Privacy Policy

Last updated:

1. Data Controller

The data controller responsible for processing your personal data on this website is:

Vaultarbit
Drottninggatan 30, 411 14 Göteborg, Sweden
Email: callme@vaultarbit.world
Phone: +46 70 297 94 32

Processing of personal data on this website is governed by the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and applicable Swedish law, including the Swedish Data Protection Act (Lag (2018:218) med kompletterande bestämmelser till EU:s dataskyddsförordning), insofar as it supplements the GDPR.

2. What Data We Collect

We may collect and process the following categories of personal data:

  • Contact information: name, email address, and message content provided through our contact form.
  • Technical data: IP address, browser type and version, operating system, referring URL, pages visited, time and date of visit.
  • Cookie data: information collected through cookies and similar tracking technologies, as described in our Cookie Policy.

3. Purpose of Data Processing

We process your personal data for the following purposes:

  • To respond to your inquiries submitted through the contact form.
  • To ensure the technical functionality and security of the website.
  • To analyze website usage patterns and improve our content, if we deploy analytics tools in the future (only with your consent where required).
  • To comply with legal obligations.

4. Legal Basis for Processing

We process your data based on the following legal grounds under the General Data Protection Regulation (GDPR):

  • Consent (Art. 6(1)(a) GDPR): When you submit the contact form or accept optional cookies.
  • Legitimate interest (Art. 6(1)(f) GDPR): For website security, fraud prevention, and operating the site (not for third-party analytics or ads unless you consent).
  • Legal obligation (Art. 6(1)(c) GDPR): When required by applicable law.

We do not use optional analytics or marketing technologies unless you have enabled the relevant category in the cookie preference tool on this website.

5. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes described in this policy:

  • Contact form submissions: retained for up to 12 months after the inquiry is resolved.
  • Technical/log data: retained for up to 90 days.
  • Cookie consent records: retained for up to 12 months.

After the retention period, data is securely deleted or anonymized.

6. Data Sharing and Transfers

We do not sell your personal data. We may share your data with:

  • Hosting providers and IT service providers who process data on our instructions (processors), typically under a data processing agreement (Art. 28 GDPR).
  • Providers of content delivery or font services when you load resources from their infrastructure (they may process technical data such as IP address as independent controllers; see their privacy notices).
  • Legal authorities if required by law.

If any transfer occurs outside the European Economic Area (EEA), the United Kingdom, or other jurisdictions not covered by an adequacy decision, we implement appropriate safeguards such as Standard Contractual Clauses approved by the European Commission, unless a specific derogation applies.

7. Your Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Right of access: You may request a copy of the data we hold about you.
  • Right to rectification: You may request correction of inaccurate data.
  • Right to erasure: You may request deletion of your data under certain conditions.
  • Right to restrict processing: You may request that we limit how we use your data.
  • Right to data portability: You may request your data in a structured, machine-readable format.
  • Right to object: You may object to processing based on legitimate interests.
  • Right to withdraw consent: You may withdraw consent at any time without affecting the lawfulness of prior processing.
  • Right to lodge a complaint: You may lodge a complaint with a supervisory authority (see Section 13 below).

To exercise any of these rights, please contact us using the details in Section 1. We will respond within one month where required by the GDPR, subject to any permitted extension.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These include HTTPS encryption, access controls, and regular security reviews.

9. Cookies

For detailed information about cookies, similar technologies, and how to manage preferences, please refer to our Cookie Policy.

10. Automated Decision-Making and Profiling

We do not make decisions based solely on automated processing, including profiling, which produce legal effects concerning you or similarly significantly affect you within the meaning of Article 22 GDPR.

11. Children

This website is not directed at children, and we do not knowingly collect personal data from anyone under 16 years of age. If you believe a child has provided us with personal data, please contact us using the details in Section 1 so we can delete such information where required.

12. Direct Marketing

We use contact form data to respond to your inquiry, not for unsolicited direct marketing, unless you have given separate, explicit consent for marketing where such an option is offered.

13. Complaints and Supervisory Authority

If you believe your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority. In Sweden, the lead authority for many matters is:

Integritetsskyddsmyndigheten (IMY)
Box 8114, 104 20 Stockholm, Sweden
Website: www.imy.se

You may also contact the supervisory authority in the EU/EEA member state of your habitual residence or place of work.

14. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.