Back to AngelEQ

GDPR & data protection

How we handle personal data. Draft, pending legal review before launch.

AngelEQ is built GDPR-first. We work with business data on Swedish companies, and we treat the people behind that data with the rights the GDPR gives them. This page explains, in plain terms, what we hold, why we are allowed to, and how you stay in control.

This describes our data-protection approach and is being finalised with legal review. The registered data controller is AngelEQ, in close partnership with ProToSell AB (Sweden). For a formal data processing agreement, email hello@angeleq.ai.

What we process

Business firmographics on Swedish companies (from the public company register, SCB) and business contact details such as a name, work role, work email and switchboard or work phone, gathered from companies' own public websites and public filings. We do not seek special-category data, and we are not a consumer marketing list.

Our lawful basis

For business contact data we rely on legitimate interest (GDPR Article 6(1)(f)): connecting Swedish businesses with relevant suppliers in a B2B context. We have weighed that interest against the rights of the individuals concerned, we limit the data to a professional context, and we always honour an objection.

Your rights, and how we act on them

To exercise any of these, email hello@angeleq.ai. An objection or erasure is permanent: it does not lapse over time.

How long we keep data

We follow data minimisation and storage limitation. Public company-register data is kept as a public record. Business contact details are re-verified periodically (around every 24 months) and removed if they can no longer be confirmed. Raw website content is refreshed rather than hoarded. Opt-out and erasure take effect immediately and are kept permanently.

Where your data lives

Data is hosted in the European Union (Microsoft Azure, Sweden) and served through Cloudflare. Access is restricted and audited.

Sub-processors

We use a small set of providers to run the service (for example Microsoft Azure for hosting and database, Cloudflare for delivery and protection, and Anthropic for the language model that structures public web content). They process data on our instructions only. A current list is available on request.

Security

Access requires organisational single sign-on, sessions time out, and administrative and data-pull actions are logged. We keep an audit trail of opt-out and erasure actions so we can show they were carried out.

Contact & complaints

For any data-protection question, email hello@angeleq.ai. You also have the right to lodge a complaint with the Swedish data protection authority, IMY (Integritetsskyddsmyndigheten).