Privacy Policy
1. Overview
Aurora Coach, operated by Prekariatet AB ("we," "our," or "us"), is committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our marketing website and related services (collectively, the "Service").
This policy applies to all users of the Service and visitors to our website, and by using our Service, you consent to the data practices described in this policy.
Important Notice for EU/UK Users
If you are located in the European Union, United Kingdom, or European Economic Area, additional rights and protections apply to you under the General Data Protection Regulation (GDPR) and UK GDPR. See Section 7 and Section 12 for details about your specific rights.
Marketing Website Privacy Policy
Scope: This privacy policy applies to our marketing website (aurora-coach.com) and related marketing activities including lead forms, newsletters, and team analysis requests.
Product Users: If you are using the Aurora Coach platform as a customer or employee of a subscribing organization, data processing is governed by our Terms of Service and Data Processing Agreement.
2. Information We Collect
2.1 Information You Provide Directly
- Contact Information: Name, email address, job title, company information provided through lead forms
- Communication Data: Messages and inquiries sent through our website contact forms
- Newsletter Data: Email addresses and preferences for marketing communications
2.2 Information Collected Automatically
- Website Usage Data: How you interact with our marketing website, pages visited, time spent, click patterns
- Device Information: IP address, browser type, operating system, device identifiers
- Log Data: Website server logs, access times, referring URLs
- Cookie Data: Information collected through cookies and similar tracking technologies (see our Cookie Policy)
2.3 Information from Third Parties
- Marketing Data: Contact information and professional details from marketing platforms and lead generation services
2.4 Marketing Website Information
- Lead Forms: Contact information, company details, and interest preferences submitted through website forms
- Newsletter Subscriptions: Email addresses and communication preferences for marketing communications
- Website Analytics: Page visits, content engagement, referral sources, and browsing patterns on our marketing website
- Team Analysis Requests: Information provided when requesting a free team analysis or sales consultations
3. How We Use Your Information
3.1 Communication and Marketing
- Provide customer support and respond to inquiries
- Send marketing communications (with your consent)
- Conduct surveys and gather feedback about our website and planned services
3.2 Marketing Website Operations
- Process lead inquiries and team analysis requests from our marketing website
- Deliver newsletters and marketing content to subscribers
- Analyze website performance and optimize marketing campaigns
- Provide personalized content recommendations based on website interactions
- Track marketing campaign effectiveness and conversion metrics
3.3 Business Operations
- Detect and prevent fraud and abuse
- Comply with legal obligations
4. Legal Basis for Processing (GDPR)
For users in the EU/UK, we process your personal data based on the following legal grounds:
Contract Performance
Processing necessary to provide the Aurora Coach Service under our Terms of Service
Legitimate Interest
Service improvement, security, fraud prevention, and direct marketing to existing customers
Consent
Marketing communications to prospects, optional analytics, and certain third-party integrations
Legal Obligation
Compliance with tax, accounting, and other legal requirements
5. Information Sharing and Disclosure
5.1 We DO NOT Sell Your Personal Information
Aurora Coach does not sell, rent, or trade your personal information to third parties for monetary consideration.
5.2 Service Providers
We share information with trusted service providers who assist in operating our Service:
- Web Hosting: Website hosting and basic analytics services
- Marketing Automation: HubSpot (customer relationship management and marketing website operations)
- Advertising Analytics: LinkedIn Insight Tag (ad campaign measurement and retargeting, loaded only with marketing cookie consent)
5.3 Business Transfers
In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction, subject to equivalent privacy protections.
5.4 Legal Requirements
We may disclose information when required by law or to protect our rights, safety, or the rights and safety of others.
6. Data Retention
We retain your information for as long as necessary to provide the Service and fulfill legal obligations:
Marketing Data
Retained until you unsubscribe or object to marketing communications, or 3 years from last interaction for inactive leads
Legal and Safety Data
Retained for 7 years or as required by applicable law
7. Your Privacy Rights
7.1 General Rights (All Users)
- Access: Request information about what personal data we hold about you
- Correction: Request correction of inaccurate personal information
- Deletion: Request deletion of your personal information (subject to legal exceptions)
- Opt-out: Unsubscribe from marketing communications at any time
7.2 GDPR Rights (EU/UK Users)
- Portability: Receive your data in a portable format
- Restriction: Request limitation of processing in certain circumstances
- Objection: Object to processing based on legitimate interest
- Automated Decision-Making: Rights related to AI and automated processing
- Withdraw Consent: Withdraw consent for consent-based processing
7.3 How to Exercise Your Rights
To exercise any of these rights, contact us at:
- Email: [email protected]
- Privacy Requests: [email protected]
Marketing Unsubscribe: You can unsubscribe from marketing communications at any time by:
- Using the unsubscribe link in any marketing email
- Contacting us directly at [email protected]
Response Time: We will respond to verified requests within 30 days (GDPR). Marketing unsubscribe requests are processed immediately.
9. Children's Privacy
Aurora Coach is designed for business users and is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you believe we have inadvertently collected information from a child under 16, please contact us immediately at [email protected].
