Last updated on October 18, 2019.

Make sure to read this privacy notice carefully and feel free to reach out if you have any questions or concerns.


On 25 May 2018, the most significant piece of European data protection legislation to be introduced in 20 years will come into force. The main focus of the General Data Protection Regulation (GDPR) is the protection of personal data and digital privacy. The GDPR applies to any website or mobile application collecting data from EU residents.

To comply with the GDPR and to safeguard your personal data and digital privacy as good as possible, we specify the following things


The legal entity collecting your data here is SB Insight based in Sweden.
At SB Insight, we are the ‘controller’ of your personal data that you consent to share with us.
With that, SB Insight defines the purposes and means of the processing of your data.

The following online domains are part of SB Insight and fall under this privacy notice:


Our legal basis for processing your personal data is:

  • You have given us your consent to have your data processed for a specific purpose/s. When you consent, you can change your mind at any time.

  • We have a legitimate interest in using your personal information. In particular, we have a legitimate interest in the following cases:

Direct Marketing: The GDPR states, ‘the processing of personal data for direct marketing purposes may be regarded as carried out for a legitimate interest’. Our purpose is to keep you up to date on our products and services and gather feedback to improve them along the way. In order to reach out to you with relevant information, we need personal data, like your name, email address, interest and country. These personal details are only used when they are given to us with consent (e.g. newsletter sign-up, downloads, event registration). For other marketing purposes (e.g. advertising), we make use website analytics to improve our services and third parties to reach new audiences. For this we never use of personal data or profiling. You can read more about this in the next paragraph.

Relevant and appropriate relationship: We process personal data when there is a direct appropriate relationship, such as when you are our client and/or we enter into contract. In order to provide you as a client with relevant information and requested services, we need to have access to some personal data. In other words, so we can perform our contract with you or take steps at your request before entering into one. For example, we need your name, email address and company details.

The protection of your personal data is important to us and we will use any information we gather with care and only for these stated purposes. These legitimate interests are always overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.


Most of our services do not require any form of registration, allowing you to visit our website without telling us who you are. However, some services may require you to provide us with personal information. Some main examples are: subscribing to the newsletter, signing up for an event or downloading reports. In all situations in which you are required to provide personal information, we will clearly ask for your consent and share this privacy notice with you.

Website Analytics

You can visit our website without giving away your personal information. In order to improve our services, users’ experiences and to analyze how the website is used, SB Insight makes use of cookies and website analytics.

 Direct Marketing

When signing up for our newsletter or requesting other information on our website, we ask you for your name, email address and sometimes your company name. The purpose of gathering this information is to be able to provide you with the relevant information to your request and to improve our services. Again, in all situations in which you are required to provide personal information, we will clearly ask for your consent and share this privacy notice with you.


When signing up to one of SB Insight’s event, you are asked to share some personal data, like: name, email address, address, company. The purpose of gathering this information is solely to keep track of event registration, to keep you up to date about the event details and to improve our services.


Cookies are small files that are automatically dropped on your computer as you browse the web. In and of themselves they are harmless bits of text that are locally stored and can easily be viewed and deleted. Cookies are used to provide insights into your activity and preferences on the web. You can always manage and delete your cookies in the settings of your browser.

As cookies can be used to uniquely identify you as a person, we treat cookies as personal data. When you browse our website, we will inform you about the use of cookies and ask your explicit consent.

We make use of permanent and third-party cookies for analytics purposes to learn about our traffic and improve our services. These cookies do not contain names, email addresses or other personal information that is directly linked to an individual. Additionally, we make use of session cookies, which are temporary and expire once you leave our site. Session cookies are mainly used to improve your experience, e.g. like holding your items in a shopping basket while you are shopping online (if relevant). 

Read more about your personal data and third parties in the following section.


We share personal information with our third party service providers that perform services on our behalf. For example, we may use third parties to help us provide customer support, manage our advertisements, send marketing and other communications on our behalf or assist with data storage. When it comes to advertising, we never share your personal data directly with third parties. As said the data we use for adverting on platforms of third parties is related to general information around SB Insight’s web-visitors, e.g. geography or language. In general, the third-party service providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.

