Privacy policy

This is how Elfvinge handles your personal information and privacy

This is Elfvinge

This is the official website of Elfvinge,

Corporate Identity Number: 559107-1088

Castlebay Group AB
Sågargatan 6B
753 17 Uppsala


What personal data we collect and why we collect it

We at Elfvinge may collect information from you in several different ways, consisting of, but not limited to, telephone calls, contact, website and other sources, including third party suppliers and business partners. When contacting us, it may include personal information, such as name, e-mail address, personal choice, transaction details, purchasing information and technical information.

Personal data is also generated by technical processes, such as contact forms, cookie files, analysis tools and embedded content from third parties, which can be read more about below.

We collect information from existing and potential customers, partners and suppliers at the conclusion of agreements, during the administration of the same, at bookings and any transactions. It can be personal information such as name, address and payment information.

The information we collect is made to support you with the services you request. We use your contact information to communicate with you.


If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Contact forms

If you contact us via our contact form or search for a job, we will save your message or email to offer you the best possible service. Once the case is viewed as completed we will delete these mail. Collected information is not used for marketing purposes. The information given in one of our contact forms, including CV and personal letter or other files, usually lasts for six (6) months.

The Captha service Google Captcha (ReCAPTCHA) is used next to the contact forms as the login provided by Google is created by BestWebSoft. reCAPTCHA is a service that protects pages from spam and other unwanted activity. It is based on an advanced risk analysis that automatically protects the page. At the same time, visitors can easily click in the box to certify they are not a robot. To detect spam, we also use Akismet Anti-Spam by Automattic. The contact form, sends automatically all submitted by the Akismet sender, which then assesses whether or not it may be spam. If Akismet suspects that may be the case, the contact form will cancel the sending of the mail and will instead display a message that the mail was not sent.

The contact form submission data — IP address, user agent, name, email address, website, and message — is submitted to the Akismet service (owned by Automattic) for the sole purpose of spam checking. The actual submission data is stored in the database of the site on which it was submitted and is emailed directly to the owner of the form (i.e. us at Elfvinge). This email will include the submitter’s IP address, timestamp, name, email address, website, and message. Post and post metadata associated with a user’s contact form submission – The IP address and user agent originally submitted with the comment – are synced, as well, as they are stored in post meta.


If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day. You’ll find further read about our use of cookies in our Cookie Policy.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Google Analytics

We use Google Analytics together with Google Analytics for WordPress by MonsterInsights to analyze how users find and use our site. This is done to improve your experience by, for example, make continuous improvements to the phone view.


Who we share your data with

We may provide your information to selected third-party providers.

We do not sell your information to unrelated third parties, but may, with your consent, share your information with third parties for marketing purposes.

We strive to maintain appropriate technical and organizational security measures to protect your personal data, why we choose our partners with accuracy.


How long we retain your data

For users who register on the site, we also save the personal information they provide in their user profile. All users can view, edit or delete their personal information at any time (except that they can not change their username). Even the site’s administrators can view and edit this information.

We save data as required by law. We retain customer information for as long as we deem necessary to meet the purpose for which the data was collected. When it is no longer deemed necessary, these data are deleted, provided that we do not need them to provide our services to you.

Information from the contact form is usually kept for six (6) months, analytical records in one (1) year and customer purchase data for eight (8) years.


What rights you have over your data

If you have an account on this site, you can request an export file containing the personal information we have about you, including any information you have provided. You may also request that we remove any personal information we have about you. This does not include any information we have to save for administrative, legal or security purposes.

Under special circumstances, you may request correction or deletion of your personal data, a limitation on our treatment or objection to a certain treatment. We will do our best to meet your request, but we reserve the right to impose certain restrictions and requirements.

In cases where we use consent as a basis for treatment, you can always revoke the consent.

We may change this policy at any time, but changes will not apply retroactively.

For questions, please contact us at info [at]


Where we send your data

In some cases, All In One WP Security can be used, it is designed to maintain the security of the site and reduce the risk of the page being hacked. This page is located at Loopia AB.


Additional information

How we protect your data

To increase your security, regular backup of data occurs on encrypted servers, logins require the user to answer a mathematical number or manual checkbox in a box, which counteracts the risk of attacks by robots. We keep our coworkers updated about how we work with data security.

Data Used: In order to check login activity and potentially block fraudulent attempts, the following information is used: attempting user’s IP address, attempting user’s email address/username (i.e. according to the value they were attempting to use during the login process), and all IP-related HTTP headers attached to the attempting user.

We track failed login attempts (these include IP address and user agent). We also set a cookie (jpp_math_pass) for 1 day to remember if/when a user has successfully completed a math captcha to prove that they’re a real human. Learn more about this cookie.

Failed login attempts, which contain the user’s IP address, attempted username or email address, and user agent information are being synced.

What data breach procedures we have in place

For a possible data deck, we work closely with our IT manager, our webmaster and our web hosting company Loopia AB.

Activity Log

This feature only records activities of registered users, and the retention duration of activity data will depend on the activity type.

Data Used: To deliver this functionality and record activities around site management, the following information is captured: user email address, user role, user login, user display name, and local user IDs, the activity to be recorded, the site ID of the site on which the activity takes place, the site’s Jetpack version, and the timestamp of the activity. Some activities may also include the actor’s IP address (login attempts, for example) and user agent.

Login attempts/actions, post and page update and publish actions, comment/pingback submission and management actions, plugin and theme management actions, widget updates, user management actions, and the modification of other various site settings and options are tracked. Retention duration of activity data depends on the site’s plan and activity type. See the complete list of currently-recorded activities (along with retention information). Successful and failed login attempts, which will include the actor’s IP address and the user agent is being synced.



You’re welcome to send us an email via the form at our Contact page. You can also email us directly at info [at]

The page was updated 2019-08-05.