Version 4.0 – Last updated: April 27, 2026
Article 1: Identification of the Data Controller
This personal data policy defines the strict data processing protocols maintained by Ränteskog ("the Platform", "we", "us"), with headquarters at Klarabergsgatan 29, 111 21 Stockholm, Sweden. We act as the data controller in accordance with the EU General Data Protection Regulation (GDPR) and the Swedish Data Protection Act. To ensure absolute data integrity, we have appointed a Data Protection Officer (DPO) who can be contacted at: [email protected].
Article 2: Categories of Personal Data Processed
To provide institutional-level AI-based analytical services, we collect the following data:
Identity data: Full name, date of birth, nationality, and official identification required for mandatory KYC (Know Your Customer) and AML (anti-money laundering measures).
Technical telemetry: Information on asset origin, transaction history, and risk profiles generated by our algorithms.
Digital footprint: IP addresses, device specifications, geographical location data, and granular logs of interaction with our technical systems.
Article 3: Legal Basis for Processing
The processing of your data is based on the following legal grounds:
Performance of contract: Necessary to administer your account and deliver our technical services.
Legal obligation: Compliance with Swedish law, including the Anti-Money Laundering Act and tax reporting requirements.
Legitimate interest: Necessary for proactive cybersecurity, fraud prevention, and continuous technical optimization of our models.
Consent: For sending market analyses and the use of non-essential cookies.
Article 4: Data Security and Sovereignty
Ränteskog uses top-tier security architecture:
Encryption: All sensitive data is stored with AES-256 encryption and transmitted via TLS 1.3.
Hosting: Data is stored exclusively on secure servers within the EEA, guaranteeing full protection under European data sovereignty regulations.
Article 5: Your Rights
You have the right to access, rectification, erasure, restriction of processing, and data portability. Requests should be sent to [email protected]. You also have the right to lodge a complaint with the Swedish Authority for Privacy Protection (IMY).