Welcome to Vetd. We take your privacy seriously and are committed to protecting your personal data in compliance with the General Data Protection Regulation (GDPR) and Swedish law.
This Privacy Policy explains how Vetd ("Vetd", "we", "us", or "our"), registered in Sweden, collects, uses, stores, and protects your personal data when you use our platform at vetd.se.
If you have questions about this policy or how we handle your data, please contact us at privacy@vetd.se.
Summary: We collect only what we need to run the platform. We store your data securely in the EU. You have full rights to access, correct, and delete your data at any time. We do not sell your data. We do not use third-party tracking cookies.
We collect the following categories of personal data:
| Category | Data collected | Source |
|---|---|---|
| Account information | Name, email address, hashed password | You provide this on sign-up |
| Profile data (contributors) | Date of birth, gender, location (city/country), employment status, household income (approximate), living situation, interests, brand preferences | You provide this during onboarding |
| Profile data (clients) | Company name, work email, role | You provide this on sign-up |
| Usage data | Study applications, participation history, availability preferences | Generated when you use the platform |
| Payment records | Payment amounts, payment status, dates of payment | Generated when you complete a study |
| Ratings | Scores and written feedback from researchers (visible to you) | Submitted by clients after completed studies |
| Notifications | In-platform notification content and read status | Generated by platform activity |
| Language preference | Your chosen display language (EN/SV), stored in localStorage | Set by you via the language toggle |
We do not collect biometric data, precise GPS location, browser history, or any sensitive special-category data as defined by GDPR Article 9, unless you explicitly provide it in free-text fields.
We process your data on the following legal bases (GDPR Article 6):
All personal data is stored using Supabase, a secure cloud database platform. Our Supabase project is hosted in the EU (Frankfurt, Germany — AWS eu-central-1 region).
Supabase is certified under ISO 27001 and implements encryption at rest and in transit. Access to the database is controlled by row-level security (RLS) policies, ensuring that you can only access your own data.
We do not transfer personal data outside the European Economic Area (EEA) unless protected by appropriate safeguards under GDPR Chapter V.
Under GDPR, you have the following rights regarding your personal data:
To exercise any of these rights, contact us at privacy@vetd.se. We will respond within 30 days. Contributors can also delete their account directly from the profile tab in the contributor portal — this triggers immediate deletion of all associated data.
We use no third-party cookies and no tracking cookies of any kind. We use only browser localStorage for the following purposes:
vetd_lang) — Stores your chosen language (EN or SV) so you don't have to re-select it on each visit.vetd_cookie_consent) — Records whether you have accepted or declined our localStorage usage.If you decline our cookie notice, your language preference will not be stored. These items are not cookies in the legal sense (they are not transmitted to servers with requests), but we follow cookie consent best practice regardless.
We do not use Google Analytics, Facebook Pixel, or any other third-party analytics or advertising tracking.
| Data type | Retention period | Reason |
|---|---|---|
| Account & profile data | Until account deletion + 30 days | To allow recovery from accidental deletion |
| Application records | 3 years from application date | Platform integrity and dispute resolution |
| Payment records | 7 years | Swedish Bookkeeping Act (Bokföringslagen) |
| Ratings & feedback | Deleted with account | Linked to contributor profile |
| Notifications | Deleted with account | No retention requirement |
| Anonymised analytics | Indefinitely | Aggregate data with no personal identifiers |
We share data only in the following limited circumstances:
We do not sell, rent, or otherwise commercially share your personal data with third parties for marketing purposes.
This Privacy Policy is designed to comply with the GDPR as implemented in Sweden. The competent supervisory authority for data protection in Sweden is:
Integritetsskyddsmyndigheten (IMY)
(formerly Datainspektionen)
Drottninggatan 29, 5th floor
SE-104 22 Stockholm, Sweden
www.imy.se
You have the right to lodge a complaint with IMY if you believe we are processing your personal data in violation of GDPR.
For all privacy-related inquiries, data subject requests, or complaints, please contact:
Data Controller: Vetd
Address: Stockholm, Sweden
Email: privacy@vetd.se
We aim to acknowledge all requests within 72 hours and respond fully within 30 days.
This policy may be updated periodically. We will notify active users of material changes via in-platform notification. Continued use of Vetd after any update constitutes acceptance of the revised policy.