We carefully choose service providers with whom we share personal data and require them to commit to standards that we consider adequate.

  • SB Insight websites are built with the web-builder Squarespace, which provides an analytics tool to analyze and improve website traffic (see Squarespace’s privacy statement here.)

  •  Additionally, SB Insight used Google Analytics. Aside from the approximate location (IP address), the information collected by Google Analytics is mostly anonymous traffic data, including browser information, device information, language. The collected information is used to provide an overview of how people are accessing and using SB Insight’s website. Read Google’s privacy commitments here.

  •  SharpSpring is our CRM system which we use to communicate with our potential and existing customers. All our information is stored in secure Privacy Shield-certified (EU-approved) Google and Amazon-servers, via our CRM system. Only relevant people can access the information, all of whom are obliged to keep it confidential. Read SharpSpring’s privacy policy here. 

Other service providers

All third-party data processers we work with are compliant with GDPR regulations. However, it is important to state that each third-party company is responsible for ensuring their own compliance with the GDPR, just as they are responsible for compliance with the laws that apply to them today

We never sell any personal data to third parties.

Legal Reasons

We may disclose your personal information if we are required by law to do so or if you violate our Terms & Conditions.


Certain third-party service providers may be located in or have facilities that are located in a different jurisdiction than either you or us. As an example, if you are located in Sweden and your information is processed by a third party located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation. We recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.


Personal data processed for any of the stated purposes shall not be kept for longer than is necessary for those purposes.

  • We securely delete information that is no longer needed for the previously stated purposes

  • We update, archive or securely delete information if it goes out of date.


Under the GDPR, you as an individual have 8 fundamental rights. We respect and adhere to all these rights when it comes to collecting, storing and using any personal data.

  1. The right to be informed – all organisations must be completely transparent in how they are using personal data

  2. The right of access - individuals will have the right to know exactly what information is held about them and how it is processed.

  3. The right of rectification - individuals will be entitled to have personal data rectified if it is inaccurate or incomplete.

  4. The right to erasure - also known as 'the right to be forgotten', this refers to an individual's right to having their personal data deleted or removed without the need for a specific reason as to why they wish to discontinue.

  5. The right to restrict processing - an individual's right to block or suppress processing of their personal data.

  6. The right to data portability - this allows individuals to retain and reuse their personal data for their own purpose.

  7. The right to object - in certain circumstances, individuals are entitled to object to their personal data being used. This includes, if a company uses personal data for the purpose of direct marketing, scientific and historical research, or for the performance of a task in the public interest.

  8. Rights of automated decision making and profiling - the GDPR has put in place safeguards to protect individuals against the risk that a potentially damaging decision is made without human intervention. For example, individuals can choose not to be the subject of a decision where the consequence has a legal bearing on them, or is based on automated processing. 


You can contact us anytime to:

  • Request access to information that SB Insight has about you

  • Correct any information that SB Insight has about you

  • Delete information that SB Insight has about you

If you have any questions or concerns about SB Insight’s collection and storage of data, we encourage you to contact us. You also have the right to lodge a complaint with supervisory authority when you feel. 

SB Insight has a ‘Data Protection Officer’ who is responsible for matters relating to privacy and data protection. The Data Protection Officer can be reached at the following address.
SB Insight
Attn:  Data Protection Officer
Hamngatan 15, 8th floor
SE-111 47 Stockholm



When you click on links on our website, they may direct you away from our website. Once you leave our website or are redirected to a third-party website or application, you are no longer governed by this Privacy Notice or our website’s Terms & Conditions. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.


The most recent version of the Privacy Notice is reflected by the version date located at the top of this Privacy Policy. If we make any material changes to this Privacy Notice, we will notify you via notifications on our website, and as otherwise required by applicable law.

We encourage you to review this Privacy Policy often to stay informed of changes that may affect you, as your continued use of the Website signifies your continuing consent to be bound by this Privacy Policy.