Privacy Policy

Effective date: 13 August 2025
Updated on: 19 August 2025

This Privacy Policy explains how Grafokett AB (“Grafokett”, “we”, “us”, “our”) collects, uses, discloses, and protects personal data when you access https://www.grafokett.se (the “Service”). It also describes your privacy rights under applicable privacy laws.

By using the website, you consent to the collection and use of your personal data in accordance with this Privacy Policy. If you do not agree, please do not use the website.

What information we collect, purposes, and legal bases

Legal bases (definitions)

  • Legitimate interest: Our interest or a third party’s interest, provided your interests or fundamental rights and freedoms do not override those interests.
  • Contract performance: Processing necessary for a contract with you or to take steps at your request before entering into a contract.
  • Legal obligations: Processing necessary to comply with laws or regulations applicable to us.
  • Consent: A freely given, specific, informed and unambiguous indication of your wishes. We may request your consent where no other legal basis applies.

Usage Data

Collected: Pages visited, time on page, click paths, browser details.

Purpose: Analyze behavior, optimize performance, enhance UX.

Retention: 30 days

Legal basis: Consent

Online Identifiers

Collected: IP address, device IDs (MAC, IMEI), browser type/version, OS.

Purpose: Secure platform, optimize performance, technical insights.

Retention: 30 days

Legal basis: Consent

Location Data

Collected: GPS, IP-based location.

Purpose: Personalize experiences and services.

Retention: 30 days

Legal basis: Consent

How we obtain personal data

Sources

  • Forms you complete
  • Conversations with support
  • Direct contact for other reasons
Requirement: In certain cases, providing personal data is a legal or contractual requirement, or necessary to enter into a contract.

How we share your information

With your consent

Grafokett AB may share your information for specific purposes with your explicit consent.

We do not transfer personal data outside the EEA.

Data subject rights

Your rights

  • Access
  • Rectification
  • Erasure
  • Restrict processing
  • Portability
  • Object
  • Be informed

Withdrawal of consent

You can withdraw consent anytime via the site banner or by contacting us. This does not affect processing before withdrawal.

How to exercise rights

Email [email protected]. We verify identity before acting. Requests are processed within one month (up to three if complex).

We may refuse requests if unfounded, disproportionate, or if GDPR exceptions apply. Reasons will be given in writing.

Right to lodge a complaint

You may complain to the supervisory authority if you believe your data is misused. In Sweden, this is Integritetsskyddsmyndigheten (IMY).

Security

Measures

  • Confidentiality obligations for third parties
  • Physical, technical, and administrative safeguards
  • Access limited to those with a need-to-know

Important note

No system is 100% secure, but we implement appropriate measures to minimize risks of unauthorized access or misuse.

Changes to this policy

We review and update this policy as needed. Changes apply immediately when published here. Please check back regularly.

Contact us

Name: Grafokett AB
Address: Gasverksgatan 21
Phone: +46 431 47 43 00