Privacy Policy

We respect your privacy. This policy describes what personal data we collect, why we collect it, how long we keep it, and what rights you have under the GDPR (EU General Data Protection Regulation 2016/679).

Data Controller

Mobile Minds AB is the data controller for the personal data processing described in this policy.

Mobile Minds AB

Org. no: 559484-6296

Kivra: 559484-6296, 106 31 Stockholm, Sweden

Contact person: Mattias Pettersson

Email:

Phone: +46 8 502 350 18

What data do we collect?

Contact form

When you submit a request via our contact form we collect the details you provide: name, email address, phone number (optional), company name (optional), and your message or project description.

Email communication

If you contact us directly by email, the correspondence relating to your enquiry or project is retained.

Web analytics (Google Analytics)

If you consent to analytics cookies, we collect anonymised visit data: page views, approximate geographic region, device type, and traffic source. No data that can be directly linked to you is collected — IP addresses are automatically truncated before processing.

Cookies and localStorage

We store your cookie consent in your browser's localStorage under the key mm_consent. This information never leaves your device and is used solely to remember your preference. Read more in our cookie policy.

Legal Basis

Contact form and email

Legitimate interest (Art. 6(1)(f) GDPR)

We process your data in order to respond to your enquiry and handle incoming business contacts. It is our legitimate interest to manage incoming business enquiries efficiently.

Web analytics (Google Analytics)

Consent (Art. 6(1)(a) GDPR)

Analytics cookies are only activated if you actively accept them via our cookie banner. You may withdraw your consent at any time via Cookie settings in the footer.

Client projects and invoicing

Performance of a contract (Art. 6(1)(b) GDPR)

If we enter into a project agreement, your data is processed to fulfil that contract, including delivery and invoicing.

How long do we keep your data?

Data Retention period
Contact form data 12 months from the date of submission, then deleted
Email correspondence For the duration of the client relationship + 12 months
Google Analytics data 14 months (Google Analytics default setting)
Cookie consent (localStorage) Until you change your preference or clear browser data

How do we use your data?

  • To respond to enquiries and begin a business dialogue.
  • To deliver and invoice client projects.
  • To analyse website traffic in anonymised form in order to improve content and user experience (only with your consent).
  • To fulfil legal obligations, such as accounting and bookkeeping requirements.

Third Parties and International Transfers

Google Analytics (USA)

Used for web analytics, only if you consent. Google LLC is certified under the EU–US Data Privacy Framework, ensuring an adequate level of protection. IP addresses are anonymised before transfer.

Amazon SES (eu-north-1, Stockholm)

Used to send email confirmations when you submit the contact form. Data is processed within the EU (eu-north-1 = Stockholm). Amazon Web Services, Inc. acts as a data processor under standard contractual clauses (SCCs).

Cloudflare (CDN and DDoS protection)

All web traffic to mobileminds.se passes through Cloudflare's network. Cloudflare Inc. (USA) acts as a data processor under standard contractual clauses and is certified under the EU–US Data Privacy Framework. Cloudflare processes no personal data beyond what is required to deliver and secure the service.

We never sell, rent, or share your personal data with third parties for marketing purposes.

Security Measures

We implement appropriate technical and organisational measures to protect your data:

  • All communication is transmitted over HTTPS using TLS encryption (minimum TLS 1.2).
  • Email is sent via encrypted protocols (STARTTLS, port 587) through Amazon SES.
  • Form submissions are backed up in an encrypted JSON file on the server with restricted access.
  • CSRF protection (token-based) on all forms prevents unauthorised submissions.
  • No passwords, payment details, or sensitive personal data are stored on our servers.
  • Access to stored data is restricted to authorised personnel.

Your Rights

Under the GDPR you have the following rights. Contact us at to exercise any of them. We will respond within 30 days.

  • Access (subject access request): You have the right to request a copy of the personal data we hold about you, including the purposes and legal basis for processing.
  • Rectification: You have the right to request that inaccurate or incomplete data be corrected.
  • Erasure ("right to be forgotten"): You have the right to request that your data be deleted where the GDPR permits this — for example when the purpose for processing no longer applies.
  • Restriction of processing: You have the right to request that we restrict processing of your data in certain circumstances, such as while a dispute about the accuracy of the data is being resolved.
  • Data portability: You have the right to receive your data in a machine-readable format and transfer it to another controller, where processing is based on consent or contract.
  • Objection: You have the right to object to processing based on legitimate interests. We will then stop processing unless we can demonstrate compelling legitimate grounds that override your rights.
  • Withdraw consent: Where processing is based on consent (e.g. analytics cookies), you may withdraw your consent at any time via Cookie settings in the footer. Withdrawal does not affect the lawfulness of processing carried out before withdrawal.
  • Lodge a complaint: You have the right to lodge a complaint with a Data Protection Authority (DPA). For Sweden: Integritetsskyddsmyndigheten (IMY), Box 8114, 104 20 Stockholm, imy@imy.se, www.imy.se. You may also contact the DPA in your country of residence within the EEA.

Contact Regarding Personal Data

If you have questions about how we process your data, or wish to exercise any of your rights, please contact us — we will respond within 30 days.

Mobile Minds AB

Org. no: 559484-6296

Kivra: 559484-6296, 106 31 Stockholm, Sweden

Contact: Mattias Pettersson

Email:

Phone: +46 8 502 350 18

Updates to this Policy

We may update this privacy policy when our operations or applicable legislation change. The date of the latest revision appears below. We recommend that you review this policy periodically. For material changes, we will notify you by email if we hold your contact details.

Last updated: February 2026