Contact us
Contact us

Privacy Policy

Privacy Policy

Last updated: October 15, 2025
Applies to: Citizens and legal permanent residents of the European Economic Area (EEA) and Switzerland.

1. Introduction

This Privacy Policy explains how we collect, use, and protect your personal data when you visit our website https://www.gibsonkonsult.se or otherwise interact with us.

We value your privacy and are committed to handling your personal data in accordance with the EU General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Data Controller

The data controller responsible for the processing of personal data on this website is:

Gibson Konsult AB
Sollidsgatan 7, 414 76 Göteborg
Sweden
Website: https://www.gibsonkonsult.se
Email: christopher@gibsonkonsult.se
Phone number: 0705 81 30 09

If you have any questions regarding this policy or our processing of personal data, please contact us using the details above.

3. Personal Data We Collect

We may collect and process the following categories of personal data:

  • Contact information: such as your name, email address, phone number, and company name when you contact us.
  • Communication data: content of messages or inquiries you send via forms, email, or phone.
  • Usage data: technical information such as IP address, browser type, and device information collected automatically when you visit our website. This data is necessary for the proper functioning and security of the website and may also be used for anonymized analytics.
  • Client data: information required to deliver services, manage contracts, invoices, or ongoing projects.

4. How We Use Personal Data

We process personal data for the following purposes:

  • To operate, maintain, and improve our website and services.
  • To respond to inquiries and provide customer support.
  • To perform and manage contractual relationships.
  • To send relevant information or marketing communications, only when you have given consent.
  • To comply with legal or regulatory obligations.

5. Legal Basis for Processing

We process your personal data based on one or more of the following legal grounds:

  • Consent – when you have explicitly consented to certain processing (e.g., marketing emails or optional cookies).
  • Contractual necessity – when processing is required to perform or prepare a contract with you.
  • Legal obligation – when required to comply with applicable law.
  • Legitimate interest – when processing is necessary for our legitimate business interests, such as website security, service improvement, or preventing misuse, provided that your rights and freedoms are not overridden.

6. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes described in this policy or as required by law.
When the data is no longer needed, it will be securely deleted or anonymized.

7. Sharing of Personal Data

We do not sell or rent personal data to third parties.

We may share personal data with:

  • Service providers and partners who assist us in operating the website, analytics, communications, or billing.
  • Public authorities when required by law.

All third parties that process data on our behalf are bound by confidentiality and data protection agreements that ensure compliance with the GDPR.

8. Cookies and Similar Technologies

We use cookies and similar technologies to improve your experience and collect statistics.
For detailed information on the types of cookies we use and how to manage your preferences, please refer to our Cookie Policy.

9. Your Rights

Under the GDPR, you have the following rights:

  • Right to be informed – to know how your personal data is used.
  • Right of access – to obtain a copy of your personal data.
  • Right to rectification – to correct inaccurate or incomplete data.
  • Right to erasure (“right to be forgotten”) – to request deletion of your data.
  • Right to restrict processing – to limit how we use your data.
  • Right to data portability – to receive your data in a structured, commonly used format and transfer it to another controller.
  • Right to object – to object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent – at any time, without affecting the lawfulness of processing before withdrawal.

To exercise these rights, please contact us using the details provided below.
You also have the right to file a complaint with your national data protection authority. In Sweden, this is the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten – IMY) at https://www.imy.se.

10. Data Security

We take appropriate technical and organizational measures to protect personal data against unauthorized access, loss, misuse, or alteration.
These measures include secure servers, access controls, encryption, and regular reviews of our data handling practices.

11. International Data Transfers

Some of our service providers or third-party tools (e.g., Google, Meta) may process personal data outside the European Economic Area (EEA).
In such cases, we ensure that appropriate safeguards are in place, such as the use of the EU Commission’s Standard Contractual Clauses (SCCs) or the provider’s location in a country with an adequate level of data protection.

12. Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal and regulatory reasons.
The latest version will always be available on our website, with the date of the most recent revision clearly stated.

13. Contact Information

If you have questions, comments, or would like to exercise your data protection rights, please contact us at:

Gibson Konsult AB
Sollidsgatan 7, 414 76 Göteborg
Sweden
Website: https://www.gibsonkonsult.se
Email: christopher@gibsonkonsult.se
Phone number: 0705 81 30 09