Privacy Policy

1. Introduction

Kroppsfred is the data controller responsible for your personal data. I am committed to protecting your privacy and processing your personal data in accordance with the EU General Data Protection Regulation (GDPR) and applicable Swedish data protection law. This Privacy Policy explains what data I collect, how I use it, and your rights.

2. Data I Collect

I may collect and process the following categories of personal data:

• Contact information: name, email address, phone number (via contact forms or

(booking)

• Communication data: messages you send via forms or email

• Newsletter subscription: email address and communication preferences

• Payment data: billing information processed securely through my payment provider

• Usage data: cookies, IP address, browser type, and pages visited (via analytics)

(tools)

• Session-related information: notes and records relevant to our coaching relationship

3. Legal Basis for Processing

We process your personal data based on the following legal grounds under the GDPR:

• Contract performance (Article 6(1)(b)): to provide the services you have requested

• Legitimate interest (Article 6(1)(f)): to improve my website and services, and to send relevant communications to existing clients

• Consent (Article 6(1)(a)): for newsletter subscriptions and non-essential cookies —

You may withdraw your consent at any time

• Legal obligation (Article 6(1)(c)): where required by law, such as for accounting or tax purposes

bond

4. How I Use Your Data

I use your personal data to:

• Manage your bookings and sessions

• Send booking confirmations, reminders, and relevant service communications

• We'll send you newsletters if you've subscribed (you can unsubscribe at any time)

• Process payments securely

• Improve my website using analytics

• Comply with legal and regulatory obligations

5. Cookies

My website uses cookies to improve your experience. I use:

• Essential cookies: necessary for the website to function properly

• Analytics cookies: to understand how visitors use my website (e.g., Google Analytics)

• Marketing/preference cookies: to remember your settings or display relevant content

When you first visit my website, you will be asked to consent to the use of non-essential cookies.

You can manage or withdraw your cookie consent at any time through your browser settings or my cookie consent tool.

6. Data Sharing

I do not sell your personal data. I may share your data with trusted third-party service providers who assist me in operating my website and delivering my services, including:

• Payment processors (e.g., Stripe, Klarna, or similar)

• Email marketing platforms (if you have subscribed to my newsletter)

• Analytics providers (e.g., Google Analytics)

• Booking and scheduling platforms

All third-party providers are required to process your data in accordance with the GDPR and applicable data processing agreements.

7. International Transfers

Some of my third-party providers may be located outside the EU/EEA. Where this is the

In such cases, I ensure that appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission, to protect your data.

8. Data Retention

I retain your personal data only for as long as necessary for the purposes described in this policy, or as required by law. Specifically:

• Client session records: retained for up to 5 years after the end of our professional relationship

• Payment records: retained for 7 years in accordance with Swedish accounting law

(Accounting Act)

• Newsletter data: retained until you unsubscribe

• Contact form submissions: retained for up to 12 months

9. Your Rights Under the GDPR

As a data subject, you have the following rights:

• Right of access: to request a copy of the personal data I hold about you

• Right to rectification: to request the correction of inaccurate or incomplete data

• Right to erasure: to request the deletion of your data under certain circumstances

• Right to restriction: to request that I limit how I process your data

• Right to data portability: to receive your data in a structured, machine-readable

formatted

• Right to object: to object to processing based on legitimate interest

• Right to withdraw consent: at any time, without affecting prior processing

To exercise any of these rights, please contact me using the information below. I will respond within 30 days. You also have the right to file a complaint with the Swedish Data Protection Authority

Protection (IMY) at www.imy.se.

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, destruction, or alteration. However, no method of transmission over the internet is 100% secure, and absolute security cannot be guaranteed.

11. Changes to This Privacy Policy

I may update this Privacy Policy from time to time. When I do, I will update the date at the top of this page. I encourage you to review this policy periodically. Continued use of my Website after changes constitutes acceptance of the updated policy.

12. Contact and Data Controller

If you have any questions or concerns about this Privacy Policy or how I handle your

For inquiries regarding personal data, please contact us:

Body Peace

Email: camilla@kroppsfred.se

Website: www.kroppsfred.se