Privacy Policy


We develop your information security from both a technical and legal perspective, with the goal to create security for everyone in the digital society. This policy describes the personal information we collect and how it is used and shared.

Our policy applies to all Secure States Cyber services and other contact with Secure State Cyber, such as website visits ( and email communications.

The privacy policy will be updated periodically. All changes to the policy will be published on this page, and in the event of significant changes, we will clearly state this on our website.

Although we will do our best to notify you of changes to our privacy policy, we encourage you to periodically review this policy.



Data controller

Secure State Cyber is the data controller and personally responsible in regard to the information we collect about you and the processing that occurs for purposes and with means determined by Secure State Cyber, such as, personal information from visitors on our site and customer contact information.

However, when we process your personal information on behalf of a customer, such as when carrying out our services, we act solely as data processors. In these situations, please contact the data controller responsible, usually our customer. If you are unsure of who is responsible data controller, feel free to contact us and we will assist you in finding out.

What types of personal data do we collect about you as a customer?

When visiting our web site or in order to purchase our services or contact us for information or assistance, we may collect personal information about you, such as:

Information that you provide us with

We collect and process personal information that you provide to us, such as, in connection to visiting our site, buying a particular service, signing up for our newsletter, contacting us or using our digital channels.

Information that is collected when you visit our website

When you visit our website, we record information about your visit. This information includes the pages you visit and your user behavior. This information may include operating systems, browser versions, IP addresses, cookies, and unique file identifiers. Please see our cookie policy for more information.

How are we processing your personal data?


Secure State Cyber Customers:

We process your personal information to:

  • Meet our obligations to you as a customer, such as administration, processing and carrying out purchases, invoicing and provision of support
  • Follow applicable legislation, such as the accounting act

If you subscribed to our newsletter and showed interest by filling in our online form:

Secure State Cyber ​​process your personal information to:

  • Be able to communicate with you about promotions, invitations to events, and targeted marketing of Secure State Cyber ​​services

Visitors of our website:

Secure State Cyber ​​process your personal information to:

  • Analyze how you behave on our website to make improvements in relation to user experience and user friendliness.
  • Analyze which of our pages and services are most interesting to visitors.

Lawful basis

Our processing of your personal data is based on the following lawful basis:

Secure State Cyber customers:

  • Avtal och rättslig förpliktelse – För att uppfylla våra avtalsenliga och juridiska skyldigheter

If you subscribed to our newsletter and showed interest by filling in our online form:

  • Consent – Is provided when you sign up for our email subscription

Visitors of our website:

  • Consent – For unnecessary treatment, such as statistics
  • Legitimate interests – For treatment necessary to provide a quick and user-friendly website or to enable you visiting it

How is this information shared?

IT suppliers

In order to technically process your personal information, it may be transferred to the IT providers who provide our platforms or CRM systems. In these cases, we have made demands on the supplier through the means of data processor agreements to ensure that they handle the information in a safe and secure way.

Third country

Should your personal data be processed outside the EU / EEA area (third country), we will tell you in connection with relevant processes. In such cases, processing will be in accordance with the protection rules stated in the General Data Protection Regulation (GDPR). Currently, no such transfer occurs.

For how long are we storing your personal data?

We will store your personal information as long as there is relevant purpose in relation to the processing. When this purpose is no longer relevant, for example, if a contract is no longer valid or the case has been closed, your personal information will be handled in accordance with the laws applicable to archiving and possible litigations.

In regard to marketing, we store information about our customers for a maximum of 24 months after the customer has completed a purchase or otherwise interacted with Secure State Cyber. Thereafter, the data is deleted from the system.

How can I process or erase personal information about me?

Either on your request or on your own initiative, Secure State Cyber ​​may correct, anonymise, delete or supplement personal information that is incorrect, incomplete or misleading.

You are entitled to revoke your consent to the processing of personal data at any time, with immediate effect and free of charge. You can do this by contacting Secure State Cyber ​​through the following link.

If you do not want Secure State Cyber ​​to process your personal data for purposes of direct marketing, you have the right to object by contacting us here. When we receive your objection, we cease the processing of your personal information for marketing purposes.

You also have the right to object to processing of your personal data that is based on legitimate interests. In such cases, Secure State Cyber ​​will only continue treatment if there are legitimate interests that would weigh heavier than your personal interests.

Rights at Secure State Cyber

You are entitled to request:

  • Access to your personal information, such as registry extracts or copies of your personal information
  • Correction of your personal information on your request
  • Deletion of your personal data, if continued processing is no longer necessary in relation to the purpose for which they were collected. This is provided that there are no legal requirements that prevent us from immediately deleting your personal information in accordance with, for example, accounting and tax laws
  • Limitation of treatment if you believe that your personal information is incorrect, and you have requested a correction
  • Extract and transfer of your personal data via a structured, widely used and machine-readable format to another data controller, under certain conditions

You are entitled to file a complaint regarding our personal data processing to the Data inspection (

How we communicate changes of this policy

We will periodically update this privacy policy. All changes to this policy will be published on this page, and in the event of significant changes, we will also clearly state this on our website.

Although we will do our best to notify you of changes to our privacy policy, we encourage you to periodically review this policy.

Cookie policy

You can find our Cookie Policy here