Terms and Conditions & Privacy Policy

Sweepie — Lead Collection, Marketing & Data Sharing Policy

Last updated: 2025-07-02

1. Introduction

This document outlines the Terms and Conditions and Privacy Policy of Sweepie(“we,” “us,” “our”). It governs how we collect, use, store, share, and protect your personal data when you interact with us through Meta, websites, or related platforms.

By submitting your data through any of our channels, you agree to these terms and confirm that you have read and understood our privacy practices as required under the EU General Data Protection Regulation (GDPR) and other applicable laws.

2. Purpose and Scope

Our primary business activity is the generation and distribution of marketing leads. This includes collecting voluntarily submitted user data via online lead forms and distributing this data to a maximum of four selected business partners for marketing purposes, including direct contact by phone, email, or SMS.

This policy applies to all users who submit their information via:

Meta
Embedded or pop-up forms on landing pages
Third-party survey tools
Email marketing signups
SMS or mobile engagement tools

3. What Personal Data We Collect

We only collect data relevant to the services we provide. This includes, but is not limited to:

a) Identification and Contact Information:

Full name
Email address
Mobile and/or landline number
Country of residence
Age or age group (if requested)

b) Behavioral and Preference Data:

Survey responses
Selections in interest fields (e.g. insurance, id-protection, telecom)
Answers to qualifying questions
Referral sources or how you found the form

c) Technical and Usage Data:

IP address
Browser type and version
Device identifiers
Time and date of submission
Referrer URLs
Activity on landing pages

We do not collect sensitive personal data (racial/ethnic origin, political opinions, religious beliefs, biometric or health information) unless explicitly requested and lawfully consented to.

4. How We Collect Personal Data

Data is collected via the following mechanisms:

Meta with integrated GDPR-compliant checkboxes
Hosted landing page forms
Survey or quiz tools integrated with our CRM
Cookies, tracking pixels, and server logs

We ensure every channel of collection clearly identifies the purpose, use, and consent requirements for data handling.

5. Why We Collect and Process Your Data

Your personal data is processed for the following core purposes:

Lead Matching: To connect you with relevant services based on your interests.
Partner Communication: To enable selected third parties to contact you via preferred channels.
Marketing & Remarketing: To deliver follow-up offers, reminders, or educational material.
Service Optimization: To analyze form conversions, campaign effectiveness, and user engagement.
Legal Compliance: To comply with applicable laws, requests from authorities, or enforcement of legal rights.

6. Legal Basis for Processing

We process your data lawfully under one or more of the following GDPR legal bases:

Purpose	Legal Basis
Marketing communication via partners	Explicit Consent (Art. 6(1)(a))
Communication about our services	Consent or Legitimate Interest (Art. 6(1)(f))
Analyzing submission and marketing trends	Legitimate Interest
Compliance with tax, fraud, or legal requirements	Legal Obligation (Art. 6(1)(c))

Legitimate Interest Justification:

We rely on “legitimate interest” only where:

Our interest is clearly stated (e.g. performance analytics)
The processing is proportionate
Data subjects can opt out at any time without prejudice
A balancing test has been conducted internally

7. Data Recipients – Who Will Receive Your Data

If you provide your consent, your data will be shared with no more than four GDPR-compliant partners for marketing purposes. These partners may contact you with relevant offers via SMS, email, or phone.

Partners typically operate in the following industries:

Sector	Example Services
Finance	Credit cards, personal loans, investments, financial services
Insurance	Home, car, pet, travel, health insurance
Retail	E-commerce, automotive, fashion, home appliances
Travel	Hotels, booking services, flight promotions
Lifestyle	Wellness products, media subscriptions, digital courses
Legal	Personal injury, claims management, legal aid

You will never be contacted by a partner you have not consented to share data with.

8. Third-Party Services and Data Processors

We use selected data processors to collect, store, and manage leads, including:

Meta (Facebook & Instagram)
Google – email and analytics tools
Cloudflare – content delivery and performance

All data processors are bound by strict Data Processing Agreements (DPAs) in accordance with Article 28 GDPR.

9. Data Transfers Outside the EU

Your data is stored within the European Economic Area (EEA) by default. If we transfer data outside the EEA, it will only be to:

Countries with an EU adequacy decision
Recipients subject to Standard Contractual Clauses (SCCs)
Companies bound by Binding Corporate Rules (BCRs)

We perform due diligence on all processors involved in international data transfers.

10. Data Retention Policy

We retain your personal data as follows:

For up to 24 months after collection if you have not withdrawn consent
In a suppression list for 24 months after withdrawal of consent to prevent further contact
In anonymized or aggregated format for analytical purposes indefinitely

We conduct periodic reviews to ensure no data is retained longer than necessary.

11. Consent Withdrawal and Data Rights

You may withdraw your consent at any time by contacting us at support@sweepie.co. Upon withdrawal, we will:

Cease processing your data immediately
Place your information on a suppression list
Retain only the data required for legal or compliance reasons

In addition, under the GDPR, you have the right to:

Access your personal data (Art. 15)
Rectify inaccurate data (Art. 16)
Request deletion of your data (Art. 17)
Restrict how your data is used (Art. 18)
Object to specific uses of your data (Art. 21)
Request data portability (Art. 20)
Lodge a complaint with a supervisory authority (e.g., IMY in Sweden)

We will respond to all verified requests within 30 days.

12. Cookies, Tracking, and Analytics

Our website and lead capture platforms use cookies to enhance user experience and support analytics and advertising efforts.

Types of cookies:

Essential Cookies – Required for website functionality
Analytics Cookies – To monitor usage and improve performance
Marketing Cookies – Used by ad platforms like Meta and Google
Third-Party Cookies – For embedded content or social media integrations

You may manage cookie preferences via your browser or our cookie settings panel. For full details, refer to our Cookie Policy.

13. Data Security and Breach Response

We employ state-of-the-art security measures to protect personal data, including:

HTTPS encryption and SSL certificates
Role-based access controls
Daily backups
Incident response protocols
Antivirus, malware scanning, and firewall protection

In the event of a data breach, we will notify affected users and authorities within 72 hours as required by GDPR (Art. 33–34).

14. Children’s Data

Our services are intended for users aged 18 and above. We do not knowingly collect data from minors. If we become aware that personal data has been collected from a minor, it will be deleted immediately.

15. Disclaimers and Limitation of Liability

We are not responsible for how third parties handle your data after lawful transfer
We do not guarantee the accuracy or truthfulness of partner offerings
You use our services and submit data at your own discretion and risk

16. Changes to This Policy

We may update this document from time to time to reflect changes in law, business operations, or technology. We encourage you to review this page periodically. The effective date at the top will indicate the most recent version.

17. Contact Information

For questions, concerns, or data requests, please contact:

Agent Introvert AB

Email: support@sweepie.co
Address: Erik Dahlbergsgatan 20b, 411 26, Gothenburg, Sweden