Privacy
Policy.
Last updated: January 2026
This policy describes how Quantro Consulting Group AB (Org.nr 559424-4666) collects, uses, and protects your personal data in accordance with the EU General Data Protection Regulation (GDPR) and applicable Swedish law.
1. Data Controller
Quantro Consulting Group AB, Org.nr 559424-4666, is the data controller responsible for processing your personal data. Contact us at: info@quantrogroup.com
2. Data We Collect
We collect personal data that you provide directly, including:
• Name and contact information (email, address, phone number)
• Payment details (processed securely via Stripe — we do not store card data)
• Order history and purchase records
• Communication records if you contact us
• Technical data such as IP address and browser type (via cookies)
3. Legal Basis for Processing
We process your personal data based on the following legal grounds under GDPR:
• Contract: To fulfil your order and provide our services
• Legal obligation: To comply with tax, accounting, and consumer law requirements
• Legitimate interest: To prevent fraud and ensure the security of our platform
• Consent: For marketing communications (you may withdraw consent at any time)
4. How We Use Your Data
Your data is used to process and deliver orders, manage customer service, prevent fraud, comply with legal obligations, and (with consent) send marketing communications. We do not sell or share your data with third parties for their own marketing purposes.
5. Data Sharing
We share data only with trusted service providers necessary to operate our business, including:
• Stripe: Payment processing
• Shipping carriers: Order fulfilment and delivery
• Vercel: Website hosting
All processors are contractually bound to GDPR-compliant data handling.
6. Data Retention
We retain personal data for as long as necessary to fulfil the purposes for which it was collected, or as required by law. Order records are retained for 7 years in compliance with Swedish bookkeeping law (Bokföringslagen).
7. Your Rights (GDPR)
Under GDPR, you have the right to:
• Access your personal data
• Rectify inaccurate data
• Request erasure ("right to be forgotten")
• Restrict or object to processing
• Data portability
• Withdraw consent at any time
To exercise any of these rights, contact: info@quantrogroup.com. We will respond within 30 days.
8. Cookies
We use essential cookies to operate the website and optional analytics cookies to improve performance. A cookie consent banner will request your preferences on first visit. You may manage cookies at any time through your browser settings.
9. Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or misuse. All data in transit is encrypted using TLS.
10. Complaints
If you believe we have not handled your data correctly, you have the right to lodge a complaint with the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten — IMY) at www.imy.se.
11. Changes to this Policy
We may update this Privacy Policy from time to time. The latest version will always be available on our website. Material changes will be communicated by email where required.