Go to main content
hero bg

Privacy Policy and Cookie Policy for [Autogross25]

Last updated: December 18, 2025

This privacy policy describes how Autogross25 AB (“Autogross25,” “we,” “us,” or “the platform”) processes personal data in connection with our digital advertising service for registered car dealerships (B2B). The policy is designed in accordance with the EU General Data Protection Regulation (GDPR), complementary Swedish legislation, and industry best practices.



1. Scope

The platform is a B2B service intended only for use by registered car dealerships. Autogross25 is responsible for the technical infrastructure and processing of personal data associated with the service but not for the content of ads, their accuracy, or business relationships between users.

Autogross25 AB acts as the data controller for the processing of personal data described in this policy.



2. Data Controller

Autogross25 AB
Organization Number: 559524-3501
Address: Smedvägen 24, 176 71 Stockholm, Sweden
Email: info@autogross25.com
Phone: +46 768 730 066

You are always welcome to contact us with questions regarding our processing of personal data.



3. Personal Data We Process

We only process personal data necessary to provide the service, manage the customer relationship, and comply with legal obligations.

3.1 During Registration

  • Company name and registration number

  • Contact person’s name

  • Email address and phone number

  • Billing address

  • Login credentials (username and encrypted password)

3.2 When Using the Platform

  • Publication data (e.g., created ads)

  • Account logs (logins, changes)

  • Messages sent via contact forms

3.3 Automatically Collected Data

  • Technical information about device and browser

  • Session data, page views, and aggregated/anonymized statistics

  • Cookies (see Section 9)

3.4 Transfer to Accounting Systems (Fortnox and Aspia)

For customer administration, invoicing, and accounting, we transfer the following personal data to our data processor Fortnox and, in connection with Fortnox, to the accounting firm Aspia under a data processing agreement:

  • Company details

  • Contact person’s name

Both Fortnox and Aspia process the data exclusively on our behalf and in accordance with GDPR. Any transfers outside the EU/EES are subject to standard contractual clauses or other approved safeguards.



4. Purpose and Legal Basis

Purpose

Example

Legal Basis

Administer user accounts

Account, login, support

Contract (GDPR Art. 6.1b)

Provide advertising service

Publication and management of ads

Contract

Invoicing and accounting

Payments, Aspia and Fortnox sync

Legal obligation (Art. 6.1c)

Manage contact inquiries

Forward messages

Legitimate interest (Art. 6.1f)

Improve the service

Session data, flow analysis

Legitimate interest

Marketing to existing customers

Service messages

Legitimate interest (with opt-out option)

Cookies beyond necessary

Analytics/statistics

Consent (Art. 6.1a)

We do not use automated decision-making or profiling that has legal or similarly significant effects.



5. Retention Periods

Data Type

Retention Period

Account and customer data

As long as the customer relationship exists, then deleted/anonymized unless law requires longer

Billing and accounting data

7 years (Accounting Act 1999:1078)

Messages via contact form

As long as required for handling the inquiry

Logs and technical data

As long as necessary for the purpose

Cookies

As specified in the Cookie Policy

After the retention period, data is securely deleted or anonymized.



6. Sharing of Personal Data

6.1 Data Processors

We share personal data with trusted providers who process data on our behalf, such as:

  • Hosting and IT providers

  • Fortnox and Aspia (invoicing and accounting)

  • IT and security services

All are subject to data processing agreements.

6.2 Advertising Partners

When a contact form is used, the following may be shared with the relevant advertiser:

  • Name

  • Contact information

  • Message content

6.3 Authorities

Personal data is only disclosed when required by law (e.g., tax or accounting obligations).

We never sell personal data.

6.4 Transfers Outside the EU/EES

Our services do not include third country transfer. In case data is transferred outside the EU/EES, standard contractual clauses or other approved safeguards are used.



7. Your Rights

You have the right to:

  • Request access to your personal data

  • Request correction of incorrect data

  • Request deletion (if not required by law)

  • Object to processing based on legitimate interest

  • Request restriction of processing

  • Withdraw consent (e.g., for cookies)

  • Request data portability

To exercise your rights, contact us at info@autogross25.com.

You also have the right to lodge a complaint with the Swedish Authority for Privacy Protection (IMY): www.imy.se.



8. Security

We implement technical and organizational security measures, including:

  • HTTPS/SSL encryption

  • Access controls and permissions management

  • Logging and monitoring

  • Regular backups

  • Limited access to personal data



9. Changes

We may update this privacy policy as needed, for example due to changes in processing or legal requirements. The latest version is always published on the website. For significant changes, we may also provide separate notification.



Cookie Policy for Autogross25 AB

This cookie policy complements the privacy policy and describes how cookies and similar technologies are used in accordance with GDPR and the ePrivacy Directive.



1. What are Cookies?

Cookies are small text files stored on your device and used for:

  • Necessary technical functions

  • Secure login and session management

  • Anonymized statistics



2. Types of Cookies

2.1 Necessary Cookies (No Consent Required)

  • Session ID: Used for login and session management. Deleted when browser is closed.

  • Login Cookie: Stores login status for up to 24 hours; new login required afterward.

  • Encrypted Authentication Token: Ensures login. Technically valid for 12 months but login cookie deleted after 24 hours.

2.2 Analytical Cookies (Consent Required)

  • Anonymous data about page views, session counts, navigation flow, and device type

  • Retention: up to 13 months

  • No IP addresses or identifying information saved; no individual-level tracking

2.3 Third-Party Cookies

  • No third-party scripts or cookies are loaded before consent

  • Currently, no third-party scripts are used

  • Future third-party services will be listed with provider, purpose, and retention period

  • Any non-essential third-party cookies are blocked without consent. Autogross25 does not store these cookies itself.



3. Consent and Management

  • Cookie banner displayed at first visit

  • Options: “Allow All” or “Necessary Only”

  • Consent is logged via Easyweb’s standard function and can be revoked anytime via the footer or browser settings



4. Retention Periods

Cookie

Purpose

Retention

Session Cookie

Session management

Until browser is closed

Login Cookie

Login

24 hours

Consent Cookie

Saves cookie preferences

12 months

Analytical Cookies

Statistics

Up to 13 months



5. Blocking Cookies

You can block or delete cookies via your browser. Note that necessary cookies are required for the website to function properly, and some features may be limited without them.



6. Changes to the Cookie Policy

Major changes will result in an updated policy and, if needed, a new banner or notification.



7. Contact

Autogross25 AB
Email: info@autogross25.com
Address: Smedvägen 24, 176 71 Stockholm, Sweden

Cookies

This website uses cookiesfor statistics and user experience.

The website uses cookies to improve your user experience, to provide a basis for improvements and further development of the website, and to deliver more relevant offers to you.

Please read our privacy policy. If you consent to our use, select Allow all. If you want to change your choice later, you will find that option at the bottom of the page.