Logo

Privacy Policy

About Us and Data Controller

Paxaden is operated by Jane Doe Communication AB (org. no. 556663-5321), which is the Data Controller responsible for your personal data in Paxaden. We comply with the EU General Data Protection Regulation (GDPR) and applicable data protection laws to safeguard your privacy. This policy describes what we process, for what purposes, on which legal bases, how long we keep it, how we share it, and your rights.

Information We Collect

We collect various types of information to provide and improve our services. This information is obtained from your input, your use of our services, and cookies or similar technologies:

  • Account Data: Information you provide when creating an account, such as your name, email address, and contact details.
  • Usage Data: Information about how you use our services, including device information, IP address, and interaction logs.
  • Optional Data: Data related to optional features you use, like bookings or preferences.

Purposes and Legal Basis

We process your personal data only when we have a valid legal basis and for clearly defined purposes under GDPR Article 6. The main purposes and their legal bases are:

  • Account and sign-in – to create and administer your account and authenticate you. Legal basis: Contract (Art. 6(1)(b)).
  • Carrying out bookings – to provide and maintain our services, including booking flows, reminders and updates. Legal basis: Contract (Art. 6(1)(b)).
  • Payments and invoicing – e.g., via Stripe. Legal basis: Contract (Art. 6(1)(b)) and legal obligation for accounting (Art. 6(1)(c)).
  • Support and troubleshooting – to assist you with questions or issues. Legal basis: Legitimate interests (Art. 6(1)(f)).
  • Operations, security and abuse prevention – logs, access controls and fraud prevention. Legal basis: Legitimate interests (Art. 6(1)(f)).
  • Optional features and preferences – only if you choose to use them. Legal basis: Consent (Art. 6(1)(a)) or Contract (Art. 6(1)(b)), depending on the feature.
  • Marketing communications – only if you have explicitly consented. Legal basis: Consent (Art. 6(1)(a)). You may withdraw your consent at any time.

Service‑related (Transactional) Messages

Paxaden may send service‑related messages such as booking confirmations, reminders, cancellation and change notices. These messages are considered part of the contracted service and do not require separate marketing consent. Where available, you can control certain notifications in your settings.

Data Sharing and Processors

We engage trusted third-party service providers to assist in operating our services, including Supabase for database management, Stripe for payment processing, and hosting providers. These processors only access the data necessary to perform their functions and are bound by data protection agreements that comply with GDPR requirements, including Standard Contractual Clauses (SCCs) where applicable.

We do not sell your personal data to any third parties.

Data Storage and Location

Your personal data is stored within the European Union or in countries that provide an adequate level of data protection as recognized by the European Commission. Where data is transferred outside these areas, appropriate safeguards are in place to protect your information. Where data is transferred outside the EU/EEA, we use appropriate safeguards such as the European Commission’s Standard Contractual Clauses (SCCs) and apply supplementary technical and organizational measures.

Security

We implement appropriate technical and organizational measures, including encryption and access controls, to protect your personal data against unauthorized access, alteration, disclosure, or destruction. You are also responsible for maintaining the confidentiality of your account credentials and promptly notifying us of any unauthorized use.

Your Rights under GDPR

Depending on your location, you have rights under data protection laws such as the GDPR, including:
  • The right to access your personal data we hold about you.
  • The right to correct any inaccurate or incomplete data.
  • The right to request deletion of your personal data.
  • The right to data portability, allowing you to receive your data in a structured format.
  • The right to restrict or object to certain processing activities.
  • The right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

You also have the right to lodge a complaint with a supervisory authority. In Sweden, this is the Swedish Authority for Privacy Protection (IMY), or you may contact your local EU/EEA authority.

To exercise any of these rights, please contact us at info@paxaden.se.

Want to remove your account and all of your data? Please see our data removal page.

Cookies

We use cookies and similar technologies to enhance your experience on our website. For detailed information about the cookies we use and how to manage them, please refer to our separate Cookie Policy.

Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We encourage you to review this page regularly. The date of the latest update is indicated below.

Contact

Paxaden Jane Doe Communication AB
Data Controller: Jane Doe Communication AB (org. no. 556663-5321)
Email: info@paxaden.se
Last updated: October 2025
Paxaden