Business Services Platform

Privacy Policy

Cooach AB (publ) (corporate identity number 559005-6783), “Cooach”, protects your personal privacy and always strives for a high level of data protection. This privacy policy explains how we collect and use your personal information. The privacy policy also describes your rights and how you can enforce them. It is important that you take note of and understand the privacy policy. You are always welcome to contact us with any questions.

Who is responsible for the personal data we process?

Cooach AB (publ) corporate identity number 559005-6783 with address Drottninggatan 86A, 111 36 Stockholm is responsible for the processing of personal data.

How long do we store your personal information?

We store your personal information for as long as it is necessary for the purpose for which it was collected. Depending on the legal basis on which we support the treatment, this is possible a) follow from an agreement; b) be subject to valid consent; (c) be governed by law; or d) follow from an internal assessment based on a balance of interests. In the tables below, we indicate (to the extent possible) the period during which the personal data will be stored or the criteria used to determine the period.

What personal data do we process, for what purpose (why) and on what legal basis?

Note: According to recital 14 in the preamble to the Data Protection Ordinance, it does not cover the processing of personal data concerning legal persons, for example information on the name and type of legal person and contact details. The processing of personal data concerning member registers, including contact information for the member (company), may therefore fall outside the scope of the Data Protection Ordinance.

Who can we share your personal information with?

Personal data assistants. In cases where it is necessary for us to be able to offer our services  we share your personal data with companies that are so-called personal data assistants for us. A personal data assistant is a company that processes the information on our behalf and in accordance with  our instructions e.g. cloud service providers or similar.

Partners. In a few cases, e.g. in order to be able to organize events, we share certain personal information with partners for that event.

Where do we process your personal data?

We always strive for your personal data to be processed within the EU / EEA and all our own IT systems are located within the EU / EEA. We have entered into a personal data assistant agreement with all our personal data assistants.  The Personal Data Assistant Agreement regulates how personal data assistants may process personal data and what security measures are required for  personal data processing.

What are your registered rights?

You are the one who decides over your personal information. We always strive to make sure you can exercise your rights as efficiently and smoothly as possible. You can send an email mail to info @ c and we will help you take advantage of your rights.

Right of access (so-called register extract). You always have the right to receive information about them  personal data processing that concerns you. We are always open and transparent with how we processes your personal data. Do you want to ffor a deeper insight into which personal data we process about you, you can request access to the data (the information is provided in the form of a register extract stating purpose, categories of personal data, categories of recipients, storage periods, information about where the information has been collected in and before the advent of automated decision-making).

We only provide information if we have been able to ensure that it is actually you who asks according to the information. Therefore think pthat if we receive a request for access, we may ask for additional information to ensure efficient handling of your request and that the information is provided to the right person.

Right to rectification. You can request that your personal information be corrected if the information is incorrect. You also have the right to request a supplement to any incomplete personal data.

Right to delete. You can request deletion of personal data we process about you if:

  • The data are no longer necessary for the purposes for which they were collected or processed.
  • You object to a balance of interests we have made based on legitimate interest and your reason for objection outweighs our legitimate interest.
  • You object to processing for direct marketing purposes.
  • Personal data is processed illegally.
  • Personal data must be deleted in order to fulfill a legal obligation to which we are subject.

Please note that we may have the right to deny your request if there are legal obligations that prevent us from immediately deleting certain personal data. These obligations come from to  for example, accounting and tax legislation or banking and money laundering legislation. It can  the processing may also be necessary for us to be able to establish, assert or defend legal claims. Should we be prevented from responding to a deletion request  we will instead block the personal data from being used for purposes other than the purpose that prevents the requested deletion.

Right to restriction. You have the right to request that our processing of your personal data be restricted. If you believe that the personal data we process is incorrect, you can request a limited processing for the time we need to check whether the personal data is correct. If we no longer need the personal data for them  established purposes, but you do need them to be able to establish, assert or defend legal claims, you can request limited processing of the data with us.  This means that you can request that we not delete your information.

If you have objected to a balance of interests of legitimate interest that we have made as a legal basis for a purpose, you can request limited processing for the time we need to check whether our legitimate interests outweigh your interests in having the data deleted.

If the processing has been restricted according to any of the situations above, we may only, in addition to the actual storage, process the data to establish, assert or defend legal  claim, to protect someone else’s rights or if you have given your consent.

