Fixat: Privacy Policy

Last Updated: August 1, 2025

This Privacy Policy has been designed to comply with the European Union's General Data Protection
Regulation (GDPR) and other applicable EU data protection laws.

Fixat Privacy Policy

PRIVACY POLICY

Fixat by BuddyPro
Last Updated: August 1, 2025

1. INTRODUCTION

BuddyPro AB, Org.nr 559516-1844 ("we," "us," "our," or "Company") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Fixat mobile application and related services (the "Platform").

By using the Platform, you consent to the data practices described in this Privacy Policy. If you do not agree with our practices, please do not use the Platform.

2. INFORMATION WE COLLECT

2.1 Personal Information You Provide

Account Information:

  • Full name (first and last name)
  • Email address
  • Phone number
  • Gender (optional)
  • Profile image/photo
  • Bio or personal description
  • Social Security Number (when required for tax purposes)

Address and Location Information:

  • Home address (street address, city, state/province, postal code, country)
  • Alternative addresses (billing, service locations)
  • Address types and preferences
  • Delivery contact information
  • Special access notes or instructions

Service and Booking Information:

  • Service preferences and requirements
  • Booking questionnaire responses
  • Service history and appointment details
  • Communication preferences
  • Special requests or notes

Payment Information:

  • Billing address information
  • Payment arrangements are currently made directly with service providers
  • Future payment processing may be implemented through the Platform

2.2 Information We Collect Automatically

Location Data:

  • Precise geolocation (latitude and longitude coordinates)
  • IP address location
  • Service area information for finding and matching with relevant service providers
  • Distance calculations between customers and service providers

Device and Usage Information:

  • Device type, operating system, and browser information
  • App usage patterns and feature interactions
  • Session duration and frequency of use
  • Error logs and diagnostic information

Platform Interaction Data:

  • Search queries and filters used
  • Services viewed and booked
  • Communication with service providers
  • Review and rating activity

2.3 Information from Third Parties

Service Providers:

  • Reviews and ratings about your services
  • Service completion confirmations
  • Communication records related to bookings

Future Payment Processors:

  • When payment processing is implemented: transaction confirmations and payment status
  • Fraud prevention information (when applicable)

3. HOW WE USE YOUR INFORMATION

3.1 Primary Service Functions

Platform Operations:

  • Create and manage your account
  • Process and fulfill service bookings
  • Forward complete booking questionnaires to selected service providers
  • Find and match you with relevant service providers based on location
  • Calculate distance-based pricing where applicable
  • Facilitate payment arrangements between customers and service providers
  • Provide customer support

Communication and Coordination:

  • Send booking confirmations and updates
  • Facilitate communication between customers and service providers
  • Send service reminders and follow-up messages
  • Provide technical support and assistance

3.2 Platform Improvement

Service Enhancement:

  • Analyze usage patterns to improve our Platform
  • Develop new features and services
  • Optimize matching algorithms
  • Enhance user experience design

Safety and Security:

  • Verify user identity and prevent fraud
  • Monitor for suspicious or harmful activity
  • Ensure platform security and data integrity
  • Comply with legal and regulatory requirements

3.3 Marketing and Communications (With Your Consent)

Promotional Activities:

  • Send marketing emails about new services or features
  • Provide personalized service recommendations
  • Share updates about platform improvements
  • Conduct user surveys and research

4. LEGAL BASIS FOR PROCESSING AND INFORMATION SHARING

4.1 Legal Basis for Processing

Under the General Data Protection Regulation (GDPR), we process your personal data on the following legal bases:

Contract: Processing necessary for the performance of our contract with you
Legitimate Interests: Processing necessary for our legitimate interests, provided these interests are not overridden by your rights and freedoms
Legal Obligation: Processing necessary to comply with our legal obligations
Consent: Processing based on your specific consent

For each major processing activity, the specific legal basis is as follows:

  • Account management and service provision: Contract
  • Service matching and booking coordination: Contract
  • Location-based matching: Legitimate Interests
  • Platform improvement and analytics: Legitimate Interests
  • Marketing communications: Consent
  • Customer support: Legitimate Interests or Contract
  • Compliance with legal requirements: Legal Obligation
  • Safety and security measures: Legitimate Interests

5. INFORMATION SHARING AND DISCLOSURE

5.1 Sharing with Service Providers

When You Book a Service:
We share your information with the service provider you book, including:

  • Your complete booking questionnaire with all responses
  • Your name and contact information (email, phone)
  • Service address and location details
  • Any special requests or notes you provided
  • Communication preferences

Important Note: Service providers receive your full booking questionnaire to properly understand and fulfill your service requirements. They may contact you directly using this shared information for booking coordination, service delivery, and follow-up purposes.

