Plantchwristar

Legal

Privacy Policy

This Privacy Policy describes how Plantchwristar collects, uses, stores, and protects personal data when you visit our website or use our services.

Effective date:

1. Data Controller

The data controller responsible for your personal data is Plantchwristar, located at Drottninggatan 63, 111 21 Stockholm, Sweden. For privacy-related inquiries, you may contact us at assist@plantchwristar.world or by telephone at +46 8 411 45 10.

As the data controller, we determine the purposes and means of processing personal data collected through plantchwristar.world and related communication channels. We are committed to processing your data lawfully, fairly, and transparently in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and the Swedish Data Protection Act (Dataskyddslagen).

2. Personal Data We Collect

We may collect and process the following categories of personal data depending on how you interact with our website and services:

2.1 Information You Provide Directly

  • Contact details such as your name and email address when you submit our contact form
  • Message content and any dietary preferences or lifestyle information you voluntarily include in correspondence
  • Consent records indicating your agreement to data processing and cookie preferences
  • Communication history related to inquiries about our meal planning services

2.2 Information Collected Automatically

  • Technical data including IP address, browser type, operating system, and device identifiers
  • Usage data such as pages visited, time spent on pages, referral sources, and click patterns
  • Cookie data as described in our Cookie Policy

2.3 Information We Do Not Collect

We do not intentionally collect special categories of personal data as defined under Article 9 of the GDPR, including data concerning health conditions, unless you voluntarily provide such information in your messages. We advise against sharing sensitive health information through our contact form, as our services provide general informational content rather than medical services.

4. Purposes of Data Processing

We use personal data for the following specific purposes:

  • Responding to contact form submissions and correspondence regarding our meal planning services
  • Preparing and delivering educational meal planning materials based on information you provide
  • Maintaining records of client communications for quality assurance and service continuity
  • Operating, maintaining, and improving our website functionality and user experience
  • Analyzing aggregated website usage patterns to understand content effectiveness, subject to your cookie consent
  • Complying with legal obligations, including tax and accounting requirements where applicable
  • Protecting our website and services against unauthorized access, abuse, and security threats

We do not use your personal data for automated decision-making or profiling that produces legal or similarly significant effects.

5. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, unless a longer retention period is required by law.

  • Contact form submissions: Retained for up to 24 months after the last communication, unless you request earlier deletion
  • Service delivery records: Retained for up to 36 months after service completion for reference and dispute resolution
  • Cookie consent records: Retained for 12 months from the date of consent
  • Analytics data: Aggregated and anonymized data may be retained indefinitely; identifiable data is retained for up to 26 months
  • Legal and accounting records: Retained as required by Swedish law, typically up to 7 years for financial records

When retention periods expire, we securely delete or anonymize personal data so it can no longer be associated with you.

6. Data Sharing and Transfers

We do not sell, rent, or trade your personal data to third parties. We may share data with the following categories of recipients when necessary:

  • Service providers who assist with website hosting, email delivery, and analytics, bound by data processing agreements
  • Professional advisors such as legal or accounting consultants when required for business operations
  • Public authorities when required by law, regulation, or valid legal process

Some service providers may be located outside the European Economic Area (EEA). When we transfer data internationally, we implement appropriate safeguards such as Standard Contractual Clauses approved by the European Commission or rely on adequacy decisions.

7. Security Measures

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • HTTPS encryption for all data transmitted between your browser and our servers
  • Access controls limiting personal data access to authorized personnel with legitimate business needs
  • Regular review of security practices and infrastructure configurations
  • Secure storage systems with backup procedures to prevent data loss
  • Staff awareness regarding data protection obligations and confidentiality requirements

While we strive to protect your personal data, no method of electronic transmission or storage is completely secure. We encourage you to use strong passwords for any accounts and to contact us immediately if you suspect unauthorized access to your information.

8. Your Rights Under GDPR

As a data subject, you have the following rights regarding your personal data:

  • Right of access: Request confirmation of whether we process your data and obtain a copy
  • Right to rectification: Request correction of inaccurate or incomplete personal data
  • Right to erasure: Request deletion of your data when it is no longer necessary or when you withdraw consent
  • Right to restriction: Request limitation of processing under certain circumstances
  • Right to data portability: Receive your data in a structured, commonly used, machine-readable format
  • Right to object: Object to processing based on legitimate interests or for direct marketing purposes
  • Right to withdraw consent: Withdraw consent at any time without affecting the lawfulness of prior processing

To exercise any of these rights, contact us at assist@plantchwristar.world with sufficient information to verify your identity. We will respond within one month, extendable by two additional months for complex requests. You also have the right to lodge a complaint with Integritetsskyddsmyndigheten (IMY), the Swedish Authority for Privacy Protection, at imy.se.

9. Cookies and Tracking

Our website uses cookies and similar technologies as described in our dedicated Cookie Policy. Non-essential cookies are placed only with your explicit consent through our cookie banner. You may modify your preferences at any time by clearing cookies and revisiting our website or contacting us directly.

10. Children's Privacy

Our website and services are not directed at individuals under 16 years of age. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a minor, please contact us immediately and we will take steps to delete such information promptly.

11. Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, or legal requirements. Material changes will be indicated by updating the effective date at the top of this page. We encourage you to review this policy regularly. Continued use of our website after changes constitutes acknowledgment of the updated policy.

12. Contact Information

For questions, concerns, or requests related to this Privacy Policy or your personal data, please contact:

Plantchwristar
Drottninggatan 63, 111 21 Stockholm, Sweden
Email: assist@plantchwristar.world
Phone: +46 8 411 45 10