Privacy Policy

Last updated: May 19th, 2025

This Privacy Policy explains how Havio Health AB ("we", "us", or "our") collects, uses, and protects your personal data when you visit our website www.haviohealth.com

We are committed to handling your data responsibly and in accordance with applicable privacy laws, including the EU General Data Protection Regulation (GDPR).

1. Data Controller

Havio Health AB
Birger Jarlsgatan 57 C
113 56 Stockholm, Sweden
Email: hello@haviohealth.com

2. What Personal Data We Collect

We collect the following types of data from visitors to our website:

• Contact information (name, email address, phone number)

• Professional details (postal code, clinic information if voluntarily provided via forms)

• Free-text messages sent via our forms

• Technical data (e.g., IP address, browser type, referral source)

• Usage data (collected via cookies and Google Analytics)

We do not use automated decision-making or profiling as defined in Art. 22 GDPR.

3. How We Collect Data

We collect personal data in the following ways:

• When you fill out our Contact Form or Request Access form

• When you sign up for our newsletter

• Through cookies and tracking technologies (e.g., Google Analytics, HubSpot cookies)

4. Purpose and Legal Basis for Processing

We use a double opt-in process to confirm your email address before sending newsletters. This means you will receive a confirmation email with a link you must click to complete your subscription.

We process data submitted through contact forms based on our legitimate interest in responding to inquiries (Art. 6(1)(f) GDPR).

• We process data for sending newsletters and marketing emails based on your consent (Art. 6(1)(a) GDPR).

• We analyze website traffic and usage data with tools like Google Analytics based on your consent provided through the cookie banner.

• We manage CRM and email communications based on our legitimate interest in maintaining business relationships.

You may withdraw your consent at any time by contacting us or clicking “unsubscribe” in our emails.

5. Data Processors and Third Parties

We work with the following third-party services to process data:

• MailJet – email communication

• HubSpot – CRM, form data storage, and website cookies

• Google Analytics – website usage analytics

• Google Workspace (Gmail, Calendar) – internal communication and coordination

These providers may process your data on our behalf and are bound by data processing agreements as required by GDPR.

6. International Data Transfers

We strive to keep all data processing within the EU. However, some of our service providers (e.g., Google, HubSpot) may process data outside the European Economic Area (EEA), including in the United States.

In such cases, we ensure that appropriate safeguards are in place to protect your personal data. These may include Standard Contractual Clauses (SCCs) approved by the European Commission or other legally recognized mechanisms to ensure adequate data protection in line with GDPR. If data is transferred outside the EU (e.g., by Google or HubSpot), we ensure appropriate safeguards are in place (e.g., Standard Contractual Clauses).

7. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to collect data about how visitors use our site. This includes tools like Google Analytics and HubSpot cookies.

These cookies are only activated with your explicit consent via our cookie banner, where you can choose to accept or reject different categories of cookies.

We use cookies to:

• Understand website usage and performance

• Improve functionality and user experience

• Support marketing and CRM operations

Categories of Cookies We Use

• Essential cookies: Necessary for core site functionality, such as submitting forms.

• Analytics cookies: Help us understand how our website is used and improve user experience. These are provided by services like Google Analytics.

• Marketing cookies: Enable tracking for CRM and retargeting purposes, such as those used by HubSpot.

You can update your preferences or withdraw consent at any time through the cookie settings available on our website. You may also adjust cookie preferences in your browser settings.

8. Data Retention

We store your data only for as long as necessary for the purposes for which it was collected, or as required by law. For example:

• Contact form submissions: up to 12 months

• Newsletter data: until you unsubscribe

• Analytics data: retained for 14 months

9. Data Security

We take appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure or destruction.

10. Your Rights under GDPR

You have the right to:

• Access your personal data

• Request correction or deletion

• Withdraw your consent at any time

• Object to processing

• Request data portability

• Lodge a complaint with a supervisory authority:

  • Sweden: Integritetsskyddsmyndigheten (IMY), https://www.imy.se

  • Germany: Federal Commissioner for Data Protection and Freedom of Information (BfDI), https://www.bfdi.bund.de

To exercise your rights, contact us at hello@haviohealth.com

11. Changes to This Policy

We may update this Privacy Policy from time to time. The latest version will always be published on this page with the date of the last update.