Privacy Policy


Effective Date: 2025-03-04

1. Introduction

1.1 ORBICAP AB ("we," "our," "us") is committed to protecting your privacy and safeguarding your personal data.

1.2 This policy applies when we act as a data controller concerning your personal data.

1.3 Our policy complies with the EU General Data Protection Regulation (GDPR) and applicable Swedish data protection laws.

1.4 We are required by law to inform you about your rights and our obligations regarding the processing and controlling your personal data. More details are available at www.knowyourprivacyrights.org.

1.5 In this policy, references to "we," "us," and "our" refer to ORBICAP AB. For more information, see Section 11.

2. The Personal Data We Process

We may collect, use, store, and transfer different types of personal data, categorised as follows:

  • Identity Data – First name, last name, title, and other identifiers.

  • Contact Data – Email address, telephone number(s), and mailing address.

  • Personal Profile Data – Purchases, interests, preferences, feedback, and survey responses.

  • Financial Data – Bank details and payment information for service transactions.

  • Communication Data – IP address, browser type, time zone, and device information.

  • Marketing Data – Preferences for receiving marketing communications.

  • Training Data – Recordings, chat logs, and attendance information from online training sessions.

  • Anonymous Data – Aggregated data that does not identify individuals.

We do not collect sensitive personal data (e.g., race, health status, religious beliefs).

Failure to provide required personal data may prevent us from delivering our services.

3. Purposes of Processing Data and Legal Bases

We process personal data for the following purposes:

3.1 Operations

  • Purpose: Website operation, order processing, and business administration.

  • Legal Basis: Legitimate Interests.

3.2 Contractual Obligations

  • Purpose: Fulfilling contracts for consulting and training services.

  • Legal Basis: Contractual Necessity.

3.3 Communication

  • Purpose: Responding to inquiries and tracking communication.

  • Legal Basis: Legitimate Interests.

3.4 Training Services

  • Purpose: Conducting online training, issuing certificates, and collecting feedback.

  • Legal Basis: Contractual Necessity and Legitimate Interests.

3.5 Consent

  • Purpose: Marketing activities, including newsletters and promotions.

  • Legal Basis: Consent.

3.6 Legal Obligation

  • Purpose: Compliance with legal and regulatory requirements.

  • Legal Basis: Legal Obligation.

4. Data Retention Periods

We retain personal data only as long as necessary for the stated purposes. Client project data is retained for five years after project completion. Training registration data is retained for three years after the training session. Financial data is retained for seven years for accounting and legal purposes. Marketing data is retained until consent is withdrawn. Communication data is retained for two years after the last interaction. Training session data is retained for one year after session completion. Retention periods may be modified due to legal, contractual, or business requirements.

5. Sharing Your Personal Data

We may share your data with trusted third parties, including:

  • Google Meet for online training sessions.

  • Squarespace for website hosting and analytics.

  • Payment Processors for handling transactions.

  • Legal Authorities if required by law.

We ensure that all third parties adhere to strict data protection standards.

6. Cookies

Our website uses cookies. Our Cookie Policy details how we use cookies and how you can manage your preferences.

7. Data Security

7.1 We implement SSL encryption and other security measures to protect your data.

7.2 We ensure that online training sessions are secure and that recordings are stored safely.

8. Your Rights

You have the following rights under GDPR:

  • Access – Request a copy of your personal data.

  • Rectification – Correct inaccuracies in your data.

  • Erasure – Request deletion of your data (“right to be forgotten”).

  • Restriction – Request a limitation on processing your data.

  • Objection – Object to our processing of your data.

  • Portability – Request the transfer of your data.

  • Withdraw Consent – Revoke consent for processing based on consent.

To exercise your rights, contact us at info@orbicap.com.

9. International Data Transfers

9.1 If we transfer your data outside the EU, we ensure that appropriate safeguards are in place, such as:

  • Standard Contractual Clauses (SCCs).

  • Data Protection Agreements (DPAs) with third-party service providers.

10. Complaints

10.1 If you have concerns about our data practices, contact us at info@orbicap.com.

10.2 You may also file a complaint with the Swedish Authority for Privacy Protection (IMY):

  • Website: www.imy.se

  • Email: imy@imy.se

11. Contact Information

  • Company Name: ORBICAP AB

  • Registered Address: Hjortrongränd 10, 182 45 Enebyberg, Sweden

  • Company Registration Number: 559513-0401

  • Email: info@orbicap.com

  • Website: www.orbicap.com

This policy was last updated on 2025-03-04. We may update it periodically and will notify you of significant changes.