Updated: 2025-10-07
Mercuri International – Privacy & Cookie Policy
Mercuri International Group AB (Mercuri) are very grateful that you want to participate in our privacy and cookies policy.
In this policy, we want to inform you about the type, scope and purpose of collecting personal information when you are in contact with Mercuri. You should be confident that Mercuri take all reasonable measures to protect the personal information you may provide to Mercuri.
Mercuri International Group AB, with company registration number 556518-9700, Box 3044, 169 03 Solna, Sweden is the legal entity responsible for processing your personal data. If you have questions about our privacy and cookie policy, please contact us using the contact form on our website, or at gdpr@mercuri.net. We reserve the right to amend and update this privacy and cookie policy at any time and will give you notice of any material changes.
Processing of personal data
Personal data is any information relating to an identified or identifiable natural person, such as, name, address, phone number and email address. We are processing your personal data in accordance with the Swedish Data Protection Act (SFS 2018:218) and the General Data Protection Regulation (EU/2016/679).
You must be over 18 years to provide personal data to us. If it comes to our attention that we process personal data of a person under the age of 18, we will act to remove the information as soon as possible.
How we collect personal data
The personal data that we process is mainly collected from you when you come into contact with us – e.g., via email, telephone or personal meetings, conferences, conventions or similar occasions. In addition, when you visit our website, we collect data using cookies. We may also collect your personal data from a third party, usually from the company you represent or is employed at.
Please note that when using our site, there are features that allow you to post information that may be considered personal data. You may only provide information about other persons if you have their consent to provide us with their information.
Types of cookies used:
- Necessary (for the proper functioning of the website)
- Preferences (to store user choices, such as preferred language or the region you are in)
- Statistics (e.g., Google Analytics, to understand how visitors interact with websites by collecting and reporting information anonymously)
- Marketing (to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third-party advertisers)
Cookie consent management
We use Cookiebot to manage cookie consent on our website. Cookiebot is a consent management platform (CMP) that ensures our use of cookies complies with applicable privacy regulations, including the EU General Data Protection Regulation (GDPR) and the ePrivacy Directive.
When you first visit our website, you will be presented with a cookie banner that allows you to accept or reject different categories of cookies (e.g., preferences, statistics, marketing). Only strictly necessary cookies are enabled by default. Your cookie preferences are stored for up to 12 months, after which you will be prompted to renew your consent.
You can change or withdraw your consent at any time by clicking on the cookie settings icon available on our website or by reopening the cookie declaration at the bottom of the page. For more information about how Cookiebot works, you can visit https://www.cookiebot.com.
What personal data do we process and why?
We at Mercuri process your personal data for several purposes. To be transparent about our processing, we have specified the processing of personal data below.
A. Information collected by us when you visit our website
| Purpose for processing | Categories of personal data |
| We process personal data in order to maintain and improve the website’s functionality and user experience, to discover and handle errors, breaches and incidents, to collect statistical data and analyze the web traffic on our website. | – IP-address – Other technical information (e.g., collected through cookies) generated through visits on our website, such as the type of technical device that you have used, web browser, visited pages as well as the time of the visits (browser information, time zone at the place from which you visited our website and other web traffic information) |
| Legal basis: Legitimate interest: Mercuri has a legitimate interest to collect information to maintain and improve the functionality, content, and security of our website. Collection of information by use of non-essential cookies is carried out based on your consent. For more information on what cookies we use, please see our section about cookies. |
| Retention period: We collect and store information on how visitors interact with our website for no longer than three (3) years. In most cases, the collected data is aggregated and turned into anonymized or highly pseudonymized data. |
| How we share and transfer your data: Mercuri shares the personal data with the following external parties: Google Analytics, Hotjar, Facebook, Tawk.to, our web agency, our suppliers of hosting services and website behavior analytics tools. Mercuri will not transfer your personal data to a country outside the European Union (“EU”)/European Economic Area (“EEA”). However, we use suppliers belonging to company groups headquartered in the United States and which therefore may, e.g., for technical support purposes, grant remote access to personal data stored within the EU/EEA. |
