Privacy Policy
Last updated: 4th of September 2025
This Privacy Policy describes how Crewcial Networking AB ("we", "our", or "crewcial") collects, uses, and protects your personal data when you use the crewcial platform.
We are committed to protecting your privacy and handling your data transparently and in compliance with applicable laws, including the General Data Protection Regulation (GDPR) and the Swedish Data Protection Act.
1. Who We Are
Crewcial Networking AB
Org. number: 559535-1734
Hammarbyterrassen 34
120 63 Stockholm, Sweden
Contact: amalia@crewcial.io
DPO contact: amalia@crewcial.io
2. What Data We Collect
We collect the following categories of personal data:
2.1 Information You Provide
- Name and email
- Profile data (title, background, location, goals, interests)
- Profile picture
- Event registrations and goals
- Contact preferences
- LinkedIn info (if manually added)
- Requests sent to support
2.2 Information Generated Through Use
- Event interaction data (browsing, attending, saving)
- Connection history
- Recommendation history
- Consent preferences
2.3 Technical Data
- IP address
- Browser and device type
- Anonymized analytics data (via GA4)
2.4 Payment Data
When you make payments through our platform:
- Payment information (credit card details, bank account info) is processed directly by Stripe and is not stored on our servers
- We receive confirmation of successful payments and basic transaction details from Stripe
- We do not have access to your full payment method details
- Stripe handles all payment data in compliance with PCI DSS standards
We do not request or collect any sensitive personal data. Users may voluntarily provide such data in free-text fields, but this is not required or processed for any core feature.
3. Why We Collect Your Data
We process your data to:
- Deliver our networking and event discovery services
- Generate personalized recommendations via AI
- Help you build a relevant professional profile
- Track your event participation and preferences
- Enable meaningful connections with other users
- Improve the platform through analytics
- Send relevant service updates and support
We also process anonymized usage data to understand trends, prevent abuse, and enhance performance.
4. Legal Basis for Processing
We rely on the following legal bases:
- Contractual necessity: To provide the services you sign up for
- Legitimate interest: To improve the platform, ensure security, and support your networking goals
- Consent: For marketing communications and AI-powered personalization
- Legal obligation: To comply with applicable data protection and accounting laws
You can withdraw consent or object to processing at any time.
5. Third-Party Services
We share data only with the following trusted third parties:
| Provider | Purpose | Location |
|---|---|---|
| Cloud service provider | Cloud hosting and storage | Sweden |
| OpenAI | AI-powered content and recommendations | US (SCCs in place) |
| Email provider | Email delivery (e.g. event reminders, verification) | EU/US (GDPR compliant) |
| Google Analytics 4 | Anonymized analytics (no identifiable data) | EU |
| Stripe | Payment processing and transaction handling | US/EU (GDPR compliant) |
We do not share your data with social media platforms, advertisers, or any unrelated third parties.
6. How Long We Keep Your Data
| Type of Data | Retention Period |
|---|---|
| Account and profile data | Until account is deleted by you |
| Event history | 7 years (legal/accounting purposes) |
| Recommendation history | 2 years |
| Analytics (anonymized) | 2 years |
| Support messages | 2 years |
You can request early deletion at any time (see Section 8).
7. How We Protect Your Data
We take the following steps to secure your information:
- Encryption of data in transit and at rest
- Access restricted to authorized personnel
- Regular platform and security updates
- Secure login infrastructure and monitoring
- Minimal data sharing and strong processor agreements
8. Your Rights
You have the following rights under GDPR:
- Right to access – get a copy of your personal data
- Right to rectification – correct inaccurate or incomplete data
- Right to erasure – request full deletion of your account and data
- Right to restrict processing – limit how we use your data
- Right to object – especially regarding data used under "legitimate interest"
- Right to data portability – receive your data in a portable format
- Right to withdraw consent – opt out of marketing or AI features
To exercise any of these rights, email us at amalia@crewcial.io. We'll respond within 30 days.
9. AI-Powered Features
We use OpenAI services to:
- Recommend relevant events based on your profile and preferences
- Score events for relevance based on your profile and preferences
- Help you generate a profile if requested
These features are optional. AI-generated content is provided "as is" and may not always be accurate or complete.
10. Cookies and Tracking
We use only essential cookies and anonymized analytics.
- Essential cookies – required for login/session functionality
- Analytics (GA4) – anonymized, used to improve the platform
We do not use cookies for advertising, retargeting, or user-level tracking. You can control cookies via your browser.
11. Children's Privacy
crewcial is not intended for users under 18 years of age. We do not knowingly collect data from minors. If you believe a child has used the platform, contact us immediately and we will delete the data.
12. Changes to This Policy
We may update this Privacy Policy to reflect changes to our service. You will be notified of significant changes via email or platform notifications.
Previous versions are archived and available on request.
13. Contact
For privacy-related questions or to exercise your rights, contact:
Crewcial Networking AB
Hammarbyterrassen 34, 120 63 Stockholm
Email (general and DPO): amalia@crewcial.io
Swedish Data Protection Authority: www.imy.se
By using crewcial, you confirm that you have read and understood this Privacy Policy.