Geogiraph
Secure Truth
← Back to Legal Hub

03 · Privacy Policy

Privacy Policy

Last updated: June 22, 2026

The Geogiraph service is provided by The Insiders Hub AB, corporate registration number 559525-3377, Djurgårdsvägen 69, 132 46 Saltsjö-Boo ("the Provider"). The Provider safeguards your personal privacy and is committed to protecting the personal data the Provider processes.

This privacy policy describes how the Provider collects, uses, and protects personal data in its capacity as a data controller. It applies to you if you visit our website, are in contact with us as a potential customer (lead), or are a contact person/user at one of our customer companies.

Important Clarification: This policy does not apply to the personal data that our corporate customers upload or process inside the Geogiraph infrastructure service itself. For that processing, the customer is the data controller and the provider is merely a data processor, which is regulated separately in our Data Processing Agreement (DPA).

1. What personal data do we collect, for what purpose, and on what legal basis?

We process different data depending on your relationship with us:

A. Website Visitors (on geogiraph.com)

  • Personal data: IP address, geographical location (at city/country level), and information about how you interact with our website (which pages you visit, time spent on the site, etc.).
  • Purpose: To analyze and improve our website's functionality and user experience.
  • Legal basis: Legitimate interest for necessary analytical tools, and Consent for marketing cookies (e.g., LinkedIn tracking).

B. Potential Customers (Leads)

  • Personal data: Name, professional role/title, company name, location, email address, phone number, IP address, and any information you provide yourself in free-text fields or when booking a demo.
  • Purpose: To be able to contact you, answer inquiries, send requested material, and market our services, as well as to generate and deliver automated analyses of your company's AI visibility and send verification codes via email to grant access to the analysis results.
  • Legal basis: Legitimate interest. We assess that our commercial interest in following up on your demonstrated interest outweighs the limited privacy intrusion involved in storing your professional contact details.

C. Customer Contacts (at existing corporate customers)

  • Personal data: Name, professional role/title, company name, company address, work email, phone number, contract signatures, as well as payment and invoice history.
  • Purpose: To be able to administer the customer relationship, deliver the Service according to agreement, handle support matters, send system notifications, and manage invoicing and bookkeeping.
  • Legal basis: Legitimate interest (since the contract is entered into with a company, but we need to process your data to fulfill the contract with your employer) and Legal obligation regarding invoicing and accounting data.

2. Who do we share your data with? (Data recipients)

We never sell your personal data to third parties. However, to run our business and deliver a good service, we utilize trusted subcontractors (so-called data processors):

  • Sales & CRM: Zoho (for managing customer relationships and leads).
  • Digital Contracts: OneFlow (for e-signing agreements).
  • Communication & Newsletters: Brevo and Google Workspace (for email dispatches and internal communication).
  • Web Analysis & Tracking: Google Analytics and Microsoft Bing Webmaster (for website analysis), and LinkedIn Insight Tag (for targeted advertising).
  • Cloud Hosting & Application: Lovable Cloud / Supabase (for data storage, user verification, and running our public analysis function within the EU).
  • Security & Network Optimization: Cloudflare (for protection against denial-of-service attacks and global network optimization, during which your IP address is processed).
  • Finance & Invoicing: Wint (for accounting and invoice management).

All our subcontractors are bound by strict data processing agreements that guarantee your data is handled securely and in accordance with GDPR.

3. Where is your personal data processed?

The Provider always strives to process your personal data within the EU/EEA. In cases where we use global service providers (such as Google or Microsoft) that may transfer data to servers in third countries (e.g., the US), we ensure that the transfer is lawful by verifying that the providers are certified under the EU-U.S. Data Privacy Framework or that the parties have signed the European Commission's Standard Contractual Clauses (SCC).

4. How long do we store the data?

We never store your personal data longer than necessary for each respective purpose:

  • Sales leads and potential customers: We store your data for a maximum of 24 months from our last contact. If the contact does not lead to a collaboration, your data is subsequently deleted or anonymized.
  • Existing customers: We store your contact details for as long as your subscription agreement is active.
  • Accounting records: Information required for our bookkeeping (e.g., invoices containing your name/company name) is saved for 7 years after the calendar year in which the financial year ended, in accordance with the Swedish Accounting Act (bokföringslagen).

5. Cookies and tracking

Our website uses cookies and similar storage technologies (small text files or data saved on your device). We divide these into the following categories:

  • Necessary cookies and functional data (Cloudflare & Supabase): These are strictly necessary for the website to function securely and to deliver the feature you request. Cloudflare uses technical data to protect the website against distributed denial-of-service (DDoS) attacks and malicious bots. Supabase uses session data to manage your verification (e.g., when you enter the verification code to access your analysis report). These cannot be disabled because the website and the analysis tool would then stop functioning.
  • Analytics and marketing (Google & LinkedIn): We use analytical cookies to measure traffic and understand how visitors use our site. We also use the LinkedIn Insight Tag for marketing, which allows us to show you relevant ads on LinkedIn based on your visit to our website. These are only activated if you provide your consent.

6. Your rights under GDPR

Since we process your personal data, you have several rights:

  • Right of access (register extract): You have the right to receive confirmation as to whether we process your data and a copy of it.
  • Right to rectification: You can demand that incorrect or incomplete data be corrected.
  • Right to erasure ("the right to be forgotten"): Under certain circumstances, you can demand that we delete your data (e.g., if it is no longer needed for the purpose).
  • Right to object: You have the right to object at any time to your data being used for direct marketing.
  • Right to restriction: You can demand that we restrict our processing of your data while a dispute or investigation is ongoing.

If you wish to exercise your rights, please contact us using the contact details below. You also have the right to lodge a complaint with the supervisory authority that reviews data protection (in Sweden, this is the Swedish Privacy Protection Authority – IMY).

7. Contact information

If you have any questions about this privacy policy or our handling of your data, you are always welcome to contact us:

  • Company: The Insiders Hub AB (Geogiraph)
  • Address: Djurgårdsvägen 69, 132 46 Saltsjö-Boo, Sweden
  • Email: privacy@geogiraph.com
← Back to Legal Hub