Privacy Policy

Last updated June 2026

Your privacy matters to us. This policy explains what personal data Nikolai Development AB (”Nikdev”, ”we”) collects about you, why we collect it, how we protect it, and the rights you have under the General Data Protection Regulation (GDPR).

Who is responsible

Nikolai Development AB, org. no. 559203-6130, Malmö, Sweden, is the controller for the personal data described here. For any privacy matter, contact hello@nikdev.io or +46 733 34 62 90.

What data we process

We keep data collection to a minimum. Depending on how you interact with us, we may process:

  • Name
  • Email address
  • Telephone number
  • Any information you include in a message to us

We do not collect special categories of data (”sensitive personal data”) unless required by law or a contract.

How we collect it

We collect this data directly from you, when you fill in our contact form, email us, or call us. We do not buy data or collect it from third parties.

Why we process it, and on what legal basis

  • To respond to your enquiry and stay in contact. Legal basis: legitimate interest, or steps taken at your request before entering a contract.
  • To enter into and perform a contract with you as a customer. Legal basis: performance of a contract.
  • To meet legal obligations, such as accounting. Legal basis: legal obligation.
  • To send you updates or other communications, where you have chosen to receive them. Legal basis: your consent, which you can withdraw at any time.

Cookies and analytics

Our website uses no cookies that require consent. We only store your language choice locally in your browser, which is needed for the site to work the way you chose and is not used to identify or track you. For visitor statistics we use Plausible Analytics, a privacy-focused, cookieless tool hosted in the EU. It sets no cookies and collects no data that identifies you personally, so no cookie banner or consent is needed.

Who we share it with

We do not sell your data, and we never share it for marketing purposes. We use a small number of service providers (processors) who handle data on our behalf under data processing agreements:

  • HubSpot: email handling and customer relationship management (CRM).
  • Amazon Web Services (AWS): website hosting, Stockholm region (eu-north-1).
  • Plausible Analytics: cookieless website statistics (EU).

We may share limited information, such as a name, with customers or partners where it is necessary to enter into or perform a contract. Otherwise we only disclose data where required by law.

Where your data is processed

Our hosting (AWS, Stockholm) and our analytics (Plausible) keep your data within the EU/EEA. HubSpot, which we use for email, is based in the United States. Where personal data is transferred there, it is protected by the safeguards provided for under the GDPR, namely the EU-US Data Privacy Framework and/or the European Commission’s Standard Contractual Clauses.

How long we keep it

We keep your data for as long as you have an ongoing interest in us and for a reasonable time afterwards, normally no longer than one year after your interest ends, unless we are required to keep it longer by law. Accounting records relating to customers are kept for seven years, as required by the Swedish Accounting Act (Bokföringslagen).

Your rights

Under the GDPR you have the right to:

  • access the personal data we hold about you,
  • have inaccurate data corrected and, where applicable, deleted,
  • have incomplete data supplemented,
  • request that we restrict our processing,
  • receive your data in a structured, machine-readable format (data portability),
  • object to certain processing,
  • withdraw any consent you have given, and
  • lodge a complaint with the Swedish Authority for Privacy Protection (IMY, imy.se) if you believe we handle your data improperly.

To exercise any of these, email hello@nikdev.io. Because some processing is needed to meet our contractual and legal obligations, your right to erasure may in some cases be limited.

Security

We use working methods and technical measures designed to keep your data secure, and we limit access to those who need it to carry out their work.

Changes to this policy

We may update this policy from time to time. The current version is always published here, with the date of the latest update shown at the top.

If there is any discrepancy between the Swedish and a translated version of this policy, the Swedish version prevails.