Last updated: 2026-03-15
1. data controller
The data controller for the processing of your personal data is
Upzone AB
Organization number: 556774-6119
E-mail: boka@upzone.se
Website: www.upzone.se
Upzone AB is responsible for ensuring that your personal data is processed in accordance with applicable data protection legislation, including the General Data Protection Regulation (GDPR).
2. What personal data we collect
We may collect different types of personal data when you use our services or visit our website. The data processed may be data that you provide to us yourself, for example when you make a booking, contact us or use our services. In these cases, we may process data such as your name, telephone number, e-mail address, billing information and any messages or other information you choose to provide in connection with contact or booking.
When booking activities, we may also process data linked to the booking itself. This may include, for example, the date and time of the booking, the number of participants, payment information and order history linked to completed or planned bookings.
In addition, when you visit our website, we may automatically collect certain technical data. This may include information such as IP address, device information, browser type, pages visited and date and time of visit. This information is generally collected through cookies and various analytical tools used to improve the functioning, security and user experience of the website.
3. Why we process your data
We process personal data for several different purposes linked to our business and our services. This may include managing bookings and customer matters, delivering the services and activities booked and sending booking confirmations and other relevant information to you as a customer. Personal data may also be processed in connection with payments and invoicing, and to administer and follow up on completed bookings.
We may also use data to improve our website, our services and the overall customer experience. In some cases, personal data is also processed to comply with legal obligations applicable to the business, for example under accounting legislation or other applicable regulations.
The legal basis for our processing of personal data may vary depending on the situation. The processing may take place to fulfill an agreement with you, for example in connection with a booking, to fulfill a legal obligation that we are required to comply with by law, or on the basis of our legitimate interest to conduct and develop the business. In some cases, the processing may also be based on your consent, for example when it is required for specific functions or services.
4. How long we keep data
We keep personal data only as long as it is necessary for the purpose.
Example:
Booking data is stored for as long as required for administration and accounting purposes
Data related to accounting is kept according to law (usually 7 years)
Customer dialog data is stored as long as it is relevant to the customer relationship
When the data is no longer needed, it is deleted or anonymized.
5. Sharing of personal data
In some cases, we may share personal data with service providers that help us run and develop our business. These may include, for example, providers of payment services, booking systems, e-mail services, web hosting and analysis tools used to improve functionality and user experience on our website. These providers process personal data only to the extent necessary to provide their services and always according to our instructions and in accordance with applicable data protection laws. We ensure that such providers comply with requirements for the secure handling of personal data. Personal data is never sold to third parties.
6. Cookies
Our website uses cookies to improve the user experience.
Cookies are used for, among other things:
functionality of the website
statistics and analysis
to remember your settings
You can choose to block cookies in your browser.
7. your rights
Under the General Data Protection Regulation (GDPR), you have several rights regarding how your personal data is processed. You have the right to request information about what personal data we process about you and to access this data. You also have the right to request rectification of data that is inaccurate or incomplete. In certain circumstances, you can request the erasure of your personal data, the restriction of its processing or object to its processing. You also have the right to obtain the personal data you have provided to us in a structured format, known as data portability, in order to transfer it to another service if technically possible.
If you wish to exercise any of these rights, please contact us and we will help you.
8. complaints
If you believe that we are processing your personal data incorrectly, you can file a complaint with the Data Protection Authority
9. Security
We take technical and organizational security measures to protect personal data from:
unauthorized access
loss
manipulation
unauthorized disclosure
10. Changes to the policy
We may update this privacy policy if necessary. The latest version is always available on our website.
