Last updated: October 10th, 2025

​

At axinro (“we”, “our”, “us”), we are committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your information in compliance with the EU General Data Protection Regulation (GDPR) and applicable local laws.

​

What Personal Data We Collect

​

We only collect personal data that you voluntarily provide when:

 

• Contacting us through our website, email, or phone.

• Entering into a contract for our services.

• Receiving invoices or related administrative communications.

 

The personal data we may collect includes:

 

• Full name

• Company name and role

• Business email address and phone number

• Billing details (if applicable)

 

We do not intentionally collect or process sensitive personal data or client data beyond what is necessary to deliver our services.

 

 

Legal Basis for Processing

 

We process your personal data only when one or more of the following legal bases apply:

 

• Contractual necessity: to enter into or fulfill a service agreement with you.

• Legitimate interests: to manage client relationships and respond to inquiries.

• Legal obligations: to comply with tax, accounting, or regulatory requirements.

• Consent: when you voluntarily subscribe to communications or provide optional information.

 

 

How We Use Your Data

 

We use the information collected for the following purposes:

 

• To provide and manage our cybersecurity consulting services.

• To communicate with you regarding inquiries, proposals, or ongoing projects.

• To issue invoices and process payments.

• To comply with applicable legal and regulatory requirements.

 

We do not sell, rent, or share your data with third parties for marketing purposes.

 

 

Data Sharing and Transfers

 

We may share personal data only with:

 

• Trusted service providers who assist us with hosting, communication, or accounting — all bound by data processing agreements.

• Authorities or regulators if required by law.

 

We do not transfer your personal data outside the European Economic Area (EEA) unless adequate safeguards are in place as required by GDPR.

 

 

Data Retention

 

We retain personal data only for as long as necessary to fulfil the purposes outlined above, or as required by law (e.g., for accounting and tax records). After this period, your data will be securely deleted or anonymized.

 

 

Your Rights Under GDPR

 

You have the following rights regarding your personal data:

 

• Access: Request a copy of the personal data we hold about you.

• Rectification: Request correction of inaccurate or incomplete data.

• Erasure: Request deletion of your data when it is no longer needed.

• Restriction: Request limitation of processing under certain circumstances.

• Portability: Request your data in a structured, commonly used format.

• Objection: Object to processing based on legitimate interests.

• Withdraw consent: If we rely on consent, you may withdraw it at any time.

 

To exercise any of these rights, please contact us at [contact email]. We will respond within 30 days as required by law.

 

 

Data Security

 

We implement appropriate technical and organisational measures to safeguard personal data against unauthorized access, alteration, disclosure, or destruction.

 

 

Changes to This Policy

 

We may update this Privacy Policy from time to time. Any changes will be posted on this page with a revised “Last updated” date.

 

 

Contact Us

 

If you have any questions about this Privacy Policy or how we process your personal data, please contact our legal team (we are based in Sweden):

​

Email: legal@axinro.com

 

If you believe we have not handled your data correctly, you also have the right to lodge a complaint with your local supervisory authority (e.g., Integritetsskyddsmyndigheten in Sweden).