Privacy policy.

Effective Date: 24 February 2025

Last Updated: 24 February 2025

 1. Introduction 

Welcome to Raaf & Co AB (“Company”, “we”, “our”, or “us”). Your privacy is important to us. This Privacy Policy explains how we collect, use, and protect your personal data when you visit www.raafandco.com (“Website”) and interact with our services. 

We comply with the EU General Data Protection Regulation (GDPR) and other applicable data protection laws. 

By using our Website, you consent to the collection and use of your personal data as described in this Privacy Policy. If you do not agree with this policy, please do not use our Website. 

 

 2. Data We Collect 

We may collect and process the following types of personal data:  

 A. Information You Provide to Us 

- Name, email address, phone number, and company name (if applicable) 

- Billing and payment information (for invoicing purposes) 

- Information provided when contacting us via forms, email, or phone 

- Any other data you provide when signing up for newsletters, events, or services 

 B. Information We Collect Automatically 

- Technical Data: IP address, browser type, operating system, and referring URLs 

- Usage Data: Pages visited, time spent on the site, and interactions with our content 

- Cookies and Tracking Technologies (see Section 7) 

 C. Data from Third Parties 

- Social media interactions (when you engage with our LinkedIn or other social media pages) 

- Publicly available business information 

 3. How We Use Your Data 

We process your personal data for the following purposes: 

1. Providing Our Services – To communicate with you, process inquiries, and offer our consultancy and marketing services 

2. Legal and Contractual Obligations – For invoicing, tax, and compliance requirements 

3. Marketing & Communications – To send you relevant updates, newsletters, or promotional content (you can opt out anytime) 

4. Improving Our Website – To analyze user behavior and enhance user experience 

5. Security & Fraud Prevention – To protect against unauthorized access, fraud, and illegal activities 

 4. Legal Basis for Processing 

Under GDPR (Article 6), we rely on the following lawful bases for processing personal data: 

- Consent – When you subscribe to our newsletter or accept cookies 

- Contractual Necessity – When we need to process data to fulfill a contract (e.g., providing services) 

- Legal Obligation – When required by law (e.g., tax reporting) 

- Legitimate Interest – For marketing, security, and improving our services 

 5. Data Sharing & Transfers 

We do not sell or rent your personal data. However, we may share your data with: 

- Service Providers: Hosting, email marketing, payment processors (only as necessary to provide services) 

- Legal Authorities: If required by law or to protect our legal rights 

- Business Transfers: If we merge, sell, or restructure our business, data may be transferred to new owners 

If we transfer your data outside the European Economic Area (EEA), we ensure compliance with GDPR through standard contractual clauses or other lawful mechanisms.

 6. Data Retention 

We store your personal data only as long as necessary: 

- Client data – Retained for the duration of service and up to 5 years for legal obligations 

- Marketing communications – Until you opt out 

- Website analytics data – Usually retained for up to 24 months 

 7. Cookies & Tracking Technologies 

We use cookies and similar tracking technologies to enhance user experience and analyze traffic. These include: 

- Essential Cookies – Required for site functionality 

- Analytical Cookies – Google Analytics (tracks website traffic) 

- Marketing Cookies – If applicable (e.g., LinkedIn or Facebook pixel) 

You can manage or disable cookies via your browser settings. 

For more details, please see our Cookie Policy.

 8. Your Rights Under GDPR 

As an EU resident, you have the following rights: 

- Right to Access – Request a copy of your personal data 

- Right to Rectification – Correct inaccurate or incomplete data 

- Right to Erasure (“Right to be Forgotten”) – Request deletion of your data 

- Right to Restrict Processing – Limit how we use your data 

- Right to Data Portability – Receive your data in a structured format 

- Right to Object – Withdraw consent for marketing at any time 

- Right to Lodge a Complaint – File a complaint with Swedish Data Protection Authority (IMY) if you believe your rights are violated 

To exercise any of these rights, contact us at anders.raaf@luxurience.se 

 9. Data Security 

We implement security measures to protect your personal data, including:  

- SSL encryption for data transmission 

- Access controls limiting employee access 

- Regular security audits   

Despite these measures, no data transmission over the Internet is 100% secure.

 10. Third-Party Links 

Our Website may contain links to third-party websites (e.g., social media, partner websites). We are not responsible for their privacy policies, and we encourage you to review them separately. 

 11. Changes to This Policy 

We may update this Privacy Policy from time to time. The latest version will always be available on this page. If changes are significant, we will notify users via email or website notification. 

 12. Contact Us 

If you have any questions about this Privacy Policy, please contact us at: 

Email: anders.raaf@luxurience.se

Address: Raaf & Co AB, Herrgårdsvägen 49A, S-269 96, Båstad, Sweden

Phone: +46(0)708904932