HomeSpotterHomeSpotter
HomeSpotterHomeSpotter

Information about personal data processing

Last updated: 2026-03-01

At HomeSpotter, we process data about you and how you use our services. HomeSpotter is the data controller for the data processed under the HomeSpotter brand. As data controller, we are responsible for the processing of your data, how and for what purposes the processing is carried out. You can find our contact details further down in this document.

What type of data we process

We collect and process two types of data about you:

Customer data is data related to your service, such as name, personal identity number, address, phone number, email address, information about which agreements and services you have with us and how you use our services, login credentials, and information about your financial status that we may obtain through credit checks.

Traffic data is data related to what happens when you use any of our electronic communication services. Traffic data is processed to transmit an electronic message over an electronic communications network when you use our services. This may be, for example, when you make a call or send a text message. Traffic data also includes information that we process for billing our services and for interconnection. Examples of traffic data include information about who has communicated with whom, at what time and how long the communication lasted, and which networks were used for such communication. Information about your location when you make a call or are connected, such as which cell tower, is also traffic data.

How we collect data

We collect and process data:

  • That you have provided yourself in connection with becoming our customer and when you communicate with us, e.g., when you sign up for a subscription, contact customer service, or when you sign up to receive our newsletter.
  • That is created when you use any of our services, e.g., when you browse HomeSpotter.se, send email,
  • That we obtain from other sources, e.g., from partners (e.g., various social media and marketing networks),
  • That is collected through our web pages placing cookies that collect information from your browser.

What type of data we process about you depends on which service(s) you use.

How we use data

For us to process customer and traffic data, the processing must, according to applicable privacy legislation, be based on a legal basis. This means that the processing must be done based on one of the following reasons: the processing is necessary (i) for us to fulfill an agreement with you or (ii) for HomeSpotter to fulfill a legal obligation, (iii) you have consented to the processing, or (iv) after a legitimate interest assessment.

Below you will find examples of purposes for which we process your customer and traffic data and what the legal basis is for such processing.

To comply with laws

We process data to fulfill our legal obligations, e.g., to comply with injunctions we receive from courts, including blocking access to certain web pages containing copyrighted material that is unlawfully provided from such pages. The legal basis for the processing is then legal obligation.

To deliver services

We process data to deliver the services you have ordered from us in accordance with the terms set out in the agreement between us. Such processing includes, for example, traffic management measures through filtering, blocking, and throttling to maintain the limitations in the service we have agreed on regarding delivery method. We also process data to charge for the services we have agreed on, to handle invoices and payments, to handle complaints and claims, and for error correction and handling of other incidents. We will also process data to ensure the operation of the service. The legal basis for processing data under this point is performance of contract.

To communicate with you about the services

We process data to communicate with you about the services we deliver, e.g., when you contact us for information, make inquiries, use the services, or provide feedback about our services and products. Based on your use of a service, we may give you recommendations on how to use such service, e.g., to get a better customer experience or learn about new features. We may also analyze the content of chat logs. We do this for the purpose of training our staff. We also process data to give you a better customer experience when you contact us, e.g., by routing your inquiry to the right department. The legal basis for processing customer data for this purpose is legitimate interest. Processing of traffic data for this purpose is only done after you have consented to such processing.

To develop new services

We analyze both customer data and traffic data for the purpose of improving our business, our existing services, and to optimize our services, to develop new services, product portfolios, and our way of working. We carry out such processing by compiling statistics on the use of both services and networks. We will also anonymize customer and traffic data for the above purposes. The legal basis for processing customer data is then a legitimate interest, and processing of traffic data is done based on your consent.

To prevent misuse of services and to protect you against unauthorized use

We process data to maintain the security of our services, to detect or prevent illegal use of the services or use that violates our terms of service. We also process data to protect you against unauthorized access and to prevent misuse of services and to prevent fraud. Our processing of customer data under this point is based on performance of contract. The processing of traffic data under this point is based on fulfillment of a legal obligation.

Processing for marketing purposes

We process data to market our products and services to you. We may send such marketing to you via email, SMS, mail, and telephone, as well as through personalized marketing on public web pages. We also carry out profiling. This means that we compile information we have received from you (and information created when you use our services) with data we receive from other parties and create a customer profile of you. We then use the customer profile to tailor marketing that we believe is relevant to you and to give you a better customer experience. We also use profiling to examine whether you are satisfied with the personal service we offer you. We also process data to form a picture of how we believe you would act in various situations and which subscriptions or offers we believe would suit you, e.g., when we suggest a certain service based on your previous use of our services. We carry out this type of processing of customer data based on a legitimate interest assessment. We process traffic data for this purpose only after you have consented to it.

We may also, after special consent from you, process data based on your geographical location that does not constitute traffic data.

In cases where the personal data processing is based on your consent, you have the right to withdraw your consent at any time. You will find more information about how to withdraw consent below under the heading 'Withdraw consent'.

Who we share data with

To companies within the HomeSpotter group and to subcontractors who process data on our behalf

We may share your data with other companies within the HomeSpotter group or with third parties such as subcontractors who perform services on our behalf. Sometimes it may be necessary for us to engage subcontractors to deliver our services to you. We then remain responsible for the processing of your customer data that we or the subcontractor carry out on our behalf. Such subcontractors may then not use the data for purposes other than those we specify. The sharing of your data is then done for the purpose of fulfilling the agreement between us.

This means that your personal data may be transferred to companies both within the EEA and to countries outside the EEA (i.e., third countries). All such transfers are based on applicable law, and when we engage subcontractors to perform part of the service delivery, we will enter into data processing agreements with such actors. The European Commission has approved certain countries outside the EEA that have a sufficiently high level of protection for personal privacy. If data processing is carried out in other countries outside the EEA, it will be based on an appropriate legal basis, such as the European Commission's model clauses for such transfer, Privacy Shield, or Binding Corporate Rules (binding corporate rules approved by the relevant data protection authority).

