Legal
Privacy Policy
How we collect, use and protect personal data.
This English version is the legally binding document. The Swedish translation (Integritetspolicy) is provided as a reader service. The policy covers the website kifarkis.com and our client engagements. Last updated: 11 June 2026.
The data controller is Design & Animation i Vellinge AB, Vellinge, Sweden, operating the brand Kifarkis Design & Automation. Contact: info@kifarkis.com. We process personal data under the EU General Data Protection Regulation (GDPR) and the Swedish Data Protection Act.
Through the contact form: your name, email address, company (optional) and your message. Nothing else. We never ask for more than what is needed to reply to you.
During client engagements we may process personal data on your behalf. That processing is governed by a separate Data Processing Agreement, and we process the data only for the purposes agreed there.
Our host, GitHub Pages (GitHub, Inc., USA), keeps technical logs for security and operations (IP address, browser, timestamp). We use Google Search Console for aggregated search statistics, which does not track individual visitors. We use no behavioural tracking, no Google Analytics, no advertising pixels.
We process data based on your consent (when you submit the form), contract (when delivering an engagement), legitimate interest (security logs) or legal obligation (accounting, for example). Data is used only for the purpose it was given for. We never sell personal data and never use it for marketing you did not ask for.
Form submissions are handled by Formspree Inc. (USA), which forwards them to our email and is bound by the EU Standard Contractual Clauses. We routinely delete submissions from Formspree once actioned. Email correspondence is stored with our email provider for as long as the relationship is active plus any statutory period. The website is served by GitHub Pages (GitHub, Inc., USA). Transfers outside the EEA rely on the EU Standard Contractual Clauses and supplementary safeguards.
Form submissions: up to 12 months after last contact, unless a client relationship has started. Engagement data: the duration of the engagement plus 7 years under Swedish accounting law, or as specified in the Data Processing Agreement. Server logs: brief technical retention with our host. Newsletters and marketing lists: none, we do not operate any.
You have the right of access, rectification, erasure, restriction, data portability and objection, and the right to withdraw consent. Email info@kifarkis.com and we respond within 30 days, free of charge for a first request. You may also lodge a complaint with the Swedish data protection authority, Integritetsskyddsmyndigheten (imy.se).
We protect data with encryption in transit, access controls and working habits shaped by twenty-five years in IT security. If an incident puts your rights at risk, we notify the Swedish data protection authority within 72 hours and inform those affected without undue delay. This website sets no tracking cookies. The site and services are aimed at businesses, and we do not knowingly collect data about children under 16.
For material changes to this policy we notify active clients by email. If anything is unclear, email info@kifarkis.com with the subject line Privacy enquiry and we will gladly explain.