Privacy policy

Pinpointer AB ('Pinpointer', 'we', 'us') respects your personal privacy. This policy describes how we collect, use and protect personal data when you visit pinpointer.se or use the Pinpointer platform.

Pinpointer AB is the data controller for the processing of your personal data when you visit our website and when we provide our services.

Company registration number: [SET ORG.NR]

Address: Karlstad · Göteborg

Contact: kundtjanst@pinpointer.se

Visitors to the site

• IP address (anonymised if analytics is enabled)
• Browser type and version
• Operating system
• Referring page
• Pages you visit and time on the site
• For contact forms: name, email, company, phone, message

Platform users (employees of customers)

• Name and email
• Role and permissions
• Phone number (for SMS functionality and BankID)
• Time of login and activity
• IP address for security logging

External parties in transactions

• For drivers and subcontractors: name, organisation number, vehicle registration number
• For contact persons at clients and receiving facilities: name, email, phone
• For signing: personal identification number (via the BankID service Criipto/Idura)

We process personal data for the following purposes, with stated legal basis under GDPR Article 6.

We share your personal data only when necessary to provide the service or when required by law. We never sell or rent out your personal data.

Pinpointer uses sub-processors for specific parts of the service. All sub-processors have data processing agreements with Pinpointer and process data only according to our instructions.

Pinpointer is operated in Sweden. All core operations — databases, application servers and edge functions — run in Swedish data centres. Personal data does not leave the EU/EEA.

Certain specific services (such as Google Maps for geocoding) may involve transfer to the USA. These transfers are protected by Standard Contractual Clauses adopted by the European Commission (SCC) and supplementary technical and organisational measures in accordance with the Schrems II ruling.

As a data subject, you have the following rights under GDPR:

• Right of access (Art. 15): request a copy of your personal data
• Right to rectification (Art. 16): have incorrect data corrected
• Right to erasure (Art. 17): request that data is deleted
• Right to restriction (Art. 18): request that processing is restricted
• Right to data portability (Art. 20): obtain data in machine-readable format
• Right to object (Art. 21): to processing based on legitimate interest or direct marketing
• Right to withdraw consent at any time

To exercise your rights, contact us at kundtjanst@pinpointer.se. We respond to your request within 30 days.

We apply technical and organisational security measures to protect personal data against unauthorised access, alteration and loss. This includes among other things:

• Encryption of data at rest and in transit
• Role-based access control and tenant isolation
• Logging of all access for verifiability
• Regular security updates and penetration tests
• Operation in Swedish data centres with high security class

Only personnel who need access to perform their duties have access to personal data.

Pinpointer.se uses cookies for the site to function and to improve the user experience. Some cookies are necessary, others are set only if you consent to them via our consent system.

If you believe that our processing of your personal data violates applicable data protection legislation, you have the right to lodge a complaint with the Swedish Authority for Privacy Protection (IMY):

We may update this policy. In case of substantial changes, we inform via email (for customers) or via notice on the site (for visitors). The latest version is always available on this page with updated date.