Authorities

We are sometimes, based on law or government decisions, obligated to disclose such data as required by the decision to authorities, e.g., to the police. The legal basis for this processing is fulfillment of a legal obligation.

Others

We may also, after you have given your consent, disclose your customer data to other actors, e.g., landlords or providers of third-party services that you have requested us to share your data with.

How long we store data

We will process your personal data for as long as is necessary with regard to the purpose of the processing. This means that different data will be stored for different lengths of time. Certain data we must store for a certain period to comply with applicable legislation.

As long as you are a customer with us, and for one year thereafter, we store your customer data. In cases where there are legal requirements to store data for longer periods, we comply with such laws. The Bookkeeping Act is an example of legislation that requires records to be kept for a certain longer period.

We store traffic data for billing purposes. We store the data until the invoice is paid and all legal relationships that the traffic data relates to are settled, and for a maximum of one year thereafter, with the exception of data that we must store according to the Bookkeeping Act.

To prevent misuse and verify authorized use of the services, e.g., to detect or prevent internet fraud, illegal use of the services, or the spread of viruses, spam, and trojans, we store IP addresses. We store IP addresses for this purpose for 21 days.

Since we want to be able to help you if an error occurs in the services we deliver to you, we will store user data for 30 days. You also have the option to consent to us processing user data to improve and develop new and existing services. For such purposes, we store user data for 30 days.

We want to be able to give you relevant offers based on how you use our services, e.g., based on how much you use our services, number of tips received. We store the information as long as you are our customer, but no longer than 3 years.

When you are in contact with our support, we may store chat and email logs for training and educational purposes. If you chat or email our customer service, the logs are stored for one year.

Your rights

The new data protection legislation that came into effect on 25 May 2018 aims, among other things, to strengthen the individual's right to their data. Therefore, you have the right to know what we do with your data, for what purposes we process your data, how long we store it, and who has access to the data. Below you will find an overview of your rights regarding our processing of your personal data, and how you can contact us to learn more about how we process your data.

Data protection officer and supervisory authority

HomeSpotter works to ensure that our personal data processing is carried out lawfully. If you have questions about our processing of personal data, want potentially incorrect data corrected, want certain data deleted, or have complaints about the processing, please contact us at kontakt@homespotter.se or by contacting support.

The Swedish Authority for Privacy Protection (IMY) is the Swedish supervisory authority for the processing of personal data. If you are dissatisfied with our processing of your personal data, you can contact the Swedish Authority for Privacy Protection.

Right of access

You should be able to know which of your personal data we process. Therefore, you have the right to receive a register extract from us free of charge once a year. To receive a register extract, you must clearly state what information you wish to access. We must respond to your request without undue delay, and no later than within one month. If for any reason we cannot fully respond to your request, we will explain why and we will also inform you how long we need to respond to your request. When requesting a register extract, we will ask you to identify yourself securely, and we will send your register extract to your registered address.

Right to rectification

If any of the data we process is incorrect or if additional data needs to be processed with regard to the purpose for which we process data, you have the right to have such incorrect data corrected or to supplement with such additional data as may be needed for the processing. When we have corrected your data, we will contact parties to whom we have disclosed your data and inform them of the corrections made, provided it does not entail an overly burdensome effort for us or if it would for any reason be impossible. We will also, if you request it, contact you and tell you to whom the correction has been disclosed.

Right to erasure

You also have the right in certain cases to have your data that we process deleted. If so, please contact our support. You will find contact details below.

Right to restriction

You also have the right in certain cases to have the processing we carry out restricted. Restriction means that the data is marked so that in the future it may only be processed for certain limited purposes. The right to restriction applies, among other things, when you consider the data to be incorrect and you have requested rectification. In such cases, you may also request that the processing of the data be restricted while we investigate whether the data is correct or not. When the restriction is lifted, we will inform you of this.

Data protection officer and supervisory authority

You also have the right to so-called data portability for the data you have given us in cases where we carry out the processing based on your consent or when we process data to fulfill an agreement with you. This means that you have the right to obtain the data you have given us and that we process about you in a certain format and that you have the right to transfer this to another data controller. The right to portability only applies to data we have processed automatically. This means that data that is only processed in paper files is therefore not covered by the right to data portability.

If you wish to exercise any of your rights as described above, we ask you to contact HomeSpotter's support.

Withdraw consent

Some of the processing we carry out of your customer and traffic data is based on you having approved the processing, a so-called consent. You usually give your consent when logged in on your customer profile or within the scope of the service you purchase from us. You will find more information about the consent in connection with us asking for your specific consent for a certain processing.

You have the right to withdraw a consent you have given us for a certain processing of your customer or traffic data at any time. To withdraw your already given consent, you can log in to your customer profile or your service and withdraw consent in the same way and at the same place where you previously gave us the consent. Above you will find more information about when we process customer or traffic data based on consent. You should note that we also carry out processing on legal grounds other than consent. We will therefore continue to carry out certain processing of your customer and traffic data even if you withdraw consent.

If you are under 18 years of age, your guardian must give and/or withdraw consents.

Contact details

Data controller

HomeSpotter Growth Stories LTD (C 92959) Northlink Business Centre, Level 2, Burmarrad Road Naxxar, NXR 6345 Malta www.homespotter.se

Other

If we make changes to this privacy policy, we will publish an updated version at homespotter.se/privacy where you will also have access to older versions of the policy.