Skip to main content
Legal // Last updated 16 May 2026

Privacy
policy.

This page explains what data VIKBORG collects when you visit our site or contact us, how we use it, and the rights you have over it.

01 · What we collect

We only collect what you give us directly through our contact form:

  • Name — required.
  • Company — optional.
  • Contact details — email, phone, WhatsApp number or Telegram username (whichever channel you choose).
  • Service interest, estimated budget, project details — optional context for your inquiry.

We do not request, store or process payment information, identity documents, or any "special category" data (health, biometric, political opinions, etc.).

02 · Why we collect it

The legal basis for processing the data above is the execution of a contract or pre-contractual measures at your request (GDPR Art. 6(1)(b)). In plain terms — we use what you submit to:

  • reply to your inquiry on the channel you chose;
  • scope and discuss the project you described;
  • send a follow-up if you do not respond to our reply within 30 days.

We never use your contact information for unrelated marketing.

03 · Analytics & cookies

We use Google Analytics 4 to understand which pages visitors view and where traffic comes from. GA4 is loaded only after you tap Accept on the cookie banner; before that no analytics cookies are set and no tracking pixels fire.

When you accept, the following pieces of data are sent to Google on your behalf:

  • A randomly generated client ID stored as a cookie (no name, email, or IP linkage on our side).
  • Page URL, referrer, browser language, screen size, anonymised IP (last octet masked).
  • The fact that you submitted the contact form (event generate_lead) — no personal data attached.

Legal basis: your explicit consent (GDPR Art. 6(1)(a)). You can withdraw consent at any time by clearing your browser's site data — the banner will reappear and default back to denied.

A small functional cookie (vikborg-consent) stores your choice for 6 months so the banner does not nag you. No tracking value is set if you decline.

04 · How long we keep it

  • Contact form submissions — kept for up to 24 months after our last correspondence, then permanently deleted. If we sign a contract together, we keep them as part of the project record for the legally required period (typically 10 years for accounting).
  • Analytics data — Google Analytics 4 default retention of 14 months.
  • Consent cookie — 6 months from your last visit.

05 · Sharing & sub-processors

We never sell your data and never share it with advertisers or data brokers. The only third parties that process data on our behalf are:

  • Google Analytics 4 (Google Ireland Ltd.) — anonymised usage analytics, only after consent.
  • Hosting provider — stores the database and server logs.
  • Email provider — only used to send our reply to you if you choose Email as a contact channel.

All sub-processors are bound by data processing agreements compliant with GDPR.

06 · Your rights

Under GDPR you have the right to:

  • request a copy of the data we hold about you (access);
  • ask us to correct inaccurate data (rectification);
  • ask us to delete your data when it is no longer needed (erasure);
  • object to processing or restrict it;
  • withdraw consent for analytics at any time;
  • lodge a complaint with your local data protection authority.

To exercise any of these rights, email us at hello@vikborg.com. We will respond within 30 days.

07 · Security

Data in transit is protected by TLS 1.3. Data at rest is encrypted at the database and disk level. Access to the admin panel is limited to authenticated team members with role-based permissions and 8-hour session expiry. We follow industry-standard practices for vulnerability management, dependency updates, and incident response.

08 · Contact us

Questions about this policy or your data? Reach out:

← Back to home
© 2026 VIKBORG