B. Use of third-party cookies for marketing purposes
| Purpose for processing | Categories of personal data |
| In order to market our products and services to you, we use third-party marketing cookies. Third-party cookies are used to track the behaviour of users on the website. | – IP-address – Other technical information (e.g., collected through cookies) generated through visits on our website, such as the type of technical device that you have used, web browser, visited pages as well as the time of the visits (browser information, time zone at the place from which you visited our website and other web traffic information) |
| Legal basis: Legitimate interest: Mercuri has a legitimate interest to market our products and services to existing and potential customers. |
| Retention period: We will keep your personal data for up to two (2) years from the last time you interacted with our website. In most cases, the collected data is aggregated and turned into anonymized or highly pseudonymized data. |
| How we share and transfer your data: Mercuri shares the personal data with the following external parties: Google Analytics, Hotjar, Meta, Tawk.to, our web agency, suppliers of hosting services and website behavior analytics tools. Mercuri will not transfer your personal data to a country outside the European Union (“EU”)/European Economic Area (“EEA”). However, we use suppliers belonging to company groups headquartered in the United States and which therefore may, e.g., for technical support purposes, grant remote access to personal data stored within the EU/EEA. |
C. When you fill out a contact form on our website
| Purpose for processing | Categories of personal data |
| On our website there are several contact forms that you as a visitor can fill in either to contact us and/or to receive marketing material. For the purpose to process your requests and/or to provide requested services/information we process the personal data you have provided to us. | – Name – Email address – Telephone number – Any additional personal data provided in the field “message” – Technical information to remember the data you have provided to us if you click the “remember me” box – If you click the box “subscribe to our newsletters” personal data will be processed to send you newsletters |
| Legal basis: Legitimate interest: Mercuri has a legitimate interest to communicate with you, to handle a request from you, and to market our products and services to existing and potential customers. |
| Retention period: We will keep your personal data for up to three (3) years from the last time of interaction unless you inform us that you do not wish to be contacted by us. |
| How we share and transfer your data: Mercuri shares the personal data with the following external parties: our web agency, supplier of hosting services, provider of our CRM system and website behaviour analytics tools. Mercuri will not transfer your personal data to a country outside the European Union (“EU”)/European Economic Area (“EEA”). However, we use suppliers belonging to company groups headquartered in the United States and which therefore may, e.g., for technical support purposes, grant remote access to personal data stored within the EU/EEA. |
D. When we have a business relationship with you or the business you represent
| Purpose for processing | Categories of personal data |
| Contact and communication with you for the purposes of creating, maintaining and developing our business relationship with you or the company you represent. This includes, among other things, communication via email regarding our business, services and current activities. | – Name – Contact details such as email address, telephone number, lo-cation and business address – Professional title and information regarding the company you represent – Any additional personal data provided by you in communications with Mercuri |
| Legal basis: Performance of a contract: Mercuri processes the person data to conclude and perform a contract with you or the company that you represent. If you are acting on behalf of someone else e.g., in the capacity of representative of a customer, partner or supplier to us, our processing is carried out based on our legitimate interest to conclude and fulfill the agreement with the company you represent. |
| Retention period: We process and store your personal data for as long as we have a business relationship with you or the company you represent, and thereafter we process and store your personal data three (3) years after the last time we were in contact in our business relationship. |
| How we share and transfer your data: Mercuri shares the personal data with the following external parties: supplier of our CRM system. Mercuri will not transfer your personal data to a country outside the European Union (“EU”)/European Economic Area (“EEA”). However, we use suppliers belonging to company groups headquartered in the United States and which therefore may, e.g., for technical support purposes, grant remote access to personal data stored within the EU/EEA. |
E. When you access our Mercuri LMS or the Mercuri sales enablement platform
| Purpose for processing | Categories of personal data |
