Table of Contents
1. Data Controller
The data controller for personal data collected via this website is:
Uvdal Hytteservice
Engelbrektsplan 2
114 34 Stockholm, Sweden
Org. No: 556585-1267
Email: info@Uvdal Hytteservice.se
Uvdal Hytteservice is under the supervision of the Swedish Financial Supervisory Authority (Finansinspektionen) and processes personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and Swedish supplementary legislation.
2. What Personal Data We Collect
We collect personal data in the following circumstances:
2.1 Data You Provide to Us
- Name, email address and phone number when you contact us or submit an enquiry form
- Company name and role when contacting us for business purposes
- Investment profile and financial information when you become a client
- National identity number, address and KYC (Know Your Customer) documentation required by law for client onboarding
2.2 Data Collected Automatically
- IP address, browser type and operating system
- Pages visited, time spent on pages, and navigation paths
- Referring URLs and search queries leading to our site
- Device identifiers and cookie data (see Section 6)
- Google Analytics data including demographics and interests (where consented)
- Microsoft Clarity session recordings and heatmaps (where consented)
3. How We Use Your Data
We use personal data for the following purposes:
- To provide and manage financial services and client relationships
- To respond to your enquiries and provide customer support
- To comply with our legal obligations under Swedish and EU financial law (AML, KYC, MiFID II)
- To improve our website and user experience through analytics
- To serve you relevant advertising through Google Ads and Microsoft Bing Ads (with your consent)
- To measure the effectiveness of our advertising campaigns
- To send you marketing communications (only where you have given explicit consent or where we have a legitimate interest as an existing client)
- To protect against fraud and ensure security
4. Legal Basis for Processing
We rely on the following legal bases under GDPR Article 6:
- Consent (Art. 6(1)(a)): For advertising cookies, analytics, and direct marketing communications. You may withdraw consent at any time.
- Contract (Art. 6(1)(b)): To perform our obligations under a client agreement, including KYC and service delivery.
- Legal obligation (Art. 6(1)(c)): To comply with financial regulations, anti-money laundering laws, and Finansinspektionen requirements.
- Legitimate interests (Art. 6(1)(f)): For website security, fraud prevention, and improving our services, where this does not override your rights.
5. Online Advertising (Google Ads & Microsoft Bing Ads)
We use Google Ads (Google LLC) and Microsoft Advertising / Bing Ads (Microsoft Corporation) to reach prospective clients. This involves the use of cookies and pixels that collect data about your visits to our website to show you relevant advertisements on other platforms and websites.
5.1 Google Ads & Google Analytics
We use Google Ads conversion tracking and Google Analytics to understand how users interact with our site after clicking on our advertisements. Google may use this data in accordance with its own privacy policy. You can learn more and opt out at adssettings.google.com.
Data processed by Google may be transferred to the United States. Such transfers are governed by Google's Standard Contractual Clauses as required by GDPR.
5.2 Microsoft Bing Ads (Universal Event Tracking)
We use Microsoft Advertising's Universal Event Tracking (UET) tag to measure conversions and to serve retargeted ads through the Microsoft Advertising network (including Bing, LinkedIn Audience Network, and partner sites). Microsoft may collect your IP address, browser information, and browsing behaviour on this site.
You can opt out of Microsoft personalised ads at Microsoft Personalised Ads.
5.3 Remarketing
We may use remarketing lists to show ads to users who have previously visited our website. These lists are based on cookie data and do not contain personally identifiable information. You can opt out of remarketing through your browser cookie settings or the platforms' opt-out tools.
5.4 Your Advertising Choices
You can opt out of interest-based advertising at any time via:
- Your Online Choices (EU)
- Google Ad Settings
- Microsoft Advertising Opt-Out
- Managing cookies in your browser settings
6. Cookie Policy
Cookies are small text files placed on your device when you visit our website. We use the following categories of cookies:
6.1 Strictly Necessary Cookies
These cookies are essential for the website to function. They cannot be disabled.
| Cookie Name | Provider | Purpose | Duration |
|---|---|---|---|
| PHPSESSID | Uvdal Hytteservice | Maintains your session state across pages | Session |
| cookieconsent | Uvdal Hytteservice | Stores your cookie consent preferences | 1 year |
| csrf_token | Uvdal Hytteservice | Security: prevents cross-site request forgery | Session |
6.2 Analytics & Performance Cookies
These cookies help us understand how visitors use our site so we can improve it. They require your consent.
