Privacy Policy for Apramae AB

Last updated: November 07, 2025

Apramae AB (“we”, “us”, or “Apramae”) is committed to protecting your personal privacy. This Privacy Policy explains how we collect, use, disclose, and protect your personal data in accordance with the EU General Data Protection Regulation (GDPR) and applicable Swedish law.

Apramae AB is the data controller for the processing of your personal data.

Swedish Company Registration No: 559395-9165
1. What personal data do we collect?

We only collect personal data that is necessary for our consulting services.

Examples of data we may process:

  • Contact details: Name, email address, phone number, job title, and company name (for clients, prospects, partners, and suppliers).

  • Correspondence: Content of emails, messages via contact forms, or meeting notes.

  • Billing information: Address, company registration number, and bank details for invoicing.

  • Technical data (when visiting our website, if launched): IP address, browser type, cookie data, and visitor statistics.

  • Other: Information you voluntarily provide during consulting assignments (e.g., CVs or business plans).

We do not collect special categories of personal data (e.g., health data, ethnic origin, political opinions) unless absolutely necessary and with your explicit consent.

2. How do we collect your data?

  • Directly from you: When you contact us via email, phone, LinkedIn, or in-person meetings.

  • Through agreements: In connection with consulting contracts or NDAs.

  • Automatically: Via cookies on our website (if we launch one) or email tracking pixels.

  • From third parties: Public registers (e.g., Bolagsverket, allabolag.se) or LinkedIn profiles for legitimate business development purposes.

3. On what legal basis do we process your data?

We only process personal data when we have a lawful basis under GDPR:

  • Performance of a contract (Art. 6.1 b): To deliver consulting services or handle invoicing.

  • Legal obligation (Art. 6.1 c): E.g., Swedish bookkeeping laws for invoices.

  • Legitimate interests (Art. 6.1 f): For business development, networking, and B2B marketing. Our interest overrides yours because we only process minimal professional contact details.

  • Consent (Art. 6.1 a): Only when you actively agree, e.g., for newsletters. You can withdraw consent at any time.

4. How do we use your data?

  • To deliver and invoice consulting services.

  • To communicate about projects, meetings, and updates.

  • To develop business relationships and offer relevant services.

  • To improve our operations and analyze market trends.

  • To comply with legal requirements (e.g., accounting).

5. Do we share your data with others?

We only share data when necessary:

  • Service providers: Accounting firms, IT providers (e.g., Microsoft 365, Google Workspace) – always under data processing agreements.

  • Authorities: Swedish Tax Agency, Companies Registration Office, or courts when legally required.

  • Business partners: Only with your explicit approval.

We do not transfer data outside the EU/EEA without appropriate safeguards (e.g., EU Standard Contractual Clauses).

6. How long do we keep your data?

  • Contracts and invoices: 7 years (Swedish Accounting Act).

  • Business contacts: As mutually agreed.

  • Cookies: Maximum 12 months.

  • Data is deleted as soon as the purpose is fulfilled and no legal basis remains.

7. Your rights under GDPR

You have the right, free of charge once per year, to:

  • Access your data (registry extract).

  • Rectify inaccurate data.

  • Erase your data (“right to be forgotten”) when no longer needed.

  • Restrict processing.

  • Object to processing based on legitimate interests.

  • Data portability – receive your data in a machine-readable format.

  • Withdraw consent at any time.

If you believe we mishandle your data, you may lodge a complaint with the Swedish Authority for Privacy Protection (IMY): imy@imy.se.

8. Security

We implement technical and organizational measures to protect your data:

  • Encryption of emails and files when needed.

  • Restricted access (only authorized personnel).

  • Regular security reviews.

9. Cookies and website

When we launch an official website, we will use:

  • Strictly necessary cookies (always active).

  • Analytical cookies (e.g., Google Analytics) only with your consent.

You can manage cookies in your browser settings.

10. Changes to this policy

We may update this policy. The latest version will be published on our website or sent to you in case of material changes.

Location

Stockholm

Privacy Policy