| Mercuri will collect relevant personal data to enable users of the LMS or the sales enablement platform to access the platform and their personal learning programs, to enable personal communication with the user and to enable content suggestions based on previous actions on the platform. | – Name – Contact details such as email address, telephone number, location and business address – Actions, behaviors & results within the platform – Email correspondence – IP-address, and personal settings within your browser – Assessments, tests, assignments, personal feedback given by the learner on the platform – Visits, time spent on the platform, selected paths and other types of behavior and actions – Any additional personal data provided by you in the platform |
| Legal basis: Legitimate interest: Mercuri has a legitimate interest to process personal data in order for you to use the LMS and our sales enablement platform and to enable the provision of the LMS platform to our customers. |
| Retention period: We will keep your personal data for up to three (3) years from the last time of interaction. Analyses and tests are saved until the education is completed, up to one (1) year. |
| How we share and transfer your data: Mercuri shares the personal data with the following external parties: our web agency, our suppliers of hosting services, website behavior analytics tools, CRM system, as well as providers of data center services. In addition, Ariadne Digital s.r.l. and Ariadne eLearning s.r.l are the developers of the Mercuri sales enablement platforms customizations and configurations based on the Moodle platform. These vendors maintain the application and manages the infrastructure needed for a safe platform; hence they may access data in order to analyses and resolve software issues or if required for data analysis. Amazon Web Services Inc, a cloud computing and hosting provider is used to store and backup the data a user generates by using the service securely. Mercuri may transfer your personal information from the Mercuri sales enablement platform to countries outside the EU/EEA area in order to process your transactions or to satisfy global reporting requirements as Mercuri may be required to provide personal data to Mercuri Units in other countries. |
F. Research, Studies & Surveys
| Purpose for processing | Categories of personal data |
| For the purpose of performing research, studies and surveys we will process your personal data. | – Name – Contact details (email address and telephone number). – Information on what company you represent and your job title. – Information you provide in Mercuri research studies and surveys – Any additional personal data provided by you in the contact form sent to Mercuri |
| Legal basis: Legitimate interest. Mercuri has a legitimate interest in improving its services and products by analyzing its business ventures, costumer segments and surveys from costumers and users. |
| Retention period: Retention period: We will keep your personal data for up to 3 years from the time of collection. |
| How we share and transfer your data: Mercuri shares the personal data with the following external parties: our web agency, suppliers of hosting services, website behavior analytics tool, CRM system. Mercuri will not transfer your personal data to a country outside the European Union (“EU”)/European Economic Area (“EEA”). However, we use suppliers belonging to company groups headquartered in the United States and which therefore may, e.g., for technical support purposes, grant remote access to personal data stored within the EU/EEA. |
G. Marketing Communication, Sales & Marketing activities
| Purpose for processing | Categories of personal data |
| For marketing our products and services, we will process personal data about you if you in the past or in communication with us have shown interest in our products and services or if we through a third party have gained information that you might be interested in our products or services. | – Name – Contact details (email address and telephone number) – Information on what company you represent and your job title – Any additional personal data provided by you in the contact form sent to Mercuri |
| Legal basis: Legitimate interest: Mercuri has a legitimate interest to market our products and services to existing and potential customers. |
| Retention period: We will keep your personal data for up to three (3) years from the last time of interaction unless you inform us that you do not wish to be contacted by us. |
| How we share and transfer your data: Mercuri shares the personal data with the following external parties: our web agency and supplier of our CRM system. Mercuri will not transfer your personal data to a country outside the European Union (“EU”)/European Economic Area (“EEA”). However, we use suppliers belonging to company groups headquartered in the United States and which therefore may, e.g., for technical support purposes, grant remote access to personal data stored within the EU/EEA. |
Transfers of personal data
We always require that our suppliers and companies that we cooperate with ensure that any transfers of personal data to countries outside the EU/EEA are performed in accordance with all applicable legal requirements including, where required, enter into an agreement with their suppliers based on the EU Commission’s standard contractual clauses. Here, you can find the standard contract clauses applicable to transfers of personal data to a recipient outside of the EU/EEA.
