Your personal data and how we handle it

Your personal data is the data we collect and save about you and how you use our services that directly or indirectly identifies you. We use this information to provide a better user experience, improve our services, and provide offers that fit your needs.

The information below is a summary of how we collect and handle your data in accordance with the General Data Protection Regulation (GDPR).

Type of personal data we collect

Contact information

When you become a Loopia customer, we collect your contact information:
Name, address, e-mail address, telephone number and social security number.

Information about your services

We also store data about which of our services you order and use, and how you use them.

Support tickets

When you contact our support, we collect the information you provide us in order to be able to help you with your case.

How we collect personal data

We collect and process data that...

  • ...you enter yourself when you become a customer with us.
  • ...you share with us when you contact us via chat conversations, emails and recorded phone calls.
  • ...is created when you use our services – for example, when you visit our website or log in to the customer zone.
  • ...we get from other sources – such as UC AB.
  • ...is collected through cookies that stores information from your browser.

Exactly what information we collect about you depends on which of our services you use.

What we use personal data for

In order for us to process your data, one of the following legal bases must be met:

  • Necessary to fulfill the contract with you.
  • Necessary to fulfill a legal obligation for Loopia.
  • The processing lies in both your and Loopia's interest.
  • Consent from you for that particular processing.

In order for us to provide our services to you, we need to process your personal data. Below you will find information about what we use your data for, and the legal basis each processing is supported by.

Provision of services

We process personal data to identify you as a customer and to manage and deliver the services you ordered and subscribe to. As well as personal data required to handle billing and payments of the services you use.

Legal basis: Necessary to fulfill contract.

Communication and support

We may use personal information from previous communication between you and us in order to provide better assistance.

We use your contact information and information about which services you use as the basis for invoices, newsletters, important information about your services, offers and tips on how to use our services.

Legal basis: Legitimate interest, consent and necessary to fulfill contract.

Development of our services and products

We process personal data on how you use our services, and from your communication with us as a basis for improving your experience specifically and our services in general.

Legal basis: Legitimate interest and consent.


We process personal data about what services you use and how you use them in order to market relevant products and services to you according to your needs.

Legal basis: Legitimate interest and consent.

Security and prevention of abuse

We process personal data in order to detect and prevent the following for our services and our network:

  • abuse
  • intrusion attempts
  • attacks such as viruses and DDOS
  • law violations
  • terms violations

Legal basis: Necessary to fulfill contract and legal obligation.

Regulatory obligations

We process personal data in order to comply with the requirements of the law.

Legal basis: Legal obligation.

For how long time we store personal data

We store personal data as long as there is a documented purpose for the processing. Contact our data protection officer for details.

To whom do we share personal data

Partners and subcontractors

We have agreements with all partners and subcontractors in the EU, and EU standard contract clauses for all outside the EU. EU/US Privacy Shield certification is used if the processing takes place in the United States. The agreements regulates what personal data is being processed, why the processing is done, how personal data are to be protected and for how long it is being processed. The agreements also contain instructions from the data controller to the data processor on how personal data can be processed.

Please note that point 4.1 of Appendix A in Loopia's General Terms and Conditions also applies to transfers to third countries.

We strive to never share more personal data than absolutely necessary with each partner.

We implement appropriate safeguards to ensure that your personal data is handled in accordance with applicable laws regarding security and privacy. We apply the same requirements to our subcontractors.

Loopia updates this list with changes in personal data access conditions when such changes are planned. Changes are included in this list at least one month before the change is implemented.

For the following purposes we may share certain data with the mentioned partners and subcontractors.

Marketing and analytical purposes

Partner Personal data that is shared and why
Loopia Group AB Analysis of Loopia AB's customer base for marketing purposes.
Exponea Cookie data for tracking and analyzing visits and purchases on Loopia's websites.
Google Analysis data via third-party cookies as well as pseudonymized email addresses for marketing and web analytics to improve our services. Analysis of customer contact information, account information in Google G Suite (Drive, Docs, Sheets) for product development.
Facebook Third-party cookie analysis data for marketing purposes.
Hotjar Analysis data through third party cookies for marketing and web analytics to improve our services.
Tradedoubler Cookie data for tracking purchases made through affiliate advertising (ad network with commission).
Trustpilot Product order information required to enable validated reviews of Loopia products.

