ensure the privacy of your personal data.

‍

Under data protection laws, we can only transfer your personal data to a country outside the UK or EEA where:

In respect of transfers outside the UK or EEA, in respect of the EEA, the European Commission has decided that the particular country ensures an adequate level of protection of personal data (known as an ‘adequacy decision’) further to Article 45 of the EU GDPR. A list of countries the European Commission has currently made adequacy decisions in relation to is available here. In respect of the UK, the UK government has decided the particular country ensures an adequate level of protection of personal data (known as an ‘adequacy regulation’) further to Article 45 of the UK GDPR. A list of countries the UK currently has adequacy regulations in relation to is available here.
there are appropriate safeguards in place, together with enforceable rights and effective legal remedies for you; or
a specific exception applies under relevant data protection law.

Where we transfer your personal data outside the UK or EEA, we do so on the basis of an adequacy regulation or adequacy decision (as applicable) or (where such is not available) on the basis of legally-approved standard data protection clauses issued further to Article 46(2) of the GDPR and UK GDPR. In the event we cannot or choose not to continue to rely on either of those mechanisms at any time we will not transfer your personal data outside the UK EEA unless we can do so on the basis of an alternative mechanism or exception provided by applicable data protection law and reflected in an update to this policy.

‍

Any changes to the destinations to which we send personal data or in the transfer mechanisms we use to transfer personal data internationally will be notified to you in accordance with the section on ‘Changes to this privacy policy’ below.

If you would like further information about data transferred outside the UK and EEA, please contact us (see ‘How to contact us’ above).

‍

How long your personal data will be kept

We will not keep your personal data for longer than required for the purpose for which it is processed. In addition, we will comply with different retention periods set by the law for the retention of different types of personal data. Following the end of the of the relevant retention period, we will delete or anonymise your personal data.

‍

Cookies

A cookie is a small text file which is placed onto your device (e.g. computer, smartphone or other electronic device) when you use our Platform. We use cookies on our Platform. For further information on cookies our use of them, when we will request your consent before placing them and how to disable them, please see our cookie policy.

‍

Your rights

You generally have the following rights, which you can usually exercise free of charge:

Access to a copy of your personal data	The right to be provided with a copy of your personal data
Correction (also known as rectification)	The right to require us to correct any mistakes in your personal data
Erasure (also known as the right to be forgotten)	The right to require us to delete your personal data—in certain situations
Restriction of use	The right to require us to restrict use of your personal data in certain circumstances, e.g. if you contest the accuracy of the data
Data portability	The right to receive the personal data you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party—in certain situations
To object to use	The right to object—at any time to your personal data being used for direct marketing (including profiling)—in certain other situations to our continued use of your personal data, e.g. where we use your personal data for our legitimate interests unless there are compelling legitimate grounds for the processing to continue or the processing is required for the establishment, exercise or defence of legal claims
Not to be subject to decisions without human involvement	The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you\We do not make any such decisions based on data collected by our Platform
The right to withdraw consents	If you have provided us with a consent to use your personal data you have a right to withdraw that consent easily at any time\Withdrawing a consent will not affect the lawfulness of our use of your personal data in reliance on that consent before it was withdrawn

‍

For further information on each of those rights, including the circumstances in which they do and do not apply, please contact us (see ‘How to contact us’ above). You may also find it helpful to refer to the website of the Swedish Authority for Privacy Protection, accessible here: www.imy.se/en/.

‍

If you would like to exercise any of those rights, please email, call or write to us - see above: ‘How to contact us’.

‍

When contacting us please:

provide enough information to identify yourself, such as your full name, address and Customer account details and any additional identity information we may reasonably request from you, and
let us know which right(s) you want to exercise and the information to which your request relates

If you are usually resident in the UK, we have appointed Gerrish Legal to be our data protection representative within the UK. Their contact details are cg@gerrishlegal.com.

‍

Keeping your personal data secure

We have appropriate security measures to prevent personal data from being accidentally lost, or used or accessed unlawfully. We limit access to your personal data to those who have a genuine business need to access it.

‍

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

‍

How to complain

Please contact us if you have any queries or concerns about our use of your personal data (see above ‘How to contact us’). We hope we will be able to resolve any issues you may have.

‍

You also have the right to lodge a complaint with:

The Swedish Authority for Privacy Protection (IMY)
A relevant data protection supervisory authority in the EEA state of your habitual residence, place of work or of an alleged infringement of data protection laws in the EEA. If you do not know your data protection supervisory authority, you can find a list and their contact here.

If you are usually resident in the UK, the UK’s Information Commissioner may be contacted using the details at https://ico.org.uk/make-a-complaint or by telephone: +44 303 123 1113.

The Swedish Authority for Privacy Protection (IMY) may be contacted using the details at www.imy.se or by telephone: +46 8 657 6100.

‍

Changes to this privacy policy

We may change this privacy policy from time to time—when we make significant changes we will take steps to inform you, for example by including a prominent link to a description of those changes on our Platform for a reasonable period or by other means, such as email.

‍