The personal data you register with Mercuri is never sold to third parties for commercial purposes.
Your rights
In this section we describe your rights as a data subject. The data protection authority in Sweden is IMY (Integritetsskyddsmyndigheten), If you believe that our processing is performed in breach of applicable data protection legislation, we encourage you to contact us in order for us to over-see your complaints. You may at any time also file a complaint with the supervisory authority.
Please note that not all rights listed below are absolute and there are exemptions which can be valid. If you want to exercise your rights, please contact us using our contact form on our website, or at gdpr@mercuri.net.Your rights are the following:
Right of access: You have the right upon request to get a copy of your personal data which we process and to get complementary information regarding our processing of your personal data.
Right of rectification: You have the right to have your personal data rectified and/or complemented if they are wrong and/or incomplete.
Right to erasure: You have the right to request that we erase your personal data without undue delay in the following circumstances: (i) the personal data is no longer necessary in relation to the purposes for which they were collected or otherwise processed; (ii) you withdraw your consent on which the processing is based (if applicable) and there is no other legal ground for the processing; (iii) you object to our processing of personal data, and we do not have any overriding legitimate grounds for the processing; (iv) the processed personal data is unlawfully processed; or (v) the processed personal data has to be erased for compliance with legal obligations.
Right to restriction: You have the right to restrict the processing of your personal data in the following circumstances: (i) you contest the accuracy of the personal data during a period enabling us to verify the accuracy of such data; (ii) the processing is unlawful, and you oppose erasure of the personal data and request restriction instead; (iii) the personal data is no longer needed for the purposes of the processing, but are necessary for you for the establishment, exercise or defense of legal claims; or (iv) you have objected to the processing of the personal data, pending the verification whether our legitimate grounds for our processing override your interests, rights and freedoms.
Right to data portability: If your personal data has been provided by you and our processing of your personal data is based on your consent or on the performance of a contract with you, you have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format in order to transmit these to another service provider where it would be technically feasible and can be carried out by automated means.
Right to object: You have the general right to object to our processing of your personal data when it is based on our legitimate interest. If you object and we believe that we may still process your personal data, we must demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or for the establishment, exercise or defense of legal claims.
Right to object to direct marketing: You have the right to at any time object to processing which is done for the purpose of direct marketing. If you object to such processing, we will no longer process your data for such purposes.
Right to withdraw consent: When our processing of your personal data is based on your consent, you have the right to withdraw your consent at any time. Please note that the lawfulness of any processing based on your consent before its withdrawal is not affected by the withdrawal.
What are cookies and how do they work?
Mercuri uses cookies for www.mercuri.net and associated domains and applications (like the Mercuri sales enablement platform). A cookie is a small data file with text stored in your browser which enables us or third parties to identify you. Cookies can be used for the following purposes:
- allow certain functions;
- provide statistics;
- save your choices and
- enable advertising and interest-based marketing.
Cookies can be of two types: session cookies or permanent cookies.
- A session cookie automatically disappears when you close your browser.
- A permanent cookie remains for a certain amount of time or until you delete your cookies.
The expiration date is stored in the cookie itself; some may cease to work after a few minutes, while others may end after several years.
Cookies placed by the webpage you visit are sometimes called first-party cookies, while cookies by other companies are called third-party cookies.
Strictly necessary cookies are placed when you use our services and visit our website. Functional- and advertising cookies are optional and only placed if you have provided your consent to them.
If you do not want any cookies or certain types of cookies, you have the ability via our cookie consent manager to accept or decline various types of non-essential cookies. You can also change the settings in your browser to delete saved cookies and block new ones. See your browser’s help pages for more information about approaches. However, note that deleting or blocking cookies may prevent you from using all the features on our site, such as to save your choices, and it may also cause some pages to not display properly. Below you’ll find links with information on how you can manage cookies in your web browser:
Our use of third-party cookies
Mercuri uses Google Analytics to analyze how the site is used. Google Analytics generates statistics and other information about how the site is used by saving cookies on the user’s computer. The information generated for our site is used to create reports about the use of the site. Google saves and uses this information. Google’s Cookie Policy is available here.
