Privacy Policy — Landvex

Introduction

Landvex AB (“Landvex”, “we”, “us”) provides decision intelligence services to enterprise and institutional clients. This Privacy Policy describes how we collect, use, and protect personal data in connection with our services, in accordance with GDPR (EU 2016/679) and applicable national data protection law.

This policy applies to enterprise client interactions with Landvex. Field contributor data collected through the quiXzoom platform is governed by the quiXzoom Privacy Policy.

Data Controller

Landvex AB

Org. no. 559141-7042 · Tyreås, Sweden
Data protection enquiries: privacy@landvex.com

Data we collect from enterprise clients

Organisation & contact data

Organisation name, registered address, VAT number, and the names, email addresses, and phone numbers of authorised contact persons.

Billing information

Invoice address, purchase order references, and payment records. Card processing is handled exclusively by Stripe under their data processing agreement with us. Landvex does not store full card numbers.

Usage data

Platform access logs, report downloads, API call timestamps and volumes. Used for service delivery, billing, and abuse prevention.

API access logs

Authenticated API requests including endpoint, timestamp, IP address, and response status. Retained for 90 days for security and audit purposes.

Field contributors (quiXzoom)

Data collected from individuals who contribute field observations via the quiXzoom application is governed separately by the quiXzoom Privacy Policy at quixzoom.com/privacy. Landvex AB is the data controller for both platforms.

Legal basis for processing

Contract performance (Art. 6.1b GDPR)

Processing necessary to deliver contracted intelligence services, manage access credentials, and fulfil enterprise agreements.

Legal obligation (Art. 6.1c GDPR)

Accounting and bookkeeping obligations under Swedish law, including the Swedish Accounting Act (Bokföringslagen). Data retained for 7 years post-contract.

Legitimate interest (Art. 6.1f GDPR)

Platform security, fraud prevention, API abuse monitoring, and service improvement using aggregated, anonymised usage data.

Data storage and security

All data stored exclusively in the EU (AWS eu-north-1, Stockholm, Sweden).
Encryption at rest: AES-256. Encryption in transit: TLS 1.3.
Access controls enforced via role-based permissions and MFA.
Annual penetration testing. Security incidents reported within 72 hours per GDPR Art. 33.

Retention

Client data

Retained for the duration of the contract plus 7 years to meet statutory accounting obligations (Swedish Accounting Act).

API and access logs

Retained for 90 days for security and audit purposes, then deleted.

Third-party providers

Landvex shares data with a minimal number of sub-processors, all under GDPR-compliant Data Processing Agreements:

Amazon Web Services (AWS) — cloud infrastructure, EU region only
Stripe — billing and payment processing

Landvex does not sell, rent, or trade client data to advertisers or third parties for commercial purposes.

Enterprise Data Processing Agreement

An enterprise Data Processing Agreement (DPA) is available on request for clients subject to GDPR obligations as data controllers. Contact privacy@landvex.com to request a DPA.

Your rights

Access

Request a copy of personal data held about you or your organisation’s contact persons.

Rectification

Request correction of inaccurate personal data. Contact your account manager or privacy@landvex.com.

Erasure

Request deletion of personal data. Note: data required for accounting purposes is retained for 7 years by law regardless of deletion requests.

Portability

Request an export of your personal data in a structured, machine-readable format.

Objection

Object to processing based on legitimate interest. Requests are assessed case-by-case within 30 days.

Send rights requests to privacy@landvex.com. We respond within 30 calendar days.

Supervisory authority

You have the right to lodge a complaint with the Swedish data protection authority:

Integritetsskyddsmyndigheten (IMY)

imy.se

Contact

Data protection enquiries

privacy@landvex.com