Privacy Policy

Last updated: 12 February 2026

This Privacy Policy explains how Molte Consulting AB ("we", "us", "our") processes personal data in accordance with the EU General Data Protection Regulation (GDPR).

We provide consulting services on a B2B basis and only process personal data that is necessary for business communication and delivery of our services.

1. Data Controller

Molte Consulting AB
Org.nr: 559289-7085
126 49 Hägersten, Sweden

Email: privacy@molte.se

2. Personal Data We Process

We may process the following categories of personal data:

  • Name

  • Work email address

  • Work phone number

  • Company name

  • Job title

  • Correspondence and information provided in emails or meetings

We do not intentionally process special categories of personal data (such as health data, trade union membership, political opinions, or similar).

3. Purpose and Legal Basis for Processing

We process personal data for the following purposes:

Purpose/Legal Basis (GDPR Article 6)

  • Business communication: Legitimate interest (Art. 6(1)(f))

  • Delivery of consulting services: Performance of a contract (Art. 6(1)(b))

  • Invoicing and accounting: Legal obligation (Art. 6(1)(c))

  • Relationship management: Legitimate interest (Art. 6(1)(f))

Our legitimate interest is to conduct and manage our professional business relationships.

4. How We Collect Personal Data

Personal data is collected:

  • Directly from you via email, phone, meetings, or our website

  • From your employer or publicly available professional sources (e.g. company websites, LinkedIn)

5. Data Retention

We retain personal data only for as long as necessary for the purposes described above:

  • Client and prospect contact data: for the duration of the business relationship

  • Accounting records: as required by Swedish accounting law

  • Email correspondence: retained according to our internal retention practices

6. Sharing of Personal Data

We may share personal data with:

  • IT and communication service providers (e.g. email, cloud services)

  • Accounting and administrative service providers

  • Authorities, where required by law

All service providers process personal data under data processing agreements and appropriate safeguards.

We do not sell personal data.

7. Transfers Outside the EU/EEA

Some of our service providers may process personal data outside the EU/EEA. In such cases, we ensure that appropriate safeguards are in place, such as:

  • EU Standard Contractual Clauses

  • Adequacy decisions by the European Commission

8. Your Rights

Under GDPR, you have the right to:

  • Request access to your personal data

  • Request rectification of incorrect data

  • Request erasure ("right to be forgotten")

  • Request restriction of processing

  • Object to processing based on legitimate interest

  • Request data portability (where applicable)

To exercise your rights, please contact us using the details above.

9. Cookies

Our website may use necessary cookies to ensure basic functionality. We do not use cookies for marketing or tracking without consent.

Further information about cookies is available in our cookie notice (if applicable).

10. Security Measures

We take appropriate technical and organisational measures to protect personal data, including access controls, secure systems, and staff awareness.

11. Complaints

If you believe that we process personal data in violation of applicable data protection law, you have the right to lodge a complaint with the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten).

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The latest version will always be published on our website.