Mercuri uses a service from Hotjar is used to understand user behavior on our website. Hotjar’s Cookie Policy is available here.
Mercuri uses third party cookies by Meta for purposes of marketing our brand, products and services. Meta’s Cookie Policy is available here.
To optimize the chat function, we use third party cookie by Tawk.to. Tawk.to’s Cookie Policy is available here.
In order to host virtual events, Vimeo places cookies to remember user history. Vimeo’s Cookie Policy is available here.
Our sales enablement platform is hosted by Moodle LMS, third party cookies are placed to remember user log-in. Moodle’s Cookie Policy is available here.
We use Cloudflare, a service that provides security and performance enhancements for our website. Cloudflare helps protect against security threats, such as DDoS attacks, and improves site speed by caching content and optimizing delivery. For more information on how Cloudflare collects and uses data, please refer to their Privacy and Cookie policy here.
Use of Tawk.to Chat
We use Tawk.to, a third-party live chat tool, to enable real-time support for visitors on our website. Tawk.to sets cookies such as TawkConnectionTime and twk_idm_key to ensure chat continuity during your visit. These cookies are categorized as functional and are essential for the operation of the chat feature. They do not track you for marketing or advertising purposes.
The cookies on our sales enablement platform and websites
| Name | Provider | Purpose | Expiry |
| MoodleSession | Moodle | To provide continuity and to remain logged in when browsing the Mercuri sales enablement platform. | Session |
| MOODLEID | Moodle | To remember the username and password for returning users. | 2 months |
| _msci | Microsoft Clarity | Used to anonymously identify user sessions and interactions for behavioral analytics. | 1 year |
| _gcl_au | Google AdSense | Used by Google AdSense for experimenting with advertisement efficiency across websites using their services. | Persistent |
| _fbp | To store and track visits across websites. | 3 months | |
| _hjSessionUser_# | Hotjar Ltd | Collects statistics on the visitor’s visits to the website, such as the number of visits, average time spent on the website and what pages have been read. | 1 year |
| _hjSession_# | Hotjar Ltd | Collects statistics on the visitor’s visits to the website, such as the number of visits, average time spent on the website and what pages have been read. | 30 minutes |
| _ga_# | Google Analytics | Used to send data to Google Analytics about the visitor’s device and behavior. Tracks the visitor across devices and marketing channels. | 2 years |
| _ga | Google Analytics | Used to send data to Google Analytics about the visitor’s device and behavior. Tracks the visitor across devices and marketing channels. | 2 years |
| TawkConnectionTime | Tawk.to | Allows the website to recognize the visitor, in order to optimize the chat-box functionality. | Session |
| twk_idm_key | Tawk.to | Allows the website to recognize the visitor, in order to optimize the chat-box functionality. | Session |
| Msd365mkttr | Microsoft Dynamics 365 | Collects information on user behaviour on multiple websites. This information is used in order to optimize the relevance of advertisement on the website. | 2 years |
| Msd365mkttrs | Microsoft Dynamics 365 | Registers statistical data on users’ behaviour on the website. Used for internal analytics by the website operator. | 2 years |
| _fbp | Used by Facebook to deliver a series of advertisement products such as real-time bidding from third-party advertisers. | 3 months | |
| CookieConsent | CookieBot | Stores the user’s cookie consent state for the current domain. | 1 year |
| test_cookie | DoubleClick | Used to check if the user’s browser supports cookies. | 15 minutes |
| bcookie | Used in order to detect spam and improve the website’s security. | 1 year | |
| li_gc | Stores the user’s cookie consent state for the current domain | 6 months | |
| lidc | Registers which server-cluster is serving the visitor. This is used in context with load balancing, in order to optimize user experience. | 1 day | |
| #{8}-#{4}-#{4}-#{4}-#{12} | 3rd party cookie – Dynamics | Cookies set by Dynamics are used to track users on our website. Visits are tracked for known users only. Unknown users are recorded as anonymous users. | 12 months |