| Cookie Name | Provider | Purpose | Duration |
|---|---|---|---|
| _ga | Google Analytics | Distinguishes unique users for traffic analysis | 2 years |
| _ga_* | Google Analytics | Stores and counts page views | 2 years |
| _gid | Google Analytics | Distinguishes users (short-lived) | 24 hours |
| _gat | Google Analytics | Throttles request rate | 1 minute |
| _clck | Microsoft Clarity | Identifies user browser for session recording | 1 year |
| _clsk | Microsoft Clarity | Groups page views in same session | 1 day |
6.3 Advertising & Targeting Cookies
These cookies are used by our advertising partners to build a profile of your interests and show relevant ads. They require your consent.
| Cookie Name | Provider | Purpose | Duration |
|---|---|---|---|
| _gcl_au | Google Ads | Stores and tracks conversions from Google Ads | 3 months |
| _gcl_aw | Google Ads | Links clicks to conversions for Google Ads reporting | 90 days |
| IDE | Google DoubleClick | Used to build a profile and serve targeted ads | 1 year |
| test_cookie | Google DoubleClick | Checks if browser supports cookies | Session |
| _uetsid | Microsoft Bing Ads | Tracks conversions via Bing UET tag | 1 day |
| _uetvid | Microsoft Bing Ads | Identifies returning users for Bing remarketing | 16 days |
| MR | Microsoft | Used to collect statistics on user visits | 7 days |
| MUID | Microsoft | Identifies unique web browsers for Bing advertising | 1 year |
| fr | Meta (Facebook) | Used for Facebook Pixel ad targeting (if activated) | 3 months |
7. Manage Your Cookie Preferences
You can control which non-essential cookies you allow below. Changes take effect immediately and are stored for 12 months. Note that disabling advertising cookies does not mean you will see fewer ads — they will simply be less relevant to you.
8. Sharing Your Data
We do not sell your personal data. We may share your data with:
- Service providers and processors: IT providers, cloud hosting, analytics platforms (Google, Microsoft) — under data processing agreements
- Financial regulators: Finansinspektionen, Euroclear Sweden, and other authorities as required by law
- Clearing houses and exchanges: Nasdaq Stockholm, NGM, Spotlight Stock Market, as required for securities transactions
- Professional advisers: Lawyers, auditors, and consultants under confidentiality obligations
- Group companies: Affiliated companies within the Uvdal Hytteservice group for internal administrative purposes
Where data is transferred outside the EU/EEA (e.g. to Google or Microsoft in the United States), we ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission.
9. Data Retention
We retain personal data only as long as necessary for the purposes described in this policy:
- Client data: Retained for the duration of the client relationship and for at least 10 years thereafter, as required by Swedish financial law and AML regulations
- Enquiry and contact data: Up to 2 years from the date of last contact, unless a client relationship is formed
- Website analytics data: Up to 26 months (Google Analytics default)
- Advertising data: As determined by the advertising platform's own data retention policies (typically 90 days to 13 months)
- Marketing data: Until you unsubscribe or withdraw consent
10. Your Rights Under GDPR
As a data subject in the EU/EEA, you have the following rights:
- Right of access (Art. 15): Request a copy of personal data we hold about you
- Right to rectification (Art. 16): Request correction of inaccurate or incomplete data
- Right to erasure / "right to be forgotten" (Art. 17): Request deletion of your data where there is no legitimate reason to retain it
- Right to restriction of processing (Art. 18): Request we limit how we use your data in certain circumstances
- Right to data portability (Art. 20): Receive your data in a structured, machine-readable format
- Right to object (Art. 21): Object to processing based on legitimate interests or direct marketing
- Right to withdraw consent: Withdraw consent at any time without affecting the lawfulness of prior processing
- Right to lodge a complaint: You may lodge a complaint with the Swedish supervisory authority Integritetsskyddsmyndigheten (IMY)
To exercise any of these rights, contact us using the details in Section 12. We will respond within one month of receiving your request.
11. Security
We implement appropriate technical and organisational security measures to protect your personal data against unauthorised access, alteration, disclosure or destruction. These measures include encryption of data in transit (TLS/HTTPS), access controls, pseudonymisation where appropriate, and regular security reviews.
Despite our efforts, no method of transmission over the internet is 100% secure. If you believe your data has been compromised, please contact us immediately.
12. Contact & Data Protection Officer
For questions about this policy, to exercise your data rights, or to withdraw consent, please contact us:
Data Protection Contact
Uvdal Hytteservice
Engelbrektsplan 2, 114 34 Stockholm, Sweden
Email: dataskydd@Uvdal Hytteservice.se
Phone: +46 8 503 015 50
You may also contact the Swedish supervisory authority:
Integritetsskyddsmyndigheten (IMY) — www.imy.se
This Privacy & Cookie Policy was last updated in March 2025. We may update this policy from time to time. The most current version will always be available on this page. Where changes are material, we will notify you by email (if you are a client) or by a notice on our website.