Skip to main content

Legal

Privacy Policy

Last updated: April 2026

1. Data controller

The data controller for personal data processed through this website is:

Flexbridge AB
Org. no: 559145-4367
VAT: SE559145436701
Luleå, Sweden

For privacy-related questions or requests, please use our contact form.

2. What data we collect and why

Contact form submissions

When you use the contact form on this website, we collect your name, email address, company name (optional), and the content of your message. This data is used solely to respond to your enquiry.

Legal basis: Legitimate interest (Article 6(1)(f) GDPR) — responding to unsolicited business enquiries is a legitimate interest of Flexbridge AB and is what you would reasonably expect when submitting the form.

Spam protection (Cloudflare Turnstile)

We use Cloudflare Turnstile to protect the contact form from automated abuse. Turnstile may process your IP address and browser signals to verify that the submission comes from a human. This processing occurs on Cloudflare's infrastructure and is governed by Cloudflare's Privacy Policy.

No tracking or analytics

We do not use cookies, tracking pixels, or analytics tools on this website. We do not build profiles of visitors or share visitor data with advertising networks.

3. How long we keep your data

Contact form submissions are retained for up to 12 months from the date of receipt, after which they are deleted. If your enquiry leads to an ongoing business relationship, relevant data may be retained for the duration of that relationship and for the period required by applicable law thereafter.

4. Third-party processors

We use the following third-party services to operate this website:

  • ResendEmail delivery. Contact form submissions are transmitted to us via Resend. Data is processed within the EU/EEA. Privacy policy
  • Cloudflare (Turnstile)Bot and spam protection on the contact form. Privacy policy
  • VercelWebsite hosting and delivery. Vercel may log request metadata (IP address, user agent) for security and operational purposes. Privacy policy

5. Your rights

Under the GDPR, you have the following rights with respect to your personal data:

  • Right of access — obtain a copy of the personal data we hold about you.
  • Right to rectification — request correction of inaccurate data.
  • Right to erasure — request deletion of your data where there is no overriding legitimate reason to retain it.
  • Right to restriction — request that we restrict processing of your data.
  • Right to object — object to processing based on legitimate interest.
  • Right to data portability — receive your data in a structured, machine-readable format.

To exercise any of these rights, please contact us via our contact form. We will respond within 30 days.

6. Supervisory authority

You have the right to lodge a complaint with the Swedish supervisory authority for data protection:

Integritetsskyddsmyndigheten (IMY)
www.imy.se

7. Changes to this policy

We may update this policy from time to time. The date at the top of this page reflects the most recent revision. Material changes will be noted here.