Privacy Policy

1. General Information

We would like to inform you about the purpose and extent of personal data collection while using our website and other digital channels controlled by Steelwrist AB, reg. no. 556617-0048 („Company“). This policy applies to all information gathered about you through the use of our website.

This policy is effective as of 2025-03-12 and will be reviewed annually.

Use of Mobile Applications

For users of Steelwrist mobile applications, including QuantumConnect, additional personal and app-specific data may be collected, such as equipment configurations, operational metrics, templates, crash/error logs, and device information. For details, please refer to the Steelwrist Mobile Apps Privacy Policy, which governs the collection, use, and retention of this data. Both policies are complementary and should be read together to fully understand how your personal data is processed and protected.

2. Data Controller

Steelwrist AB, reg. no. 556617-0048, is the data controller responsible for processing personal information in compliance with GDPR and other applicable regulations.

We ensure that collected personal data is used only for its intended purpose and is protected against unauthorized access and misuse.

3. Data Collection & Usage

Types of Data Collected

We collect the following types of personal data if consented by user:

• Personal Information: We do not collect this data unless you explicitly provide it by filling out a contact form and consenting to this privacy policy. This may include name, email, phone number, company name, and job title.
• Technical Data: IP address, device information, browser type.
• Payment Information: If applicable, payment transactions are securely processed via third-party payment providers. We do not collect or store payment details ourselves; all payment information is handled directly by providers such as Stripe in accordance with their privacy policies.
• Behavioral Data: Pages visited, interactions, time spent on pages.

Methods of Collection

• We use contact forms, sign-up forms, and event registrations.
• We use cookies and tracking technologies to enhance user experience, analyze website traffic, and support marketing activities. Additionally, our website integrates with third-party services for analytics, advertising, and payment processing. For detailed information about these services and how they function, please refer to our Cookie Policy.

Purpose of Data Collection

• To provide and improve our services.
• To communicate updates, marketing materials, and event invitations.
• To process transactions securely.
• To analyze website performance and enhance user experience.
• For automated profiling and targeted marketing.

We do not use profiling that produces legal effects concerning you or significantly affects you in a similar way.

Our services are not directed to, and we do not knowingly collect personal data from, children under the age of 16. If we become aware that we have inadvertently collected such information, we will delete it promptly.

Mobile App Data

Data collected via Steelwrist mobile applications may include equipment configurations, operational metrics, templates, usage patterns, crash/error logs, and device information. This data is processed strictly for service provision, technical support, diagnostics, performance monitoring, and feature improvement. Marketing or profiling is performed only with explicit consent.

4. Data Sharing with Third Parties

Personal data may be shared with third parties for advertising, analytics, CRM, and payment processing. These services help us enhance user experience, analyze website traffic, and facilitate transactions. For specific details on third-party integrations, please refer to our Cookie Policy. A current list of third-party processors is available on request.

App-specific third-party services, such as cloud storage providers, analytics SDKs (e.g., Firebase, Sentry), platform services (Google Play Services, Apple App Store), and technical support partners, are also used to process mobile app data. All third parties are contractually bound to use data only for the purposes described in the Mobile Apps Privacy Policy.

5. User Rights & Compliance

Under GDPR, you have the right to:

• Access, correct, or delete your personal data.
• Object to data processing based on legitimate interest.
• Withdraw consent for marketing communications.
• Request data portability.
• Receive notification of data breaches.
• Request restriction of processing of personal data under certain conditions.

To exercise these rights, contact us at [email protected].

If you believe your rights have been violated, you have the right to lodge a complaint with the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten, IMY), Box 8114, 104 20 Stockholm, https://www.imy.se/en/individuals/forms-and-e-services/file-a-gdpr-complaint/

6. Legal Basis for Processing

We process personal data based on the following legal bases:

Consent
When users voluntarily provide personal data via forms or accept cookies for tracking.

Contractual Necessity
When data processing is required to fulfill a contract (e.g., processing orders).

Legal Obligation
When we must process data to comply with laws (e.g., tax regulations for transactions).

Legitimate Interest
When we use data to improve user experience, marketing efforts, or fraud prevention, provided that such interests do not override users’ rights.

Legal Basis for App Data

For data collected via Steelwrist mobile applications, processing is based on the following legal bases:

Consent: for marketing, optional features, telemetry, or location-based functionality.

Contractual Necessity: to provide app services or requested features.

Legal Obligation: for regulatory or tax compliance.

Legitimate Interest: to improve app stability, provide diagnostics, prevent fraud, and enhance service performance.

