How We Protect Your Information

Privacy Policy (Datenschutzerklärung)

1. Introduction

We take the protection of your personal data very seriously. This Privacy Policy explains how Livitron MidCo AB (“we”, “our”, “us”) processes personal data when you use our website and services. It complies with the EU General Data Protection Regulation (GDPR) and the Swedish Data Protection Act (Lag (2018:218) med kompletterande bestämmelser till EU:s dataskyddsförordning).

2. Controller

The controller responsible for the processing of your personal data is:

Livitron MidCo AB Sturegatan 34 114 36 Stockholm Sweden Corporate Identity No (Org. nr): 559446-8117 Email: info@livitron.com

3. Data Protection Officer

We are not currently required to appoint a Data Protection Officer (DPO) under Art. 37 GDPR. For all privacy-related questions, please contact us directly at info@livitron.com.

4. Categories of Personal Data

We may process the following categories of data:

  • Technical/usage data: IP address, browser type, operating system, time of access, referrer URL.
  • Contact form data: Name, email address, phone number (if provided), and your message.
  • Cookies & analytics data: Data about how you interact with our website.
  • Marketing/ads data: Data for ad measurement and retargeting (e.g., Google, LinkedIn).
  • CRM data (HubSpot): Contact information, form submissions, newsletter preferences, lead scoring.

5. Purposes and Legal Bases for Processing

Processing is carried out on the following legal bases (Art. 6 GDPR):

  • Website provision & security: Legitimate interest, Art. 6(1)(f).
  • Responding to inquiries: Performance of a contract or steps prior to entering into a contract, Art. 6(1)(b).
  • Analytics & statistics: Consent, Art. 6(1)(a).
  • Marketing & retargeting: Consent, Art. 6(1)(a).
  • Compliance with legal obligations: Art. 6(1)(c) (e.g., accounting laws).

6. Use of Service Providers & Tools

(a) Webflow (Hosting & CMS)

Our website is hosted on Webflow Inc., 398 11th Street, San Francisco, CA 94103, USA. Webflow processes technical data (IP, device, browser). Data may be transferred to the USA under EU Standard Contractual Clauses (SCCs).

(b) Google Tag Manager

Google Tag Manager (Google Ireland Ltd., Gordon House, Dublin) manages scripts and tags. GTM itself does not store cookies but triggers other tools (Analytics, Ads).

(c) Google Analytics 4

We use Google Analytics to analyze website usage. Data collected includes pages visited, time spent, device info, and IP addresses (anonymized via IP masking).

  • Provider: Google Ireland Ltd.
  • Legal basis: Consent, Art. 6(1)(a).
  • Data retention: 14 months.
  • Transfers to USA under SCCs/Data Privacy Framework.

(d) Google Ads (Conversion & Remarketing)

We use Google Ads for conversion tracking and remarketing. This sets cookies when you click an ad or visit our site, allowing us to measure effectiveness and show ads on other sites.

  • Legal basis: Consent, Art. 6(1)(a).

(e) LinkedIn Insight Tag

We use LinkedIn Insight Tag (LinkedIn Ireland Unlimited Company, Dublin). This allows campaign measurement, retargeting, and aggregated demographic reporting. LinkedIn sets cookies and may combine your data with account information.

  • Legal basis: Consent, Art. 6(1)(a).
  • Data storage: Up to 90 days.

(f) HubSpot CRM & Marketing

We use HubSpot (HubSpot Ireland Ltd., Dublin; HubSpot Inc., Cambridge, USA) for forms, newsletters, marketing automation, and CRM. HubSpot sets cookies to recognize returning visitors and to track form submissions.

  • Legal basis: Consent (newsletter, analytics cookies), Art. 6(1)(a); Contract/pre-contractual measures for inquiries, Art. 6(1)(b).
  • Data transfers to USA under SCCs.

7. Cookies & Consent Management

We use a cookie consent banner to obtain your choice before placing non-essential cookies. You can:

  • Accept or reject all non-essential cookies.
  • Manage preferences.
  • Withdraw consent anytime via “Cookie Settings” in the footer.

Details are provided in our Cookie Policy.

8. Disclosure of Data

We may disclose personal data to:

  • Hosting and IT providers (Webflow, HubSpot, Google, LinkedIn).
  • Authorities where legally required (e.g., Swedish Tax Agency / Skatteverket).
  • Processors under Art. 28 GDPR with whom we have signed Data Processing Agreements (DPA).

9. Transfers to Third Countries

Some providers (Google, LinkedIn, HubSpot, Webflow) are based outside the EU/EEA (specifically the USA). Data is transferred ensuring appropriate safeguards are in place, such as the EU Standard Contractual Clauses (SCCs) or the EU-U.S. Data Privacy Framework (where applicable).

10. Retention of Data

We retain data only as long as necessary for the purpose:

  • Log files: Deleted after 30–90 days.
  • Contact form data: Stored for up to 24 months or as long as relevant for the inquiry.
  • Analytics cookies: Up to 2 years.
  • CRM data: Stored as long as a business relationship exists or until a valid deletion request is received.
  • Legal obligations: Accounting material is retained for 7 years in accordance with the Swedish Bookkeeping Act (Bokföringslagen).

11. Your Rights

Under the GDPR, you have the right to:

  • Access your data (Art. 15).
  • Rectify incorrect data (Art. 16).
  • Erase data (Art. 17).
  • Restrict processing (Art. 18).
  • Data portability (Art. 20).
  • Object to processing (Art. 21).
  • Withdraw consent (Art. 7(3)).

Right to Lodge a Complaint: If you believe our processing violates data protection laws, you have the right to lodge a complaint with the Swedish supervisory authority:

Integritetsskyddsmyndigheten (IMY) Box 8114 104 20 Stockholm Sweden Email: imy@imy.se Website: www.imy.se

12. Automated Decision-Making / Profiling

We do not carry out automated decision-making that has legal or similarly significant effects on you.

13. Updates

We may update this Privacy Policy to reflect legal or technical changes. Last updated: January 7, 2026