Kidbrooke Logo
PlatformUse CasesIntegrationBuild OptionsClientsAbout UsBlog
Free ToolsSchedule a Demo

Privacy Information

How we protect and handle your personal information

Last updated: September 11, 2025

Legal information

Data Controller

Kidbrooke Advisory AB

Registered in Sweden with registration: 556930-2374

Address: Generalsvägen 72 B, 184 51 Österskär, Sweden

Email: info@kidbrooke.com

Data collection

Information We Collect

We collect personal data necessary for our business activities including providing advisory services, customer relationship management, and compliance with legal obligations:

Contact and Business Information
  • • Name, email address, and phone number
  • • Billing and delivery address
  • • Company name and profession/place of work
  • • Personal identification number (for sole traders)
  • • Your messages and consultation requirements
  • • Payment information and correspondence
  • • Internet address (IP) and user behavior patterns for security
Additional Information We May Collect
  • • Social media profiles for business networking
  • • Health information (e.g., allergies for events we organize)
  • • Resumés and grades (for job applications)
  • • Customer references and testimonials
  • • Information from credit rating agencies or banks for creditworthiness assessments

Our legal basis for processing includes: fulfilling contractual obligations, legitimate business interests for customer relationship management and service provision, your consent (where applicable), and compliance with legal obligations.

Data protection

What We DON'T Collect

We never collect: your exact location, your personal details for statistics, detailed information about you, or data that tracks you across different websites unless you consent to marketing cookies.

Data usage

How We Use Your Information

Service Delivery and Customer Management:
  • • Provide our advisory products and services
  • • Customer relationship management and quality assurance
  • • Customer service and support
  • • Market and customer analysis for business development
  • • Reply to messages and follow-up communications
Marketing and Business Development:
  • • Inform about and market our products and services
  • • Publish customer references and case studies
  • • Organize events and provide information about seminars
  • • Direct marketing via email, social media, or phone
  • • Business networking and relationship building
Legal and Security:
  • • Prevent fraud and perform risk management
  • • Comply with applicable legislation and court rulings
  • • Handle job and internship applications
  • • Anti-money laundering and terrorism financing controls
Data security

How We Keep Your Data Safe

We protect your information in multiple ways:

Technical Measures
  • • Encryption technology for data protection
  • • Firewall and antivirus programs
  • • Password protection and access controls
  • • Encrypted data transmission (HTTPS)
  • • Secure database storage and backup systems
  • • No third-party tracking scripts without consent
Organisational Measures
  • • Minimal data collection principles
  • • Employee access limited to work requirements only
  • • Staff confidentiality agreements and privacy training
  • • Regular security assessments and monitoring
  • • Data retention policies and review procedures
  • • Protection against unauthorized access, misuse, and damage
Third parties

Data Sharing and Disclosure

We share personal data only when necessary for service delivery and legal compliance:

Service Providers and Business Partners
  • • IT service suppliers for technical infrastructure
  • • Print and distribution services
  • • Banking and payment processing partners
  • • Insurance companies and debt collection agencies
  • • Potential group companies for service delivery
Legal and Business Circumstances
  • • When required by law, court ruling, or authority decision
  • • To protect Kidbrooke's legal rights and interests
  • • Business reorganization, mergers, or acquisitions (with buyer consent)
  • • Anonymized statistical information (cannot be traced to individuals)

International Transfers: Some suppliers and partners are located outside EU/EEA. We ensure adequate protection measures and compliance with data protection rules for all transfers.

Data Protection: All third parties process data only according to this privacy policy and our instructions. We maintain agreements ensuring legal and secure processing.

Data lifecycle

Data Retention

Contact inquiries: Retained for 12 months to maintain consultation history and follow-up services

Client work: Retained as required by professional obligations and applicable law (e.g., Accounting Act requirements)

Job applications: Stored until position is filled, or up to 24 months with consent

Marketing consent: Until consent is withdrawn

You may request earlier deletion at any time by contacting us. We never store data longer than necessary for each specific purpose.

GDPR rights

Your Privacy Rights

Under GDPR, you have the following rights:

  • Right to Access

    Request information about our processing of your personal data and receive a copy, free of charge. Requests must be submitted in writing with your name, date of birth, and signature. We respond as swiftly as possible and may request additional information to verify your identity.

  • Right to Rectification

    If you inform us that your personal data is no longer correct, we will promptly correct, block, or erase such data. We have the main responsibility to ensure data accuracy.

  • Right to Erasure

    Request deletion when data is no longer necessary, you withdraw consent, object to direct marketing, or processing violates data protection rules. Some legal obligations may prevent immediate erasure (e.g., accounting requirements).

  • Right to Data Portability

    When processing is based on consent or contract, receive your data in machine-readable format (Excel, CSV) and request transfer to another data controller if technically possible.

  • Right to Object

    Object to processing based on legitimate interest. We will only continue if our legitimate interests outweigh yours. You can withdraw consent for marketing at any time.

  • Right to Restrict Processing

    Request temporary restriction when you contest data accuracy, processing is unlawful but you prefer restriction over erasure, or during investigation of objections.

Exercise Your Rights

To exercise any of these rights, simply contact us at the above email. We'll respond within 30 days and provide assistance free of charge.

Get in touch

Contact Us About Privacy

For any privacy-related questions, concerns, or rights requests, contact us at the above email.

Subject Line: "Privacy Rights Request" or "Privacy Inquiry"

Response Time: Within 24 hours for acknowledgment, full response within 30 days

External platforms

Social Media and Third-Party Services

We use LinkedIn, Twitter, Instagram, and Facebook for business networking and marketing. When you interact with our social media content, we may process personal data you provide through comments, photos, or messages.

We do not accept offensive material on our platforms and may remove inappropriate content. Please report any concerning content to us.

We may collect personal data from third parties such as credit rating agencies or banks for creditworthiness assessments and anti-money laundering compliance.

Service terms

Third-Party Services and Terms

Our services may be subject to third parties' terms and conditions. These third parties are independent data controllers responsible for their own processing of your personal data.

Important: We are not responsible for third parties' use of your personal data. Please review their terms and conditions, especially when clicking links to other websites in our emails or on our website.

We recommend reading the privacy policies of any third-party services you interact with through our platform or communications.

Policy updates

Changes to This Privacy Notice

We annually review this privacy policy and may update it to reflect changes in our practices or legal requirements. We'll notify users of any material changes by updating the "last modified" date at the top of this notice.

Changes may be warranted due to legislation updates, guidance from supervisory authorities, or changes in our business operations. Updated versions will be published on our website.

For extensive changes affecting how we process your personal data, you will be informed before such changes become applicable.

Complaints

Supervisory Authority

If you are dissatisfied with how your personal data has been processed or believe it has been processed contrary to data protection rules, you can contact us first. You also have the right to lodge a complaint with a supervisory authority.

Supervisory Authorities
  • • Sweden: Integritetsskyddsmyndigheten (imy.se)
  • • UK: Information Commissioner's Office (ico.org.uk)
  • • EU: Contact your local supervisory authority in your country of residence or workplace
European Data Protection Board

Website: www.edpb.europa.eu/about-edpb/about-edpb/members_en