5.2 Other Sharing Scenarios

Business Partners:

  • Technology providers for platform functionality (legal basis: Legitimate Interests)
  • Analytics services for platform improvement using anonymized data (legal basis: Legitimate Interests)
  • Future payment processors when payment processing is implemented (legal basis: Contract)

Public Display:

  • Your first name is displayed with reviews you write for service providers (legal basis: Contract)
  • Reviews cannot be linked to other personal information or your full profile

Legal Requirements:

  • When required by law, regulation, or court order (legal basis: Legal Obligation)
  • To protect our rights, property, or safety (legal basis: Legitimate Interests)
  • To prevent fraud or illegal activity (legal basis: Legitimate Interests)
  • In emergency situations to protect user safety (legal basis: Legitimate Interests)

Business Transfers:

  • In connection with mergers, acquisitions, or asset sales (legal basis: Legitimate Interests)
  • To successors or assigns of our business

For each third party, we have Data Processing Agreements in place that comply with Article 28 of the GDPR. We ensure all third parties process your data securely and in accordance with EU data protection laws.

We do not sell your personal information to third parties and we do not transfer your data outside of the EU without appropriate safeguards.

5.3 Information We Do Not Share

We do not sell, rent, or trade your personal information to third parties for their marketing purposes without your explicit consent.

6. DATA STORAGE AND PROCESSING

BuddyPro AB operates exclusively within the European Union. All your personal data is stored and processed on servers located within the EU, in compliance with GDPR and other applicable EU data protection laws.

If we need to transfer your data outside the EU for any reason, we will ensure that adequate safeguards are in place (such as EU Standard Contractual Clauses) and will inform you of such transfers in advance.

7. DATA RETENTION AND DELETION

7.1 Retention Periods

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected and to comply with applicable laws. Specific retention periods are:

Active Accounts:

  • Account information: Retained for the duration of your account plus 12 months after account closure
  • Booking history: Retained for 7 years for business and tax purposes
  • Communication records: Retained for 2 years from last interaction
  • Usage data: Retained for 13 months in an identifiable form
  • Analytics data: Retained for 26 months
  • When payment processing is implemented: Payment information retained per payment processor requirements and financial regulations (7 years)

Inactive Accounts:

  • Accounts may be marked for deletion after extended inactivity
  • You will receive notification before account deletion
  • You may request immediate account deletion at any time

7.2 Account Deletion Process

Customer-Requested Deletion:

  • For general account deletion: Contact our support team
  • For GDPR-related deletion requests: Contact privacy@buddypro.io
  • Account will be scheduled for deletion within 30 days
  • If you have made purchases, necessary data will be retained for legal compliance purposes
  • All marketing and communication efforts will cease immediately upon deletion request
  • Service providers you've worked with will be notified of relevant changes

Automatic Deletion:

  • Inactive accounts may be automatically deleted after 2 years of inactivity
  • Advance notice will be provided before automatic deletion

8. DATA SECURITY

8.1 Security Measures

We implement appropriate technical and organizational measures to protect your personal information in accordance with GDPR Article 32. These measures include:

Technical Safeguards:

  • Encryption of personal data during transmission and at rest
  • Secure authentication and access controls
  • Regular security assessments and updates
  • Monitoring for unauthorized access or breaches
  • Regular backups and procedures for restoring data in the event of an incident
  • Ability to ensure ongoing confidentiality, integrity, and availability of processing systems

Administrative Safeguards:

  • Limited access to personal information on a need-to-know basis
  • Employee training on privacy and security practices
  • Data protection impact assessments for high-risk processing activities
  • Incident response procedures
  • Vendor security requirements and Data Processing Agreements

8.2 Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and will inform affected individuals without undue delay, as required by GDPR.

