Privacy Policy

We (Theoz - Firma Haraldsson, John Teodor), with organization number 790625-1959, Nybblegatan 89, 583 72 Vikingstad, Sweden) handle personal data in accordance with the EU Data Protection Regulation, also known as the GDPR (General Data Protection Regulation).


Personal information is all kinds of information that can be directly or indirectly linked to a living person. We may handle personal data in the form of

  • first name,
  • surname,
  • title,
  • workplace,
  • email address,
  • phone number,
  • date of birth,
  • postal address,
  • visiting address,
  • IP address.


We only process personal data submitted with consent. In order for consent to be an active choice and thus valid, we use a check box next to each form, which you must mark to confirm that you have read and understood our privacy policy.

You can revoke your consent at any time by contacting Please note that we may save your personal data on legal grounds, partly because the Swedish Accounting Act requires that documents (invoices, receipts, etc.) be saved for 7 years.

Area of ​​use
We will process the personal information you provide when you fill out forms on our website or when you contact us.

‍We may store your personal information for marketing purposes if you have chosen to subscribe to one of our mailings by filling in your information in a form on our website.

Business relationships
We may store your personal information in order to maintain the business relationship and be able to share important company information to you who are a customer, partner, employee or sub-consultant.

Accounting information
We may store your personal information in order to be able to issue invoices and receipts in accordance with the Accounting Act.


We do everything we can to ensure that your personal information is stored securely. Only a few people have access to the login information for the services we use to store personal information.

We use two-factor authentication. This means that the user's identity must be confirmed using something more than just a password when logging in, e.g. using SMS code, Mobile BankID or similar.

We use industry standards such as SSL / TLS to handle sensitive information such as personal data in a secure way.

Should your personal information unexpectedly end up in the wrong hands, we will of course contact you as soon as possible with more information.


We are always responsible for personal data. Your personal information will never be resold, rented out or transferred to third parties. We do not pass on your information, except to those of our subcontractors who are personal data assistants.

Personal data assistants

We use several software and services provided by subcontractors. Each subcontractor is a personal data assistant, which means that they handle data on behalf of the personal data controller.

The assistants hired by the data controller must be able to provide sufficient guarantees that the processing meets the requirements of the Data Protection Ordinance and ensures that the data subject's rights are protected.

Below is a list of all subcontractors who in one way or another may handle your personal data. In parentheses you will find the company name and country of registration. You can click on the name of each subcontractor to take note of their privacy policy or corresponding guidelines.

  • For email, file management and calendar: G Suite (Google Ireland Limited, Ireland)
  • For email marketing: GetResponse (GetResponse Sp. Z o.o., Poland)
  • For website, form and order management: Webflow (Webflow Inc., USA)
  • For project management: Notion (Notion Labs Inc., USA)
  • For automation and systematization: Zapier (Zapier Inc., USA)
  • For contract signing and legal documents: Scrive (Scrive AB, Sweden)
  • For accounting: Visma eEkonomi (Visma Spcs AB, Sweden)
  • For card payments: Stripe (Stripe Inc., USA)
  • For transport services: Postnord (Posten AB, Sweden)
  • For transport administration: Sendify (Sendify AB, Sweden)

Your rights

You have the right to take part in any personal information we have about you and how we handle it at any time. Send an email to and announce that you wish to take part in a personal data extract.

You also always have the right to have your information corrected if something is not right. You can at any time request that your personal data be deleted if there is no longer any legal basis for the processing.


Cookies are used on most websites, and according to Swedish law, we are obliged to inform about what cookies are and how we use them.

Cookies are small text files that are saved in your device. Each cookie contains information about your visit to the website and is used by us to improve usability. Sometimes we also use cookies to be able to offer content and ads that are relevant to you.

If you do not want cookies, you can choose not to accept cookies in the device's browser. You can also choose to delete your cookies. Read more at