​

 

Effective Date: November 20, 2024

 

1. Introduction

 

Lost Goats AB (referred to as "we," "us," or "our") is committed to protecting the privacy and security of your personal data. We are the Data Controller responsible for processing the personal data you provide to us.

This policy outlines how we collect, use, store, and protect your personal data in compliance with the European Union's General Data Protection Regulation (GDPR) and relevant Swedish data protection legislation.

Our Details:

• Legal Name: Lost Goats AB

• Company Registration Number (Org. nr.): 559322-8371

• Registered Address: Lindås 2408, 34394 Älmhult, Sweden

• Contact Email for Privacy Matters: lostgoatsab@gmail.com

 

2. The Data We Collect About You

 

We may collect, use, store, and transfer different kinds of personal data about you, which we have grouped together as follows:

Type of DataData ExamplesPurpose of CollectionLegal Basis (GDPR)

Identity DataName, Address, Date of Birth.Booking and identification, communication.Contract: Necessary for fulfilling the contract (organizing and delivering the trip).

Contact DataEmail address, Telephone number.Sending booking confirmations, pre-trip information, and emergency communication.Contract: Necessary for fulfilling the contract.

Transaction DataDetails about payments, trips purchased, and transaction history.Processing payments, managing accounting, and financial reporting.Contract and Legal Obligation: Necessary for legal/tax compliance.

Special Category Data (Health)Relevant allergies, pre-existing medical conditions, dietary restrictions impacting safety.Ensuring your safety and providing necessary support during the trip.Explicit Consent: Requires your specific, affirmative consent.

Technical DataIP address, browser type, time zone setting, location.Website optimization and ensuring network security.Legitimate Interest: To administer and protect our business and website.

Marketing DataYour preferences in receiving marketing from us.Sending you promotional communications (if requested).Consent: Freely given, specific, informed, and unambiguous.

 

3. How We Use Your Personal Data

 

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

• To fulfil a contract: When processing your booking and providing the trail trip services you have purchased.

• To comply with a legal obligation: When we need to comply with Swedish law, such as keeping financial records for tax purposes.

• For our legitimate interests: To run and manage our business, provided your rights do not override these interests (e.g., website security, general customer service).

• Where we have your consent: When processing health data or sending you marketing communications.

 

4. Disclosure of Your Personal Data

 

We may need to share your personal data with the parties set out below for the purposes described in Section 3:

• Internal Third Parties: Other companies within our corporate group (if applicable) for IT, system administration, and reporting.

• External Service Providers: Third parties who provide services on our behalf (Data Processors), such as:

  • Payment processing providers ([e.g., Stripe, Swish]).

  • IT and system administration services.

  • Local guides, transportation companies, or accommodation providers who need your Identity and Health Data to safely and effectively deliver the trip services.

• Regulatory/Legal Bodies: The Swedish Tax Agency (Skatteverket) or other regulatory bodies where we are legally required to do so.

We require all third parties to respect the security of your personal data and treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your data for specified purposes and in accordance with our instructions.

 

International Transfers

 

If we transfer your personal data out of the European Economic Area (EEA) (e.g., using a non-EEA based email service provider), we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

• The country is deemed to provide an adequate level of protection for personal data by the European Commission.1

   

• We use specific contracts approved by the European Commission which give personal data the same protection it has in Europe (Standard Contrac2tual Clauses - SCCs).

   

 

5. Data Security

 

We have implemented appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. This includes:

• Encryption for sensitive data (e.g., health information).

• Secure booking platforms that use SSL/TLS encryption.

• Strict access controls to limit personal data access only to employees, agents, contractors, and other third parties who have a business need to know.

We have procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.3

 

 

6. Data Retention

 

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

 

• Transaction/Booking Data: We generally keep this data for 7 years after the trip completion to meet the requirements of the Swedish Accounting Act (Bokföringslagen).

• Health Data: Data collected for safety is typically deleted 30 days after the trip is completed, unless required for ongoing safety follow-up or legal claims.

• Marketing Consent: We retain your contact details for marketing purposes until you withdraw your consent.

 

7. Your Legal Rights (GDPR Rights)

 

Under certain circumstances, you have the following rights under data protection laws in relation to your personal data:

• Right to Access: You have the right to request a copy of the personal data we hold about you.

• Right to Rectification: You have the right to have incomplete or inaccurate data we hold about you corrected.

• Right to Erasure ('Right to be Forgotten'): You have the right to ask us to delete or remove personal data where there is no good reason for us to continue processing it.

• Right to Restrict Processing: You have the right to suspend the processing of your personal data.

• Right to Data Portability: You have the right to request the transfer of your personal data to you or a third party in a structured, commonly used, machine-readable format.

• Right to Object: You have the right to object to the processing of your personal data where we are relying on a legitimate interest.

• Right to Withdraw Consent: Where we are relying on consent to process your personal data (e.g., for health data or marketing), you have the right to withdraw that consent at any time.

To exercise any of these rights, please contact us using the email address provided in Section 1.