Despite these measures, no method of transmission over the internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

8.3 Your Responsibility

Account Security:

  • Keep your login credentials confidential
  • Use strong, unique passwords
  • Enable two-factor authentication when available
  • Report suspicious activity immediately

9. YOUR RIGHTS UNDER GDPR

As our services operate within the EU, you have the following rights under the General Data Protection Regulation (GDPR):

9.1 Your Data Rights

  • Right to Access: You can request a copy of the personal information we hold about you
  • Right to Rectification: You can request correction of inaccurate or incomplete information
  • Right to Erasure: You can request deletion of your personal information (also known as the "right to be forgotten")
  • Right to Restrict Processing: You can request limitation of how we use your data
  • Right to Data Portability: You can request transfer of your data in a machine-readable format
  • Right to Object: You can object to certain types of processing, including direct marketing
  • Right to Withdraw Consent: Where processing is based on consent, you can withdraw consent at any time
  • Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority

To exercise these rights, please contact us at privacy@buddypro.io

9.2 Account Management

Account Management:

  • View and update your profile information
  • Modify communication preferences
  • Manage address and payment information
  • Review booking and service history

Data Requests:

  • Request a copy of your personal information
  • Request correction of inaccurate information
  • Request deletion of your account and data
  • Object to certain processing activities

9.3 Communication Preferences

Marketing Communications:

  • Opt out of promotional emails
  • Manage notification preferences
  • Control marketing consent settings
  • Unsubscribe from non-essential communications

Service Communications:

  • Booking confirmations and updates (cannot be disabled)
  • Important account or security notices (cannot be disabled)
  • Customer support communications (as needed)

10. COOKIES AND TRACKING TECHNOLOGIES

We use cookies and similar technologies to enhance your experience, analyze usage, and collect information about how you interact with our platform. In accordance with EU law, we will ask for your explicit consent before placing any non-essential cookies on your device.

10.1 Types of Technologies Used

Essential Cookies:

  • Authentication and session management
  • Security and fraud prevention
  • Basic platform functionality

Preference Cookies:

  • User interface preferences
  • Language and region settings
  • Personalized service recommendations

Analytics and Performance Cookies:

  • Usage statistics and platform improvement
  • Error tracking and diagnostic information
  • Performance monitoring

Marketing Cookies (with explicit consent):

  • Personalized service recommendations
  • Marketing communication optimization

10.2 Managing Cookies

You can control cookie settings through your device or browser settings, though disabling certain cookies may affect platform functionality. You can manage your cookie preferences at any time through our cookie management tool accessible in the Platform, or through your browser settings.

11. CHILDREN'S PRIVACY

Our services are not intended for children under 16 years of age, and we do not knowingly collect or process personal data from children under 16. In accordance with GDPR Article 8, if we learn that we have received personal data from a child under 16 without verification of parental consent, we will delete that information as quickly as possible. If you believe we have collected information from a child under 16, please contact us immediately at privacy@buddypro.io

12. UPDATES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes through the Platform or via email. Your continued use of the Platform after such updates constitutes acceptance of the revised Privacy Policy.

13. DATA CONTROLLER AND DATA PROTECTION OFFICER

BuddyPro AB is the data controller for the personal information collected through our Fixat platform. We have appointed a Data Protection Officer (DPO) who is responsible for overseeing questions regarding this Privacy Policy.

If you have questions or concerns about this Privacy Policy or our data practices, please contact our DPO at:

Email: privacy@buddypro.io
Address: Karlavägen 41, 114 31 Stockholm, Sweden

13.1 Privacy Questions

For questions about this Privacy Policy or our privacy practices, contact us at:

Email: privacy@buddypro.io
Address: Karlavägen 41, 114 31 Stockholm, Sweden

13.2 Data Protection Officer

If required by applicable law, you may contact our Data Protection Officer at:
Email: privacy@buddypro.io

This Privacy Policy is effective as of the date listed above and applies to all information collected by BuddyPro AB through the Fixat platform.

Redo när du växer

Från soloentreprenör till tillväxtbolag - BuddyPro skalar med dig, utan att lägga på onödigt krångel.

Ensam på kontoret eller 100 i teamet? Inga problem. BuddyPro hänger med – utan att bli krångligare.

Boka demo