Privacy Notice
We care about your privacy and protect your data
Last updated: 14 May 2026
Data Controller
Hanff & Co. AB
Registered in Sweden with registration: 559317-1852
We help companies follow privacy laws and protect data
Email: privacy@thatprivacyguy.com
Information We Collect
We only collect the information we need to run this website and help you:
Contact Information
- Name and email address (when you contact us)
- Company name (optional, if provided)
- Your messages and what kind of help you need
- Your internet address (to stop spam and keep things secure)
Our legal basis for processing all of this information is our legitimate interest to both respond to your enquiry and secure our web site.
What We DON'T Collect
We never collect: your exact location, your personal details for statistics, detailed information about you, or data that tracks you across different websites.
How We Use Your Information
Your Contact Details:
- To reply to your messages and questions
- To help you with privacy advice
- To send you follow-up messages about your request
How We Keep Your Data Safe
We protect your information in many ways:
Technical Measures
- • No third-party tracking scripts
- • Local font and asset hosting
- • No cookies or other trackers
- • Encrypted data transmission (HTTPS)
- • Secure database storage
Organisational Measures
- • Minimal data collection principles
- • Access controls and authentication
- • Regular security assessments
- • Data retention policies
- • Staff privacy training
Data Sharing and Disclosure
We do NOT share your personal data with third parties
Your information is never sold, rented, or shared with marketing companies, data brokers, or other third parties.
We may only disclose personal information in the following limited circumstances:
- When required by a legal obligation.
- When you use our Live Consultation chat feature, payment card details are processed by Stripe (our payment processor) as described below.
Live Consultation Chat
Our website offers a live consultation chat feature. When you choose to use this feature, the following data processing takes place:
Payment Processing
Before a live chat session begins, you are required to authorise a payment hold via Stripe, our payment processor. When you click "Authorise & Start Chat", a new window opens on Stripe's own domain (checkout.stripe.com) where you enter your payment details. No Stripe scripts or code are loaded on our website at any time. Your payment card details are processed entirely by Stripe and are never transmitted to or stored on our servers.
Stripe processes your payment data as an independent data controller for payment processing and fraud prevention purposes. You can review Stripe's privacy policy at stripe.com/privacy.
Our legal basis for this processing is contractual necessity (Article 6(1)(b) GDPR) — the payment is required to provide the consultation service you have requested.
Chat Messages
Messages exchanged during a live consultation are stored on our self-hosted infrastructure only. Chat logs are retained for 12 months for service delivery and professional record-keeping, after which they are deleted. You may request earlier deletion at any time.
No Third-Party Scripts
The live chat feature does not load any third-party scripts on our website. Payment processing takes place entirely on Stripe's own domain in a separate window. The chat itself uses only our own self-hosted infrastructure.
Data Retention
Contact inquiries: Retained for 12 months to maintain consultation history and follow-up services
Client work: Retained as required by professional obligations and applicable law
You may request earlier deletion at any time by contacting us.
Your Privacy Rights
Under GDPR, you have the following rights:
Right to Access
Request copies of your personal data
Right to Rectification
Correct inaccurate personal data
Right to Erasure
Request deletion of your personal data
Right to Data Portability
Transfer your data to another service
Right to Object
Object to certain processing activities
Right to Restrict Processing
Limit how we use your data
Exercise Your Rights
To exercise any of these rights, simply email us at privacy@thatprivacyguy.com. We'll respond within 30 days and provide assistance free of charge.
Contact Us About Privacy
For any privacy-related questions, concerns, or rights requests:
Email: privacy@thatprivacyguy.com
Subject Line: "Privacy Rights Request" or "Privacy Inquiry"
Response Time: Within 24 hours for acknowledgment, full response within 30 days
Changes to This Privacy Notice
We may update this privacy notice from time to time to reflect changes in our practices or legal requirements. We'll notify users of any material changes by updating the "last modified" date at the top of this notice. For significant changes, we may provide additional notice through our website or email.
Supervisory Authority
You have the right to lodge a complaint with a data protection supervisory authority. You can find the contact details of your local Supervisory Authority here:
European Data Protection Board
Website: www.edpb.europa.eu/about-edpb/about-edpb/members_en
Privacy by Design in Practice
This website and privacy notice demonstrate our commitment to privacy-first principles:
- ✓ No tracking cookies or third-party analytics
- ✓ All resources served locally (payment processing handled on Stripe's own domain when initiated by you)
- ✓ Minimal data collection with clear purposes
- ✓ Transparent practices and easy rights exercise
- ✓ Regular privacy assessments and updates
"Privacy isn't just what I advise—it's what I practice."