GDPR & data protection
AngelEQ is built GDPR-first. We work with business data on Swedish companies, and we treat the people behind that data with the rights the GDPR gives them. This page explains, in plain terms, what we hold, why we are allowed to, and how you stay in control.
What we process
Business firmographics on Swedish companies (from the public company register, SCB) and business contact details such as a name, work role, work email and switchboard or work phone, gathered from companies' own public websites and public filings. We do not seek special-category data, and we are not a consumer marketing list.
Our lawful basis
For business contact data we rely on legitimate interest (GDPR Article 6(1)(f)): connecting Swedish businesses with relevant suppliers in a B2B context. We have weighed that interest against the rights of the individuals concerned, we limit the data to a professional context, and we always honour an objection.
Your rights, and how we act on them
- Object / do not contact. Tell us not to include you and we hide you from every export and every view in the product. Your record stays out of all outputs.
- Erasure (right to be forgotten). We permanently delete your contact record. To make the erasure stick, we keep only a one-way fingerprint (a hash) so that if your details ever reappear in a future website scan, our system recognises and skips them. We cannot reconstruct your name, email or phone from that fingerprint, and we hold it for no other purpose.
- Access & rectification. Ask what we hold about you, and have it corrected.
To exercise any of these, email hello@angeleq.ai. An objection or erasure is permanent: it does not lapse over time.
How long we keep data
We follow data minimisation and storage limitation. Public company-register data is kept as a public record. Business contact details are re-verified periodically (around every 24 months) and removed if they can no longer be confirmed. Raw website content is refreshed rather than hoarded. Opt-out and erasure take effect immediately and are kept permanently.
Where your data lives
Data is hosted in the European Union (Microsoft Azure, Sweden) and served through Cloudflare. Access is restricted and audited.
Sub-processors
We use a small set of providers to run the service (for example Microsoft Azure for hosting and database, Cloudflare for delivery and protection, and Anthropic for the language model that structures public web content). They process data on our instructions only. A current list is available on request.
Security
Access requires organisational single sign-on, sessions time out, and administrative and data-pull actions are logged. We keep an audit trail of opt-out and erasure actions so we can show they were carried out.
Contact & complaints
For any data-protection question, email hello@angeleq.ai. You also have the right to lodge a complaint with the Swedish data protection authority, IMY (Integritetsskyddsmyndigheten).