Last updated: 2025-10-03
Jetty AB (company registration no. 556533-2334), located at Första Långgatan 5b, 413 29 Gothenburg, Sweden (“we”, “our”, “us”), is the data controller for personal data processed via our website www.jetty.se and in connection with our marketing and customer interactions. When our SaaS platform Jetty is used by our customers, we act as a data processor under a separate Data Processing Agreement (DPA).
1. Data We Collect
We collect different types of information depending on how you interact with us:
-
Contact information such as your name, email address, phone number, and company details when you communicate with us, sign up for events, request information, or use our services.
-
Usage data such as log files, browser type, operating system, pages visited, and time spent on our website.
-
Technical data such as IP addresses and device information.
-
Marketing and communication data including your preferences for receiving marketing communications from us.
-
Account-Based Marketing (ABM) data: IP addresses are processed by our service provider Dealfront GmbH for the purpose of company-level identification (see section 4). No personal identifiers such as names or email addresses are collected in this process.
2. Purposes of Processing
We process your data for the following purposes:
-
To provide and improve our services.
-
To respond to your inquiries and communicate with you.
-
To plan and manage events.
-
To maintain business relationships and customer accounts.
-
To send marketing and promotional communications, where permitted.
-
To analyze website usage and improve user experience.
-
To identify company-level visits to our website for B2B marketing and analytics (via Dealfront ABM services).
3. Legal Basis for Processing
We rely on the following legal bases under GDPR:
-
Contractual necessity (Article 6(1)(b)) – where processing is required to provide our services.
-
Legal obligation (Article 6(1)(c)) – where processing is required to comply with applicable laws.
-
Legitimate interest (Article 6(1)(f)) – where processing is necessary for our legitimate interests, such as improving our services, ensuring network security, or conducting B2B marketing (including company identification via Dealfront).
-
Consent (Article 6(1)(a)) – where required by local laws, e.g., for certain cookies or marketing activities.
4. Account-Based Marketing (ABM) with Dealfront
4.1 Company Identification via Dealfront (IP-based Tracking, No Cookies)
We use a company identification service provided by Dealfront GmbH (“Dealfront”). When visitors access our website, the service collects and processes IP addresses in order to match them against a business database and identify the company from which a visit originates.
-
No cookies are used in this process.
-
No personal data (such as names or email addresses) is collected by Dealfront.
-
The process only provides company-level insights, not individual tracking.
4.2 Roles under GDPR
-
Data Controller: Jetty AB determines the purpose (“to identify company-level visits for B2B marketing and analytics”) and means (“via the installation of the Dealfront script”).
-
Data Processor: Dealfront acts as our data processor in accordance with Article 28 GDPR. They process IP addresses solely on our behalf and under our instructions, governed by a Data Processing Agreement.
4.3 Legal Basis
Our legal basis for this processing is legitimate interest under Article 6(1)(f) GDPR – specifically our interest in understanding and improving engagement with business customers. Where required by local law, we obtain prior consentunder Article 6(1)(a) GDPR.
4.4 Data Handling
-
IP addresses are only used for real-time company matching and are not stored beyond the necessary technical processing window.
-
Company-level reports may be generated and linked to our CRM system.
-
Raw IP data is not shared with third parties.
-
Dealfront processes all data within the EU/EEA under GDPR-compliant safeguards.
4.5 Right to Object
You have the right to object to this processing at any time under Article 21 GDPR. Please contact us (see section 9) if you wish to exercise this right.
5. Data Sharing
We may share your data with:
-
Service providers and partners acting as processors who support our business operations (e.g., hosting, analytics, event management, CRM, Dealfront).
-
Legal and regulatory authorities, where required.
-
Other third parties, with your consent or as required by law.
All processors act under data processing agreements that ensure compliance with GDPR.
6. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting obligations.
-
ABM data (Dealfront): IP addresses are processed only in real time and are not stored beyond the technical processing period.
7. International Data Transfers
Where personal data is transferred outside the EU/EEA, we ensure adequate safeguards are in place, such as EU Standard Contractual Clauses (SCCs) or other legally recognized mechanisms.
8. Your Rights
You have the following rights under GDPR:
-
Right of access (Article 15)
-
Right to rectification (Article 16)
-
Right to erasure (Article 17)
-
Right to restriction of processing (Article 18)
-
Right to data portability (Article 20)
-
Right to object (Article 21), including to processing based on legitimate interest such as ABM company identification
-
Right to withdraw consent at any time (Article 7(3))
To exercise your rights, please contact us using the details in section 9.
9. Contact Information
If you have any questions, concerns, or wish to exercise your rights under this Privacy Policy, please contact us:
Jetty AB
Göteborg, Sweden
Email: hello@jetty.se
10. Updates to this Policy
We may update this Privacy Policy from time to time. The latest version will always be available on our website. Significant changes will be communicated where appropriate.