Privacy Policy

Last updated: 15th January 2026

Introduction

flashpointo AB ("we", "our", or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, process, and protect your personal information when you visit our website, use our services, or interact with us. We are the data controller for the purposes of the General Data Protection Regulation (GDPR) and other applicable data protection laws.

Data Controller Information

The data controller responsible for your personal data is:
flashpointo AB
Registration Number: 593758-5672
Odengatan 188, 706 00 Örebro, Sweden
Email: privacy@flashpointo.top
Phone: +46 199175570

Data We Collect

We may collect and process the following categories of personal data about you:

  • Contact Information: Name, email address, phone number, postal address, and company details when you contact us or request our services.
  • Communication Data: Records of your communications with us, including emails, phone calls, and messages through our contact forms.
  • Website Usage Data: Information about how you use our website, including IP address, browser type, pages visited, time spent on pages, and referral sources.
  • Technical Data: Device information, operating system, browser version, and other technical information collected through cookies and similar technologies.
  • Professional Information: Information about your role, organisation, and regulatory compliance needs when you engage our services.

How We Use Your Information

We use your personal data for the following purposes based on legitimate legal grounds:

  • Service Provision: To provide our finance regulatory adaptation services, respond to your enquiries, and fulfil our contractual obligations.
  • Communication: To communicate with you about our services, respond to your questions, and provide customer support.
  • Business Operations: To manage our business operations, maintain records, and comply with legal obligations.
  • Website Improvement: To analyse website usage, improve our services, and enhance user experience.
  • Marketing: With your consent, to send you information about our services, industry updates, and relevant regulatory developments.
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes.

Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

  • Contractual Necessity: Processing necessary for the performance of a contract with you or to take steps at your request prior to entering into a contract.
  • Legitimate Interests: Processing necessary for our legitimate business interests, such as providing services, improving our website, and maintaining business records.
  • Consent: Where you have given clear consent for specific processing activities, such as marketing communications.
  • Legal Obligation: Processing necessary to comply with legal obligations to which we are subject.

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner. For detailed information about the cookies we use, please refer to our Cookie Policy.

Data Sharing and Disclosure

We may share your personal data with the following categories of recipients:

  • Service Providers: Third-party vendors who provide services on our behalf, such as website hosting, email services, and analytics providers.
  • Professional Advisers: Lawyers, accountants, and other professional advisers who assist us in providing our services.
  • Regulatory Authorities: Where required by law or regulation, we may share information with regulatory bodies and law enforcement agencies.
  • Business Transfers: In the event of a merger, acquisition, or sale of our business, your data may be transferred to the new owners.

International Data Transfers

We primarily process your data within the European Economic Area (EEA). If we transfer your data outside the EEA, we ensure appropriate safeguards are in place, such as adequacy decisions, standard contractual clauses, or other lawful transfer mechanisms recognised under GDPR.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected and to comply with legal obligations. Generally, we retain contact and communication data for up to 7 years after our last interaction, unless a longer retention period is required by law. Website usage data and cookies are typically retained for shorter periods as specified in our Cookie Policy.

Your Rights

Under GDPR and other applicable data protection laws, you have the following rights:

  • Right of Access: Request copies of your personal data and information about how we process it.
  • Right to Rectification: Request correction of inaccurate or incomplete personal data.
  • Right to Erasure: Request deletion of your personal data in certain circumstances.
  • Right to Restrict Processing: Request limitation of processing in certain circumstances.
  • Right to Data Portability: Request transfer of your data to another organisation in certain circumstances.
  • Right to Object: Object to processing based on legitimate interests or for direct marketing purposes.
  • Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encryption, access controls, regular security assessments, and staff training. However, no method of transmission over the internet or electronic storage is completely secure, and we cannot guarantee absolute security.

Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of these external sites. We encourage you to read the privacy policies of any third-party websites you visit.

Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal data from children under 16. If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date. We encourage you to review this policy periodically.

Contact Information

If you have any questions about this Privacy Policy, wish to exercise your rights, or have concerns about how we handle your personal data, please contact us:

Privacy Officer

flashpointo AB

Email: privacy@flashpointo.top

Phone: +46 199175570

Address: Odengatan 188, 706 00 Örebro, Sweden

Supervisory Authority

You have the right to lodge a complaint with a supervisory authority if you believe our processing of your personal data violates applicable data protection laws. In Sweden, the supervisory authority is the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten).