Personal Data Protection Policy

Personal Data Protection Policy

Your privacy is important to us, and we are responsible for the personal information you provide us. This policy describes how we process, store, and handle your personal information when you are a customer with us.

It also describes your rights and how you can enforce them. It is important that you take note of and understand the privacy policy and feel safe in our processing of your personal data.

Responsible for managing personal data

Spivi AB is responsible for the processing of personal data described in this policy.

If you have any questions or want to invoke any of your rights, you can reach us at:

Address: Holländargatan 30
Postal address: 11359 Stockholm
Phone number: 0707996711

How do we access the personal data?

In addition to the information you provide to us, or which we collect from you in connection with you becoming a customer with us, contacting us or applying for employment with us, we may also collect personal information from another, so-called third party.

What personal data do we process?

We may process the following categories of personal data:

  • Contact information such as name, e-mail address, telephone number and age.

How do we process your personal data?

We process your personal data primarily to fulfill our obligations to you. Our starting point is not to process more personal data than what is needed for the purpose, and we always strive to use the least privacy-sensitive data.

Below, you can find information about which personal data processing is available.

Provide and fulfil agreements on services / goods

We process personal data in order to fulfil our agreement and provide services / goods to you. We process personal data for our administration and invoicing of services / goods, for credit information purposes, to handle complaints, to help you with questions about your service / product when you contact our customer service and otherwise to safeguard our rights and fulfil our obligations under our agreement with you. Personal information we handle in this processing is contact information, identity-related personal information, and financial personal information.


We process your personal data in order to be able to fulfill the statutory obligations incumbent on us, such as the Accounting Act’s requirements for archiving accounting material. Personal information we handle in this processing is contact information, identity-related personal information and financial personal information.


We process personal data to enable marketing of goods / services to you and to enable the sending out of newsletters for the services / goods you are interested in in general and information about the company as well as to enable invitation to events in areas of your interest. Personal information we handle in this processing is contact information.

What legal basis do we have for our personal data processing?

We process your personal data in order to administer and provide the agreed service / product. With regard to the processing of personal data in order to fulfill requirements such as the Accounting Act or the tax legislation, the legal basis for processing is a legal obligation.

For the marketing and pre-employment treatments, the legal basis is our legitimate interest. This means that we believe that our interests in processing your personal data for these purposes listed above outweigh the privacy breach to which you are exposed as a result of the processing. This assessment has been made especially taking into account that we believe that the treatment will be beneficial for you.

With regard to personal data in connection with job applications that have no connection with a recruitment process or completed recruitment process, we will save your personal data for any future recruitment needs only if you have specifically agreed to this.

How long do we store your personal information?

We store your personal information as long as you are a customer with us and up to 12 months thereafter. Some personal data is stored for a longer period of time, for example to meet requirements from the Accounting Act and tax legislation. When the purposes of the treatments have been fulfilled and the storage period has expired, your personal data will be securely deleted or anonymised so that it can no longer be linked to you.

About cookies

A cookie is a small text-based data file that a web server requests to be stored in your browser. By generally sending the content of the cookie back with each request to the relevant website, it is possible for the server to keep track of the visitor’s preferences, behaviour, or identity (insofar as it is known). We use the following cookies on our website:

  • Session cookies (a temporary cookie that expires when you close your browser or device).
  • Permanent cookies (cookies that remain on your computer until you delete them, or they expire).
  • Third-party cookies (cookies set by a third-party website. With us, these are primarily used for analyses, such as Google Analytics.

The cookies we use aim to improve the services we offer. Cookies give the website better functionality and make it easier for you as a user. We also use cookies to collect and analyse behavioural data based on your use of the website and services in order to improve the user experience and also enable individualized communication and messages to you as a user. We also use cookies to be able to direct relevant marketing to you.

How can you handle cookies?

You can change the settings for the use and scope of cookies in your browser at any time. You can then choose to block all cookies, only accept certain cookies or delete cookies when you close your browser. If you choose to block or delete cookies, this may mean that certain services cannot be used or that the website does not work correctly in all respects.

Who do we share personal information with?

Our starting point is not to disclose the data subject’s personal data to third parties if the data subject has not consented to it or if it is not necessary to fulfill our obligations under agreement or law. In cases where we disclose personal data to third parties, we ensure that the personal data is processed in a secure manner.

  • Service providers

In order to fulfil the purposes of our processing of your personal data and to fulfil the requirements that we owe as a company, we share personal data with companies that provide services to us. These companies may only process personal data in accordance with the personal data assistant agreement signed with the company and in accordance with the instructions they receive in connection with this. They may not use your personal data for their own purposes, and they are obliged by law and agreement to protect your personal data. A service provider may not share your personal information with third parties or subcontractors without our consent.

  • Authorities

We may provide necessary information to authorities if we are required by law to do so. This information may include your personal information. In connection with a legal dispute, it may also be relevant to transfer information that may contain personal data to other parties involved in the dispute.

How is your personal data protected?

We protect your personal data through a combination of technical and organizational solutions. We have taken special security measures to protect your personal data against illegal or unauthorised access. We develop routines and working methods for your personal data to be handled in a secure manner. Only those who require to process your personal data for their work tasks have access to it.

Your rights

As registered with us, you have the following rights:

  • You have the right to request an extract from the register where you can see what personal information we have about you.
  • You have the right to request correction if we have incorrect or incomplete personal information registered about you.
  • You have the right to have your personal data deleted under these conditions:

– The information is no longer needed for the purpose for which it was collected.

– If the information is saved with your consent and you revoke the consent.

– If the treatment is based on a balance of interests and there are no justifiable reasons that outweigh your interest.

– If the personal data has been processed illegally.

– If deletion is required to fulfill a legal obligation.

– If you object to treatment for direct marketing purposes.

The right to have personal data deleted does not apply if we are obliged by law (e.g. the Accounting Act) to keep the data.

  • You have the right to data portability (the right to have your personal data transferred) provided that the legal basis is consent or agreement and what you can obtain is personal data concerning you, which you have provided yourself or which has been generated by your documents / activities.
  • You have the right to request that the processing of your personal data be restricted. However, if you request a restriction on your processing of personal data, this may mean that we will not be able to fulfil our possible obligations to you during the period in which the restriction is in force.
  • You have the right to object to a processing of personal data that has a balance of interests as a legal basis. In order for us to be able to continue with the current treatment, we need to be able to show a compelling justified reason for the treatment that outweighs your interests, rights or freedoms. Otherwise, we may only process the data to establish, exercise or defend legal claims.
  • You always have the right to object to your personal data being used for direct marketing. If an objection is made to direct marketing, the personal data may no longer be processed for such purposes.

If you are not satisfied with the response you have received from us, you have the right to submit a complaint to the supervisory authority.