Privacy Policy

Introduction and organisational information

This privacy policy (“Privacy Policy”) explains how Gradientech AB (“Gradientech”, “us”, “we” or “our”) processes personal data and is intended to give our customers, distributors and other business contacts a general understanding of how we collect, use, share and protect personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”).

Gradientech processes personal data when you visit gradientech.se or otherwise interact with us, for example by contacting us, subscribing to communications, using our distributor portal, or submitting a support request. We process personal data for the following purposes:

  • Website operation and improvement – to operate, maintain, secure and improve our website and digital services, and to understand how the website is used.
  • Enquiries and support – to respond to enquiries, manage requests, and provide customer and distributor support, including handling support tickets.
  • Product and service improvement – to improve our services, documentation and customer experience based on aggregated insights from interactions and support.
  • Business administration and relationship management – to manage our business relationships and communications, including contact management, sales pipeline administration, documentation, and invoicing where applicable.

We process personal data in accordance with applicable data protection laws and use appropriate technical, organisational and contractual safeguards to protect personal data. We may use service providers to support our operations, and where they process personal data on our behalf, we require appropriate protections in line with applicable law.

We do not use automated decision-making (including profiling) to make decisions about individuals that have legal or similarly significant effects.

Legal basis for processing

We process personal data on several legal bases depending on the purpose of the processing. This includes processing that is necessary for the performance of a contract or to take steps at your request prior to entering into a contract, processing required to comply with legal obligations, and processing that is necessary for our legitimate business interests, such as communicating with customers and stakeholders, improving our services, and operating our website, provided that such interests are not overridden by your fundamental rights and freedoms. Where required, we rely on your consent, for example in relation to certain cookies or marketing communications.

Provision of personal data

In some cases, providing personal data is necessary to enter into or perform a contract, to respond to a request, or to comply with legal obligations. If you do not provide personal data where required, we may be unable to provide certain services or respond to your request.

Retention of personal data

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including to comply with legal, accounting and regulatory obligations.

Retention periods vary depending on the nature of the personal data and the purpose of the processing. When personal data is no longer required, we securely delete or anonymise it.

You may request erasure of your personal data in accordance with your rights described below.

Direct marketing and communications

We may use your personal data to send marketing communications about our products and services, such as newsletters, event invitations and updates.

We send such communications only where we have a lawful basis to do so, for example your consent or, where permitted under applicable law, our legitimate interests in marketing similar products and services to existing contacts.

You may opt out of marketing communications at any time by using the unsubscribe link included in our emails or by contacting us.

Consent

Where our processing is based on your consent (for example, certain cookies or marketing communications), you may withdraw your consent at any time. You can manage your cookie preferences through our cookie settings and unsubscribe from marketing communications using the link provided in our emails.

Withdrawal of consent does not affect the lawfulness of processing carried out prior to withdrawal.

Data sharing and disclosure

We do not sell personal data. We may share personal data with service providers that support our operations, such as providers of IT systems, website hosting, analytics, customer relationship management, communications and support services.

We may also disclose personal data where required to comply with legal obligations, enforce our agreements, or protect our rights.

International data transfers

Personal data is primarily processed within the EU/EEA. In certain cases, personal data may be transferred to or accessed from countries outside the EU/EEA in connection with our use of service providers.

Where such transfers occur, we ensure that appropriate safeguards are implemented in accordance with applicable data protection laws, such as the European Commission’s Standard Contractual Clauses and, where required, supplementary measures.

You may request further information about the safeguards applied by contacting us.

Data storage, hosting and security

We use carefully selected hosting and cloud service providers to support our website and business operations. Where a service provider processes personal data on our behalf, we enter into appropriate data processing agreements.

We apply appropriate technical and organisational measures to protect personal data against unauthorised access, loss, alteration or disclosure. These measures include encryption during transmission and, where applicable, at rest; role-based access controls; and ongoing monitoring and review of our security practices.

Cookies and similar technologies

A cookie is a small text file stored on your device when you visit a website. We use cookies and similar tracking technologies (such as pixels and tags) to operate our website, analyse how it is used, and support certain communication and marketing activities where permitted.

Cookies used on our website are categorised as follows:

  • Necessary cookies – required for the website and distributor portal to function, for example for security, session management and load balancing. These cookies do not require consent.
  • Preferences cookies – enable the website to remember choices and settings. These cookies are used only where required consent has been provided.
  • Statistics cookies – used to analyse how visitors use our website so that we can improve performance and usability. These cookies are used only where required consent has been provided.
  • Marketing cookies – used to measure marketing effectiveness and, where enabled, to provide more relevant communications across platforms. These cookies are used only where required consent has been provided.

When you visit our website, you will be presented with a cookie consent banner that allows you to accept, reject or customise non-essential cookies. You can change or withdraw your consent at any time through our cookie settings.

For more detailed information about the specific cookies we use, including their providers and duration, please refer to our Cookie Policy:
https://gradientech.se/cookie-policy/

Your rights

Under the GDPR and other applicable data protection laws, you have certain rights in relation to your personal data. You can exercise these rights by contacting us.

Your rights include:

  • Right of access – to request confirmation of whether we process your personal data and to receive a copy of the personal data we hold about you.
  • Right to rectification – to request correction of inaccurate personal data and completion of incomplete data.
  • Right to delete – to request deletion of your personal data in certain circumstances (for example, where the data is no longer necessary for the purposes for which it was collected).
  • Right to restriction of processing – to request that we restrict our processing of your personal data in certain circumstances.
  • Right to data portability – to receive personal data you have provided to us in a structured, commonly used and machine-readable format, and to transmit it to another controller, where applicable.
  • Right to object – to object to our processing of your personal data in certain circumstances, including an unconditional right to object to processing for direct marketing.
  • Right to withdraw consent – where processing is based on consent, to withdraw your consent at any time (without affecting the lawfulness of processing carried out prior to withdrawal).
  • Right to lodge a complaint – to lodge a complaint with a supervisory authority if you consider that our processing of personal data infringes applicable data protection law.

These rights may be subject to conditions, limitations and exceptions under applicable data protection law.

Exercising your rights

To exercise your rights, please contact us at

If you are an EU resident and wish to lodge a complaint, you may contact your national Data Protection Authority.

Personal data breaches and notifications

We maintain procedures to detect, investigate and respond to personal data breaches.

Where required under applicable data protection laws, we will notify the relevant supervisory authority without undue delay and, where applicable, affected individuals.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The latest version will always be available on our website.

About responsibility

Gradientech AB (Org. 556788-9505) is the controller responsible for the processing of personal data described in this Privacy Policy.

Contact us

If you have any questions about this Privacy Policy, our processing of personal data, or how to exercise your rights, please contact us at:

Email:
Phone: +46 18 418 6700

This Privacy Policy was last updated on 24 February 2026