Legal & privacy

Personuppgiftspolicy

BuddyCompany enables private individuals and businesses (“Customer”) to book quality-assured and insured professionals (“Buddy”) for various services. This privacy policy explains how we collect and process your personal data when you use our service (the “Service”), on buddycompany.com or in the BuddyCompany app, and what rights you have.

By using the Service you accept this policy. The policy may be updated from time to time, in which case you will be informed in the Service or by other appropriate means.

1. BuddyCompany takes good care of your data

BuddyCompany ([LEGAL COMPANY NAME], company reg. no. [XXXXXX-XXXX]) is the data controller for the personal data processed in the Service. Contact us at [EMAIL ADDRESS] or [PHONE NUMBER] with any questions.

2. Personal data we collect about you

  • Account details. Name, phone number, address and email. As a Buddy, also personal ID number, a portrait photo and a description.
  • ID and passport details. When applying to become a Buddy you upload valid ID, partly so the payment provider can register your account.
  • Background check and qualifications. ID and background check plus an interview. [TO VERIFY: state the provider and whether the check is police-based.]
  • Card and bank details. Payment details are processed via our payment provider. As a Buddy you provide bank details to receive payments.
  • ROT/RUT details. Personal ID number, property designation, apartment number etc. for the application to the Swedish Tax Agency.
  • Booking information. Service, address, time and any image linked to the booking.
  • Messages, ratings and reviews. You decide what you share — do not include sensitive data.
  • Device information. IP address, language, browser, operating system etc., partly collected via cookies.

3. How your data is collected

Most data you provide yourself, e.g. when registering or booking. Some data is required to use the Service. Occasionally data is collected from others, e.g. reviews about a Buddy.

4. How your data is used

  • To provide the Service — connect you with a Buddy, enable bookings and ROT/RUT. (Performance of contract.)
  • To enable payments — carry out and administer payments. (Performance of contract and legitimate interest.)
  • To evaluate you as a Buddy — assess suitability; you must be at least 18 and have the right to work in Sweden. (Legitimate interest.)
  • To communicate with you — notifications and messages about your bookings. (Performance of contract and legitimate interest.)
  • For support, insurance and guarantee matters. (Performance of contract and legitimate interest.)
  • For analytics and marketing — with your consent via cookies. (Consent — see the cookie policy.)
  • To develop and improve the Service — aggregated statistics. (Legitimate interest.)

5. How long your data is kept

Data is kept only as long as needed, generally for as long as you keep your account. Data processed on the basis of consent is deleted if you withdraw consent. Some data is kept longer to meet legal obligations, including accounting and tax law.

6. Sharing your data

  • People who work for us — only those who need access.
  • Your Buddy — relevant data to carry out your booking.
  • Suppliers and sub-processors. [TO VERIFY AND COMPLETE: list actual processors. The site runs on Shopify, so Shopify Inc. is a processor. Confirm the payment provider and others. Do NOT copy TaskRunner's list (AWS, Azure, GigaPay).]
  • Payment provider — [Shopify Payments / Stripe — verify].
  • Insurer, Google, authorities (the Swedish Tax Agency, etc.) and a potential buyer in the event of a business transfer. We never sell your data separately without your approval.

7. Processing outside the EU/EEA

We aim to process data within the EU/EEA. In some cases data may be transferred to companies outside the EU/EEA, in which case we ensure appropriate safeguards such as the EU Commission's Standard Contractual Clauses. [TO VERIFY: which processors transfer data outside the EU/EEA.]

8. Cookies

BuddyCompany uses cookies. Read more in our cookie policy.

9. Your rights

  • Right to object to processing based on legitimate interest.
  • Right to access and port your data (subject access and data portability).
  • Right to erasure, and to rectify and complete inaccurate data.
  • Right to restriction of processing in certain cases.
  • Right to withdraw consent, e.g. for analytics and marketing cookies.
  • Right to lodge a complaint with the Swedish Authority for Privacy Protection (IMY).

[LEGAL COMPANY NAME] · [Address] · [Email address] · Company reg. no.: [XXXXXX-XXXX]