10. Changes to This Privacy Policy
We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will:
- Notify you of material changes via email or prominent Service notice
- Update the "Last Updated" date at the top of this policy
- For significant changes, provide 30 days advance notice
- Obtain consent for changes that materially expand data collection or use
11. Contact Information
11.1 Data Controller
The data controller responsible for your personal information is:
Prekariatet AB
Olanders Väg 2
813 40 Torsåker
Sweden
11.2 General Privacy Questions
For privacy-related questions or concerns:
- Email: [email protected]
- Privacy Requests: [email protected]
11.3 Regulatory Complaints
You have the right to file a complaint with a data protection supervisory authority. Our lead supervisory authority, because Prekariatet AB is established in Sweden, is:
Integritetsskyddsmyndigheten (IMY)
(Swedish Authority for Privacy Protection)
Box 8114
104 20 Stockholm
Sweden
Website: imy.se
You may also lodge a complaint with the supervisory authority of the EU/EEA Member State where you live or work:
12. Jurisdiction-Specific Privacy Rights
This section is reserved for jurisdiction-specific privacy rights that may apply to you based on your location. Currently, we primarily serve EU/UK users whose rights are described in Section 7 above.
13. Prospects and Contacts Obtained from Third-Party Sources
This section applies specifically to business contacts whose personal data we obtained from sources other than the individual themselves (for example, commercial B2B contact databases or publicly accessible professional sources). We provide this information under Article 14 GDPR, which requires transparency when personal data is collected indirectly.
13.1 Where We Got Your Details
We obtained your business contact information from one or more of:
- A commercial B2B contact database that compiles business contact information from company websites, public professional profiles, press coverage, and data licensed from third parties. The provider of that database determines its own collection practices and is an independent data controller for its source data. The specific provider is listed on our Sub-processors page.
- Publicly accessible professional sources, including employer "about" or team pages, public professional profiles, conference speaker lists, open-source contribution histories, and press coverage where the information was published by you or your employer in a clearly professional context.
13.2 What We Hold
Typically: your name, business email address, job title, seniority level, employer name, country of employment, and a record of any outreach we have sent you along with your replies or opt-out status. We do not knowingly hold special categories of personal data (Article 9 GDPR) about prospects.
13.3 Purpose and Legal Basis
We process this data for direct business-to-business marketing: contacting you, in your professional role, about our product where it is likely relevant. Our legal basis under the GDPR is legitimate interest (Article 6(1)(f) GDPR). Recital 47 of the GDPR expressly confirms that direct marketing may be carried out on the basis of legitimate interest. We have conducted and documented a Legitimate Interest Assessment balancing our commercial interest against your rights and freedoms; a copy is available on written request.
Beyond the GDPR legal-basis question, EU Member States implement the ePrivacy Directive with varying strictness on the email channel itself. Where national rules require a stricter standard than legitimate interest alone, we apply the stricter rule in our segmentation and sending decisions.
13.4 Your Right to Object (Article 21 GDPR)
You have an unconditional right to object to this processing at any time, for any reason. We will stop processing your data for direct marketing purposes immediately and permanently, and add you to our suppression list to prevent accidental re-contact.
To object:
- Reply STOP or UNSUBSCRIBE to any email from us
- Email [email protected] from any address
- Simply do not reply; we stop contacting you after a short sequence regardless
13.5 Other Rights
You also have the rights listed in Section 7 of this policy (access, rectification, erasure, restriction, portability). To exercise any of them, email [email protected]. We respond within one month. We will not ask for more identity verification than is strictly necessary (typically confirmation that you are writing from the address we originally contacted).
13.6 Recipients and International Transfers
The service providers we share prospect data with are listed on our Sub-processors page, together with each provider's purpose, location, and data-handling terms.
Several of these providers are based in the United States, meaning your personal data may be transferred outside the European Economic Area. For every such transfer we rely on one of the lawful transfer mechanisms under Chapter V of the GDPR:
- EU-US Data Privacy Framework (DPF) where the recipient is self-certified (for example HubSpot, Google LLC), in reliance on the European Commission's adequacy decision of 10 July 2023.
- Standard Contractual Clauses (2021) where the recipient is not DPF-certified (for example Apollo.io), supplemented by a transfer impact assessment and additional technical and organisational safeguards where required.
You can request a copy of the specific transfer mechanism that applies to any given recipient by emailing [email protected].
13.7 Retention
Active prospect data is retained for up to 24 months from the date we added you to our database or from your most recent interaction, whichever is later. Prospects who never engage are deleted automatically 12 months after the last outbound email. If you object, we retain only a minimal hashed record of your email address, indefinitely, for the sole purpose of preventing accidental re-contact; the legal basis for that minimal retention is Article 6(1)(c) GDPR (compliance with the legal obligation under Article 21(3) to cease processing) supported by Article 6(1)(f).
13.8 Complaint
You have the right to lodge a complaint with Integritetsskyddsmyndigheten (IMY), our lead supervisory authority, or with the data protection authority of your EU/EEA Member State. Contact details are in Section 11.3 of this policy.
13.9 When You Receive This Information
Every outbound email we send includes a link to this policy in the footer. Your first email from us is therefore the moment you receive this Article 14 information, satisfying the GDPR requirement that the information be provided at first communication.