The right to object to a certain type of treatment. You always have the right to avoid direct marketing and to object to any processing of personal data based on a balance of interests.

Legitimate interest. In cases where we use a balance of interests as a legal basis for a purpose, you have the opportunity to object to the processing. In order to continue to process your personal data after such an objection, we need to be able to show a mandatory  justified reasons for the current treatment that outweigh your interests, rights  or freedoms. Otherwise, we may only process the data to determine, exercise or  defend legal claims.

Direct marketing (including analyzes performed for direct marketing purposes): You  have the opportunity to object to your personal data being processed for direct marketing.  The objection also includes the analyzes of personal data (so-called profiling) that are performed for  direct marketing purposes. Direct marketing refers to all types of outreach  marketing measures (eg by mail, e-mail and text message). Marketing measures where you  as a customer actively chose to use one of our services or otherwise contacted us to find out  more about our services does not count as direct marketing.

If you object to direct marketing, we will stop processing  your personal information for that purpose as well as cease all types of  direct marketing measures.

Remember that you always have the opportunity to influence which channels we will use for direct mail  and personal offers. For example. you can choose to only receive offers from us via e-mail,  but not sms. In that case, you should not object to the processing of personal data as such, but  instead limit our communication channels.

You can also object specifically to the analyzes we do (profiling).

Right to data portability. In some cases, you have the right to request the information concerning you and  which you have submitted to us transferred to another personal data controller (so-called  data portability). A prerequisite for data portability is that the transfer is technically possible  and can be automated. What is written about the rights above only applies to  processing of personal data covered by the GDPR.


Cooach has taken technical and organizational measures to ensure that yours  personal data is processed securely and that they are protected from loss, misuse and  unauthorized or unauthorized access. Only the people who actually need to treat yours  personal data in order for us to fulfill our stated purposes have access to them.

Organizational security measures are measures that are implemented in working methods and routines  within the organization. Our organizational security measures from time to time are but not  exclusively:

– Internal governing documents (policies / instructions)
– Information security policy
– Physical security (premises etc.)

Technical safety measures are measures that are implemented through technical solutions. Ours  technical safety measures from time to time are but not exclusively:
– Encryption
– Access list
– Access log
– Secure network
– Regular check of the security level
– Two-step verification
– Password management software for all passwords


When you visit our website, we may send “cookies” to your computer. A cookie is a small text file or piece of data that a website you visit can place or save on your computer.

Cookies do not contain any personally identifiable information. However, if you provide such personally identifiable information to us (eg by registering for an Internet-related service or password provided by us), such information may be linked to data stored in the cookie. 

There are two types of cookies. The  The first type saves a file for an extended period of time on your computer and it may remain on your computer  computer after you turn it off. Such a cookie can, for example, be used to  Tell a visitor what information on the site has been updated since his  or her most recent visit to that site. The second type of cookie is called  “session cookie”. When you visit a website, session cookies are temporarily stored in your computer’s memory. This can be done, for example, to keep track of the language you have selected  the website. Session cookies are not stored for a long time on your computer because they  disappears when you close your browser. We may use third parties to help us  collect or process information obtained through cookies. We may use cookies by several  reasons, such as:

– to compile anonymous statistics related to patterns and trends for browsing;
– to analyze sales data;
– to conduct market research;
– to customize the content or functions of the website;
– to support or track visits to websites for users of certain
internet-based services;
– to enable users with passwords to access certain web pages again  without having to rewrite previously entered information.

Contact the Privacy Protection Authority

The Integrity Protection Authority is the supervisory authority, ie. responsible for monitoring the application of the legislation. If you believe that a company is processing personal data incorrectly, you can submit a complaint to the Privacy Protection Authority.

How do you contact us most easily with questions about data protection?

You can always contact us at You can reach our Data Protection Officer at the same address – then write the FAO Data Protection Officer in the subject line.

We may make changes to our privacy policy. The latest version of the privacy policy is always available here on the website.

Jag vill veta mer om Cooach affärsstödsplattform

Vi tar gärna ett kort möte för att diskutera hur du på bästa sätt kan dra nytta av våra affärsstödsstjänster. Fyll i din mejl adress nedan och välj därefter en mötestid i kalendern som dyker upp i nästa steg.