 

8. Complaints

 

You have the right to make a complaint at any time to the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten - IMY), the supervisory authority for data protection issues in Sweden. We would, however, appreciate the chance to deal with your concerns before you approach the IMY, so please contact us in the first instance.

 

9. Cookies

 

Our website uses cookies and similar tracking technologies to enhance user experience, analyze traffic, and manage sessions. We will inform you about the use of cookies and seek your consent through a Cookie Banner before any non-essential cookies are placed on your device.

• How to manage cookies: You can set your browser to refuse all or some browser cookies or to alert you when websites set or access cookies.

 

10. Changes to the Privacy Policy

 

We may update this policy from time to time. Any changes will be posted on this page with an updated "Effective Date." If the changes are significant, we may choose to notify you directly via email.

​

​

🍪 Cookie Policy for Lost GoatsAB

 

Effective Date: November 20, 2024

 

1. What Are Cookies?

 

Cookies are small text files that are placed on your computer or mobile device when you visit a website. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.

When you visit our website, which is built on the Wix platform, cookies may be placed on your device.

 

2. Consent to Use Cookies

 

Under the General Data Protection Regulation (GDPR), we must obtain your specific, informed consent for any cookies that are not strictly necessary for the basic functioning of the website.

When you first visit our site, you will see a Cookie Banner that asks you to consent to our use of cookies. You have the right to accept or decline the use of non-essential cookies. You can change your preferences at any time.

 

3. How We Use Cookies

 

We use cookies for the following purposes:

CategoryPurposeNecessity (GDPR Classification)

Strictly Necessary CookiesTo enable basic functions like navigation, user sessions, and security (e.g., keeping you logged in, maintaining cart contents).Essential: Required for the site to function correctly. Consent is not required.

Functional CookiesTo remember your preferences (e.g., language settings, regional display settings) and to provide enhanced, more personal features.Non-Essential: Consent is required.

Performance/Analytics CookiesTo collect anonymous information about how visitors use our site, such as which pages are visited most often and if visitors get error messages.Non-Essential: Consent is required.

Marketing/Targeting CookiesTo track visitor habits and activities to enable us (or third parties) to display personalized advertising.Non-Essential: Consent is required.

 

4. Cookies Used on Wix Sites

 

Since our website is hosted on the Wix platform, it uses cookies generated both by us and by Wix for system maintenance and functionality.

 

A. Strictly Necessary Cookies (Essential)

 

These cookies are mandatory and allow visitors to browse the website. They are usually session cookies, meaning they expire when you close your browser.

Cookie Name (Wix Standard)PurposeDuration

svSessionDetects visitor device type/screen resolution.Persistent (2 years)

hsSecurity measure.Session

XSRF-TOKENUsed for security reasons.Session

ssr-cachingUsed for controlling the cache logic.Session

 

B. Functionality and Analytics Cookies (Non-Essential)

 

These are used for tracking and analysis. These cookies are only set if you provide your consent via the Cookie Banner.

Cookie Name (Wix Standard)PurposeDuration

_ga (Google Analytics)Used to distinguish users and analyze site traffic and performance.Persistent (2 years)

_gid (Google Analytics)Used to store and update a unique value for each page visited.Persistent (24 hours)

wixLanguageStores the preferred language of the user.Persistent (1 year)

 

5. Third-Party Cookies

 

Our website may use third-party services that set their own cookies. For example, if we embed maps from Google Maps, that service may set cookies. We do not control these third-party cookies. We strongly recommend you review the privacy policies of these third parties.

Common third parties that may set cookies include:

• Google Analytics: For measuring website performance and traffic.

• [Any Social Media Integration, e.g., Facebook, Instagram]: If you have embedded share buttons or feeds.

 

6. How to Manage and Delete Cookies

 

You have the power to control and/or delete cookies as you wish.

 

A. Via Our Cookie Banner

 

Our website’s dedicated Cookie Settings or Cookie Banner allows you to grant or withdraw consent for non-essential cookies at any time.

 

B. Browser Controls

 

Most web browsers allow control over cookies through their settings. You can usually find these settings in the 'options' or 'preferences' menu of your browser.

• To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org or www.allaboutcookies.org.1

   

Please note that 2if you disable essential cookies, our website may not function correctly, and certain features (like the booking form) may be unavailable.

 

 

7. Changes to the Cookie Policy

 

We may update this Cookie Policy from time to time to reflect changes in our use of cookies or changes in regulatory requirements. We encourage you to review this policy periodically.

 

8. Contact Us

 

If you have any questions about our use of cookies, please contact us at:

• Contact Email for Privacy Matters: [privacy@yourcompany.se]

 

💡 Key Action Item for Wix

 

You must implement a GDPR-compliant Cookie Banner/Pop-up on your Wix site.

Wix provides built-in GDPR tools for this. Make sure you configure the banner so that:

1. It is prominently displayed on the first visit.

2. It clearly provides options to "Accept All," "Decline," or "Manage Settings."

3. No non-essential cookies (Analytics, Marketing) are loaded before the visitor provides consent.

​