Privacy notice for platform access and membership requests

1. Data Controller

Cemperium Nordic AB

2. Data We Collect

• Email address
• User activity
• Device and browser data
• XP interactions

3. Purpose

Data may be used for platform functionality, AI personalization, security and fraud prevention.

4. Legal Basis

• User consent
• Legitimate interest
• Contractual necessity

5. Data Sharing

• Infrastructure providers
• Analytics providers
• Compliance partners
• Cemperium does not sell personal data

6. Data Retention

Data should be stored only as long as necessary for legitimate operational, legal and security purposes.

7. User Rights

• Request access
• Request deletion
• Request correction
• Contact: info@cemperium.se

8. Security

Technical and organizational safeguards are intended to protect data against misuse, loss and unauthorized access.

9. Third Parties

External services may process data independently under their own terms, privacy notices and compliance responsibilities.

10. Updates

This privacy policy may change over time.

GDPR rights overview

• Right to access the personal data processed in relation to your account or access request.
• Right to request correction of inaccurate or incomplete personal data.
• Right to request deletion where retention is not required for legal, security or fraud-prevention reasons.
• Right to object to or restrict certain processing activities where applicable under GDPR.
• Right to information about what is stored, why it is stored, and how long it is kept.

Contact

Privacy-related requests can be directed to legal@cemperium.se. General platform questions can be directed to info@cemperium.se.

Cookie-related controls and disclosures are prepared separately on the cookies page, while regulated-partner responsibilities are described on the regulatory page.