Privacy Policy

1. Introduction

Kroppsfred is the data controller for your personal data. I am committed to protecting your privacy and process your personal data in accordance with the EU General Data Protection Regulation (GDPR) and applicable Swedish data protection laws. This privacy policy explains what information I collect, how I use it, and what rights you have.

2. Information I collect

I may collect and process the following categories of personal data:

• Contact information: name, email address, phone number (via the contact form or booking)

• Communication data: messages you send via forms or email

• Newsletter subscription: email address and communication settings

• Payment details: billing information that is securely processed through my payment provider

• Usage data: cookies, IP address, browser type, and pages visited (via analytics tools)

• Session information: notes and documentation relevant to our coaching relationship

3. Legal basis for processing

I process your personal data based on the following legal grounds under the GDPR

• Performance of a contract (Article 6.1(b)): to provide the services you have ordered

• Legitimate interest (Article 6.1(f)): to improve the Website and my services, as well as to communicate with existing clients

• Consent (Article 6.1(a)): for newsletters and non-essential cookies — you may withdraw your consent at any time

• Legal obligation (Article 6.1(c)): where required by law, such as accounting and tax requirements

4. How I use your information

I use your personal data to:

• Provide and manage your bookings and sessions

• Send booking confirmations, reminders, and relevant service communications

• Send newsletters if you've subscribed (you can unsubscribe at any time)

• Process payments securely

• Improve the website through analysis

• Comply with legal and regulatory obligations

5. Cookies

My website uses cookies to improve your experience. I use:

• Essential cookies: required for the Website to function properly

• Analytics cookies: to understand how visitors use the Website (e.g., Google Analytics)

• Marketing/preference cookies: to remember your preferences or display relevant content

When you visit the Website for the first time, you will be asked to consent to non-essential cookies. You can manage or withdraw your cookie consent at any time through your browser settings or my cookie tool.

6. Sharing of information

I do not sell your personal information. I may share your information with trusted third-party service providers who help me operate the Website and provide my services, including:

• Payment providers (e.g., Stripe, Klarna, or similar)

• Email marketing platforms (if you subscribe to my newsletter)

• Analytics providers (e.g., Google Analytics)

• Booking and scheduling platforms

All third-party providers are required to process your data in accordance with the GDPR and the applicable data processing agreement

7. Transfer to a third country

Some of my third-party service providers may be located outside the EU/EEA. In such cases, I ensure that appropriate safeguards are in place—such as the European Commission’s Standard Contractual Clauses—to protect your data.

8. Retention period

I will retain your personal data only for as long as necessary for the purposes described in this policy, or for as long as required by law. Specifically:

• Client documentation from sessions: retained for up to 5 years after the conclusion of the assignment

• Payment information: retained for 7 years in accordance with the Accounting Act

• Newsletter subscriptions: stored until you unsubscribe

• Contact form submissions: stored for up to 12 months

9. Your rights under the GDPR

As a registered user, you have the following rights:

• Right of access: to request a copy of the personal data I hold about you

• Right to rectification: the right to request the correction of inaccurate or incomplete information

• Right to erasure: the right to request that I delete your data under certain circumstances

• Right to restriction: to request that I restrict the processing of your data

• Right to data portability: to receive your data in a structured, machine-readable format

• Right to object: to processing based on legitimate interests

• Right to withdraw consent: at any time, without affecting previous processing

To exercise any of these rights, please contact me using the information below. I will respond within 30 days. You also have the right to file a complaint with the Swedish Data Protection Authority (IMY) at www.imy.se.

10. Data Security

I take appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, destruction, or alteration. However, no method of transmission over the internet is 100% secure, and absolute security cannot be guaranteed.

11. Changes to this Privacy Policy

I may update this privacy policy from time to time. When I do, the date at the top of the page will be updated. I encourage you to review the policy regularly. Your continued use of the Website following any changes constitutes your acceptance of the updated policy.

12. Contact Information and Data Controller

If you have any questions or concerns about this privacy policy or how I handle your personal information, please feel free to contact me:

Body Peace

Email: camilla@kroppsfred.se

Website: www.kroppsfred.se