7. Data Retention

We retain data as follows:

• User Accounts: Until the user requests deletion.
• Payment Data: Per financial regulations (e.g., 7 years for tax compliance).
• Analytics Data: 14 months per Google Analytics 4 (GA4) default setting).
• CRM / marketing data: We retain CRM and marketing data for up to 3 years after your last interaction with us, unless you withdraw consent earlier. We maintain records of user consent to demonstrate compliance with GDPR requirements.

Retention of App Data

Retention periods for data collected via Steelwrist mobile applications are defined in the relevant Mobile Apps Privacy Policy. These retention periods are harmonized with web data retention schedules to ensure compliance with GDPR and other applicable data protection laws.

8. Data Security Measures

We take all reasonable precautions to secure your personal data, including:

• SSL Encryption for secure data transfer.
• Access Controls to restrict unauthorized data access.
• Compliance with EU & Swedish Data Protection Laws.

9. Cookies & Tracking

We use cookies and similar technologies for analytics, marketing, and improving user experience.

Types of Cookies Used:

• We use cookies necessary for website functionality, as well as those that help us analyze visitor interactions and support marketing activities. Some cookies enable session tracking to enhance user experience. For more details on the types of cookies and third-party integrations, please refer to our Cookie Policy.
• Users can manage cookie preferences via browser settings or our Cookie Policy.

10. Forms & Submissions

If you have entered personal information in any of our forms, you have the right to request access to the information you provided. You can also request that we remove all the information we have about you, except for data that we must retain for administrative, legal, or security purposes.

Form submissions from visitors may be checked through an automated spam detection service to prevent fraudulent activity.

11. Embedded Content from Other Sites

Articles on this site may contain embedded content (such as videos, images, or articles). Embedded content from other websites behaves in the same way as if the visitor had accessed the external site directly. These external sites may collect data, use cookies, embed additional third-party tracking, and monitor interactions with the embedded content, especially if the user has an account and is logged in to that site. We encourage reviewing the privacy policies of these external platforms before interacting with embedded content.

12. Data Breach Notification

In the event of a personal data breach, Steelwrist AB will notify the relevant supervisory authority within 72 hours of becoming aware of the breach, unless the breach is unlikely to result in risk to your rights and freedoms. If the breach is likely to result in a high risk, we will also inform affected individuals without undue delay.

13. Links to Other Sites

This privacy policy does not apply to external websites linked from the Steelwrist website. We recommend reviewing their respective privacy policies before providing any personal information, as we do not control how they collect or process data.

14. Data Transfers & Regional Privacy Compliance

This section applies to users outside the EU/EEA, including North America and other regions where local privacy regulations may apply.

We process personal data primarily within the EU/EEA. However, in cases where personal data is transferred outside the EU/EEA, we ensure adequate safeguards, such as the European Commission’s Standard Contractual Clauses (SCCs), to protect your personal data in compliance with GDPR. You may request a copy of the safeguards applied to data transfers outside the EU/EEA by contacting us at [email protected]

For users in jurisdictions with specific data protection laws, such as the California Consumer Privacy Act (CCPA) in the U.S. or PIPEDA in Canada, additional rights may apply.

Additional Rights Based on Your Region:

California (CCPA/CPRA): Users in California may have rights to request access to, deletion of, or opt out of the sale of their personal data.

Canada (PIPEDA): Canadian users have rights to data access, correction, and transparency regarding how personal data is used.

UK Compliance (UK GDPR): Since our company has a physical office in the UK, our processing activities must comply with UK GDPR. Any user inquiries regarding data protection within the UK can be directed to our UK office at:

Steelwrist UK LTD
Unit 1f Vantage Business Park
Bloxham Road, Banbury
OX16 9UX
United Kingdom

Australia Compliance: As we process data from Australian users, we comply with the Privacy Act 1988 and the Australian Privacy Principles (APPs). Users in Australia can contact our Australian office at:

Steelwrist Australia PTY Ltd
Unit 2
2 Avatonbell Drive
Luscombe, QLD 4207
Queensland, Australia

Other Regions: If your country has specific data protection laws, we encourage you to review applicable rights.

Mobile App Users

For app-related data transferred outside the EU/EEA, safeguards include EU adequacy decisions, Standard Contractual Clauses (SCCs), and other appropriate protections, as detailed in the Mobile Apps Privacy Policy.

For users of Steelwrist mobile applications, the rights and protections described in this section also apply. Each app complies with GDPR, UK GDPR, CCPA/CPRA, PIPEDA, and Australian Privacy Principles (APPs) as applicable. App users can exercise their rights via [email protected].

15. Policy Updates & Notifications

Changes to this policy will be posted on this page. Significant updates may also be communicated via email.

16. Contact Information

For inquiries, data updates, or corrections, please contact:

STEELWRIST AB

Visiting address: Titangatan 9, SE-195 72 Rosersberg
Phone number: +46 8 626 07 00
Email: [email protected]