Gavroux

Privacy Policy

Ce document est fourni uniquement en anglais.

Effective date: 10 July 2026 · Data controller: Sejder AB, org. no. 559554-8164, Sweden · [email protected]

1. What this site publishes

Gavroux publishes technical information about company domains: DNS records, TLS certificate metadata, email-authentication configuration (SPF/DMARC/DKIM), detected web technologies, SEO characteristics and AI-crawler directives, plus company name, country and registry number from official public company registries. This is information about organizations and their infrastructure, collected exclusively from publicly accessible sources. We do not scan for, collect, or publish personal data such as private individuals’ names, emails, or behaviour.

2. Legal basis

Where registry data incidentally contains personal data (for example a sole trader whose company name is their own name), we process it under legitimate interest (GDPR Art. 6(1)(f)): informing the public about the security posture of the European web, based on data the organizations themselves make publicly available. We balance this against the interests of the persons concerned — and back it with an unconditional, fast opt-out (below).

3. Opt-out — removal within 48 hours

If you want your domain or company removed from the public site, email [email protected] with the domain name, preferably from an address at that domain (so we can verify you represent it). We remove the public pages within 48 hours and exclude the domain from future publication. No justification is required.

4. Data you give us directly

If you email us or purchase a report, we process your email address and the contents of your message to answer and deliver — legal basis: contract (Art. 6(1)(b)). Purchase records are kept as required by Swedish accounting law. We never sell or share your contact details.

5. Cookies & analytics

The site works without tracking cookies. We use only technically necessary storage and privacy-respecting, aggregate traffic metrics (via our CDN). No advertising trackers, no cross-site profiling.

6. Recipients & transfers

The site is served through Cloudflare (CDN) and hosted on Amazon Web Services in the EU (Stockholm region). Both act as processors; data at rest stays in the EU/EES.

7. Your rights

Under the GDPR you can request access, rectification, erasure, restriction, and object to processing — write to [email protected]. You can also complain to the Swedish Authority for Privacy Protection (IMY).

8. Changes

We may update this policy; the effective date above reflects the current version.