Privacy Policy

Last updated: 2 July 2026

At Saryo AB (“Saryo”, “we”, “our”, or “us”), we value your privacy and are committed to protecting your personal data in accordance with the EU General Data Protection Regulation (GDPR) and applicable Swedish data protection laws.

This Privacy Policy explains what information we collect, why we collect it, how we use it, and your rights regarding your personal data.

1. Data Controller

Saryo AB is the data controller responsible for the processing of personal data described in this Privacy Policy.

Saryo AB
Organisation number: XXX-XXXX
Lergöksgatan 5C
421 50 Västra Frölunda
Sweden
Website: https://saryo.se
Email: privacy@saryo.se

Key Terms
Data Controller
The entity that determines the purposes and means of processing personal data.
Personal Data
Any information relating to an identified or identifiable natural person.
Processing
Any operation performed on personal data, such as collection, storage, use, or deletion.

2. Personal Data We Collect

Depending on how you interact with us, we may collect the following categories of personal data.

Information You Provide

When you contact us through our website, email, or LinkedIn, we may collect:

  • Name
  • Company name
  • Job title
  • Email address
  • Telephone number
  • Any information you choose to include in your message

Messages submitted through our contact form are transmitted securely over HTTPS and delivered to us using Resend, an email delivery service. The information you submit is used solely to respond to your inquiry and is not used for marketing unless you explicitly request it.

To help protect our website against abuse and spam, submissions may be subject to automated security checks.

Recruitment Information

If you apply for employment or consulting opportunities, we may collect:

  • CV or résumé
  • Cover letter
  • Employment history
  • Education
  • Skills and certifications
  • References (where applicable)
  • Information provided during interviews

Technical Information

When you visit our website, certain technical information may be processed automatically in order to operate, secure, and improve the website. This may include:

  • IP address
  • Browser type and version
  • Operating system
  • Device type
  • Pages visited
  • Referring website (where available)
  • Date and time of access

This information may be processed through our website infrastructure and security services for purposes such as website operation, performance monitoring, abuse prevention, and security.

Website usage statistics are also collected through Cloudflare Web Analytics as described in Section 5.

3. How We Use Your Information

We process personal data for the following purposes:

  • Responding to inquiries
  • Providing consulting services
  • Managing customer relationships
  • Processing recruitment applications
  • Improving our website
  • Maintaining website security
  • Complying with legal obligations
  • Communicating with prospective customers and partners

4. Legal Basis for Processing

Under GDPR, we process personal data based on one or more of the following legal grounds:

  • Your consent
  • Performance of a contract
  • Preparation for entering into a contract
  • Compliance with legal obligations
  • Our legitimate interests, such as operating and improving our business and website
Key Terms
Consent
Freely given, specific, informed and unambiguous indication of agreement to the processing of personal data.
Legitimate Interests
A legal basis where processing is necessary for our legitimate business interests, provided those interests do not override your rights and freedoms.

5. Cookies and Website Analytics

Essential Cookies

Our website may use cookies or similar technologies that are strictly necessary for the operation and security of the website. These cookies cannot be disabled through our website as they are required to provide the requested service.

Analytics

We use Cloudflare Web Analytics to understand how visitors use our website.

Cloudflare Web Analytics is designed to be privacy-friendly and does not use client-side cookies or other persistent identifiers to identify individual visitors or track them across websites. The analytics data collected is aggregated and helps us understand website performance, page popularity, and visitor trends without identifying individual visitors.

No advertising, profiling, or behavioral tracking cookies are used.

Because Cloudflare Web Analytics operates without cookies, we do not request consent specifically for analytics. Should we introduce additional analytics or marketing technologies that require consent in the future, this Privacy Policy and our website will be updated accordingly.

You can learn more about Cloudflare Web Analytics in Cloudflare’s Privacy Policy.

Key Terms
Cookies
Small text files stored on your device by your web browser when you visit a website.
Web Analytics
The measurement, collection, analysis and reporting of web data for purposes of understanding and optimizing web usage.

6. Recruitment

When you submit an application for employment or consulting opportunities, we process your personal data for recruitment purposes.

If you are not selected, we will retain your application only for as long as necessary to complete the recruitment process or as otherwise permitted by applicable law.

7. Sharing Personal Data

We do not sell, rent, or trade your personal data.

We may share personal data only with trusted service providers that assist us in operating our website and business, including:

  • Cloudflare, which provides website hosting, content delivery, security, DNS, and website analytics.
  • Resend, which securely delivers emails submitted through our contact form.
  • IT service providers where necessary for the maintenance and security of our systems.

These providers process personal data only on our behalf or as independent service providers in accordance with applicable data protection laws.

We may also disclose personal data where required by applicable law or in response to lawful requests from public authorities.

8. International Transfers

Some of our service providers, including Cloudflare and Resend, may process personal data outside the European Economic Area (EEA).

Where such transfers occur, we ensure that appropriate safeguards are in place in accordance with the GDPR. These safeguards may include Standard Contractual Clauses approved by the European Commission or other legally recognized transfer mechanisms.

9. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes described in this Privacy Policy, including:

  • Customer information for the duration of the business relationship and applicable legal retention periods
  • Contact inquiries until the inquiry has been resolved
  • Recruitment data only as long as necessary for recruitment purposes unless consent has been obtained for longer retention
  • Technical logs according to operational and security requirements

10. Your Rights

Under GDPR, you have the right to:

  • Access your personal data
  • Request correction of inaccurate information
  • Request deletion of your personal data where applicable
  • Restrict processing
  • Object to processing based on legitimate interests
  • Request data portability
  • Withdraw consent where processing is based on consent
  • Lodge a complaint with your local data protection authority

In Sweden, the supervisory authority is the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten, IMY).

11. Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, loss, misuse, alteration, or disclosure.

However, no method of electronic transmission or storage can be guaranteed to be completely secure.

12. Third-Party Links

Our website may contain links to third-party websites, including LinkedIn.

We are not responsible for the privacy practices or content of third-party websites. We encourage you to review their respective privacy policies.

13. Children’s Privacy

Our services are intended for businesses and professionals.

We do not knowingly collect personal data from children under the age of 16.

If you believe a child has provided personal information to us, please contact us so we can remove it.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in legal requirements or our business practices.

The latest version will always be available on this website.

15. Contact Us

If you have any questions about this Privacy Policy or how we process your personal data, please contact us.

Saryo AB
Website: https://saryo.se
Email: privacy@saryo.se