Privacy Policy

Last updated: 2026-02-25

Effective date: 2026-02-25

1. Introduction

Welcome to the privacy policy of Premex AB ("we", "us", or "our"). We operate the website located at https://premex.se and are committed to protecting your personal data.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you interact with our services. Please read it carefully.

Our principal place of business is located at: Jerikovägen 12, 141 32 Huddinge

Company registration number: 559253-4134

2. Data Controller

Premex AB is the data controller responsible for your personal data.

• Email: contact@premex.se

Data Protection Officer

We have appointed a Data Protection Officer (DPO) who can be contacted regarding any data protection matters:

• DPO Contact: dpo@premex.se

3. Information We Collect

Personal Data

We do not collect personal data that you voluntarily provide (such as names, email addresses, or phone numbers) through this website. The data we process is limited to automatically collected usage and device data as described below.

Usage Data

We automatically collect certain information when you visit, use, or navigate our services:

• IP address

• Browser type and version

• Pages visited and time spent

Cookies and Tracking Technologies

We use cookies and similar tracking technologies (pixels, web beacons, and local storage) to collect and store information about your interactions with our services. For comprehensive details about the cookies we use and your choices regarding cookies, please see our Cookie Policy.

Obligation to Provide Data

We do not require you to provide any personal data to use this website. Any data we process is limited to automatically collected technical and usage data as described above.

4. Legal Basis for Processing

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal bases:

• Legitimate interests — processing is necessary for our legitimate interests or those of a third party, provided your rights do not override those interests

Purpose-to-legal-basis mapping:

Website operation and security — Legitimate interests

5. How We Use Your Data

We use the information we collect for the following purposes:

• To provide, operate, and maintain our services

• To comply with legal obligations and enforce our terms

6. Data Sharing and Third Parties

We may share your personal data with the following categories of third parties:

• Cloud hosting and infrastructure providers

We require all third parties to respect the security of your personal data and to treat it in accordance with applicable law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your data for specified purposes and in accordance with our instructions.

7. International Data Transfers

Your personal data may be transferred to and processed in countries outside your country of residence, including countries that may not provide the same level of data protection as your home country. We transfer data to the following countries or regions:

• United States

When we transfer your data internationally, we ensure appropriate safeguards are in place to protect your personal data. The transfer mechanisms we rely on include:

• EU-US Data Privacy Framework

For transfers outside the European Economic Area (EEA), we ensure that adequate protection is provided through the transfer mechanism stated above, in compliance with Chapter V of the General Data Protection Regulation (GDPR). Where the primary mechanism is insufficient, we may supplement it with Standard Contractual Clauses (SCCs) approved by the European Commission or obtain your explicit consent.

8. Data Retention

We retain your personal data for as long as is necessary to fulfil the purposes for which it was collected, unless a longer retention period is required or permitted by law.

Default retention period: As long as necessary for the stated purpose

When the retention period expires, we will securely delete or anonymise your personal data in accordance with our data disposal procedures.

9. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit (TLS/SSL)

• Encryption of data at rest

• Access controls and role-based permissions

• Incident response and data breach notification procedures

• Physical security controls for data centres

While we strive to protect your personal data, no method of transmission over the Internet or electronic storage is completely secure. We cannot guarantee the absolute security of your data.

10. Your Rights

10.1 Rights Under the GDPR

If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, you have the following rights under the GDPR:

• Right of Access — You can request a copy of the personal data we hold about you.
• Right to Rectification — You can request that we correct any inaccurate or incomplete personal data.
• Right to Erasure — You can request that we delete your personal data (the "right to be forgotten"), subject to certain legal exceptions.
• Right to Restrict Processing — You can request that we limit the processing of your personal data in certain circumstances.
• Right to Data Portability — You can request a machine-readable copy of the personal data you have provided to us.
• Right to Object — You can object to the processing of your personal data based on legitimate interests or for direct marketing purposes.
• Right to Withdraw Consent — Where we process data based on your consent, you can withdraw that consent at any time.
• Right Not to Be Subject to Automated Decision-Making — You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you.

To exercise any of these rights, please contact us at contact@premex.se. We will respond to your request within one month.

If you believe that we have not adequately addressed your concerns, you have the right to lodge a complaint with your local data protection supervisory authority: the Swedish Authority for Privacy Protection (IMY) at https://www.imy.se

Swedish Data Protection Law

In addition to the GDPR, we comply with the Swedish Act with Supplementary Provisions to the EU General Data Protection Regulation (Lag 2018:218) and the Swedish Electronic Communications Act (LEK 2022:482), which implements the ePrivacy Directive. The supervisory authority for data protection in Sweden is the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten, IMY). You may contact IMY at https://www.imy.se if you have concerns about our processing of your personal data.

11. Children's Privacy

Our services are not intended for children under the age of 16. We do not knowingly collect personal data from children under 16. If we discover that we have inadvertently collected personal data from a child under 16, we will promptly delete that information. If you believe that we may have collected data from a child, please contact us at contact@premex.se.

12. Do Not Track Signals

Our services do not currently respond to Do Not Track (DNT) browser signals. There is no uniform standard for how DNT signals should be interpreted, and we will update this policy if a standard is established.

13. Automated Decision-Making

We do not use solely automated decision-making, including profiling, that would have a legal or similarly significant effect on you.

14. Cookie Policy

We use cookies and similar tracking technologies on our services. For detailed information about the types of cookies we use, the purposes for which we use them, and how you can manage your cookie preferences, please refer to our Cookie Policy.

You can manage your cookie preferences at any time through our consent banner or through your browser settings.

15. Third-Party Links

Our services may contain links to third-party websites and services that are not operated by us. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party websites or services. We encourage you to review the privacy policy of every site you visit.

16. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

We will notify you by posting the updated policy on our website and updating the "Last updated" date at the top of this page.

The "Last updated" date at the top of this policy indicates when it was last revised. We encourage you to review this policy periodically. If material changes affect the legal basis on which we process your data, we will seek renewed consent where required.

17. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

• Email: contact@premex.se

• Website: https://premex.se

• Postal Address: Jerikovägen 12, 141 32 Huddinge

Data Protection Officer: dpo@premex.se

Supervisory Authority: If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection supervisory authority: the Swedish Authority for Privacy Protection (IMY) at https://www.imy.se