| IDE | DoubleClick | Used by Google DoubleClick to register and report the website user’s actions after viewing or clicking one of the advertiser’s ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user. | 1.5 year |
| wpEmojiSettingsSupports | WordPress | This cookie is part of a bundle of cookies which serve the purpose of content delivery and presentation. The cookies keep the correct state of font, blog/picture sliders, color themes and other website settings. | Session |
| _gcl_ls | Google Tag Manager | To store and track interactions. | Persistent |
| lastExternalReferrer | Facebook/Meta | Detects how the user reached the website by registering their last URL address. | Persistent |
| lastExternalReferrerTime | Facebook/Meta | Detects how the user reached the website by registering their last URL address. | Persistent |
| topicsLastReferenceTime | Facebook/Meta | Collects data on the user across websites – This data is used to make advertisement more relevant. | Persistent |
| hjViewportId | Hotjar Ltd | Saves the user’s screen size in order to adjust the size of images on the website. | Session |
| hjActiveViewportIds | Hotjar Ltd | This cookie contains an ID string on the current session. This contains non-personal information on what subpages the visitor enters – this information is used to optimize the visitor’s experience. | Persistent |
| wordpress_test_cookie | WordPress | Used to check if the user’s browser supports cookies. | Session |
| LAST_RESULT_ENTRY_KEY | YouTube | Used to track user’s interaction with embedded content. | Persistent |
| yt-remote-device-id | YouTube | Stores the user’s video player preferences using embedded YouTube video. | Persistent |
| yt-remote-cast-installed | YouTube | Stores the user’s video player preferences using embedded YouTube video. | Session |
| yt-remote-cast-available | YouTube | Stores the user’s video player preferences using embedded YouTube video. | Session |
| yt-remote-session-app | YouTube | Stores the user’s video player preferences using embedded YouTube video. | Session |
| yt-remote-session-name | YouTube | Stores the user’s video player preferences using embedded YouTube video. | Session |
| yt-remote-fast-check-period | YouTube | Stores the user’s video player preferences using embedded YouTube video. | Session |
| yt-remote-connected-devices | YouTube | Stores the user’s video player preferences using embedded YouTube video. | Persistent |
| iU5q-!O9@$ | YouTube | Registers a unique ID to keep statistics of what videos from YouTube the user has seen. | Session |
| #-# | YouTube | Used to track user’s interaction with embedded content. | Session |
| YtIdbMeta#databases | YouTube | Used to track user’s interaction with embedded content. | Persistent |
| vuid | Vimeo | This cookie is used to store the user’s usage history. | 2 years |
| __cf_bm | CloudFlare | This cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the use of their website. | 30 minutes |
| _cfuvid | Vimeo/CloudFlare | This cookie is a part of the services provided by Cloudflare – Including load-balancing, deliverance of website content and serving DNS connection for website operators. | Persistent |
| _GRECAPTCHA | Google reCAPTCHA | To provide spam protection. | 6 months |
| rc::a | Google reCAPTCHA | To read and filter requests from bots. | Persistent |
| rc::c | Google reCAPTCHA | To read and filter requests from bots. | Session |
| rc::b | Google reCAPTCHA | To read and filter requests from bots. | Session |
| rc::f | Google reCAPTCHA | To read and filter requests from bots. | Persistent |
| cf.turnstile.u | CloudFlare | Used for Cloudflare bot protection and security. | Persistent |
| 1.gif | CookieBot | Used to count the number of sessions to the website, necessary for optimizing CMP product delivery. | Session |
| pagead/1p-user-list/# | Tracks if the user has shown interest in specific products or events across multiple websites and detects how the user navigates between sites. This is used for measurement of advertisement efforts and facilitates payment of referral-fees between websites. | Session | |
| t/v/# | Microsoft Dynamics | Used to transmit behavioral or interaction data via pixel tracking | Session |