In order to deliver ordered services

Partner Personal data that is shared and why
Active24 S.R.O. Data required for our Czech sister company to deliver our VPS services, hosting websites built in Loopia Sitebuilder (Yola) as well as MS SQL and our shared hosting Windows platform.
Ascio Data required to register, manage, renew and monitor domain names (in addition to these domain names where Loopia itself is the registrar: .SE, .NU and .EU).
Basekit Data required to set up an account for you in Loopia Sitebuilder (Basekit).
EURid Data required to register, manage and renew domain names of the domain type .EU.
Internetstiftelsen i Sverige (IIS) Data required to register, manage and renew domain names of the domain types .SE and .NU.
Google Customer contact information, account information and billing is handled through Google G Suite (Drive, Docs, Sheets) as a basis for troubleshooting, managing services and coordinating security work.
Loopia D.o.o Our subsidiary in Serbia where a large part of our development team is located has access to certain customer data through our development environment for troubleshooting and product development.
Microsoft Data required to configure and manage Microsoft 365 accounts for you at Microsoft.
OpenSRS Data required to register, manage, renew and monitor domain names (in addition to these domain names where Loopia itself is the registrar: .SE, .NU and .EU).
rankingCoach GmbH Data required to configure and administer the LoopiaSEO and LoopiaListings services for you at rankingCoach.
Websupport S.R.O Data required for our Slovak sister company to deliver our VPS services.

In order to charge for our services

Partner Personal data that is shared and why
Dibs Data required to complete a card payment.
DNB Data required for manual repayments via Bankgiro.
Strålfors Data required to send a paper invoice.
UC AB Data required to verify authenticity in the personal data specified upon ordering.


Partner Personal data that is shared and why
Atlassian The Jira and Confluence products are used for product development and internal knowledge sharing.
LiveAgent Data required to provide support services such as callback, chat and call recording.
Puzzel Data required to provide support services such as callback, chat and call recording.
Visma Consulting Personal identification numbers are shared to allow identification of the customer through BankID.
Slack Loopia Group intercompany and intracompany communication for providing customer service and troubleshooting. This includes customer contact person contact information, technical customer metadata, customer invoice information, customer support case information and events in technical logs.
Websupport S.R.O Data required for our Slovak sister company to provide and manage our use of Slack, a communications platform. This includes all Slack conversations for data retention and portability purposes.


We may be required to provide certain personal data by law and authority decisions upon request from for example the police.

How we protect your personal data

We use industry standards to store, process and communicate sensitive personal information such as personal data and passwords in a safe way. For example, SSL/TLS, PGP, and one-way hash algorithms.

The protection is implemented with systematic, organizational and technical measures to ensure integrity, confidentiality and accessibility.

We have policies and security practices implemented regarding:

  • information security
  • incident management
  • risk analysis
  • software updates
  • secure configuration and management of devices
  • office and data centers
  • software development
  • education and training

Loopia's staff are bound by confidentiality agreements and only process the data their specific tasks requires.

You control your personal data

You control your own personal information, meaning that you decide which data you want to give and what processing of your personal data you approve. You can revoke your consent at any time.

However, we need some personal data to provide our services to you. If you choose to revoke your consent, this may mean that we can not provide all our services to you.

Learn more about what rights you have regarding your personal data »

Your and your users personal data when Loopia acts as a data processor

In case you are data controller and Loopia acts as a data processor, our processing of your customers' personal data is regulated by our terms appendix Data processing agreement. For example, if you run a webshop at Loopia where your customers' orders are stored and processed on our servers, the email accounts you have with us or the data you store in our database services.

How we process your personal data when you are no longer a customer

When you terminate your account, we will remove all your personal data where there is no purpose for further processing. We also notify any potential partners and subcontractors who processed your data to also delete the data.

Among the things that are removed are your potential…

  • ...websites and databases.
  • ...possible domain names and dns settings.
  • ...email addresses with associated emails.
  • ...personal data in our CRM system.
  • ...backups of the above are removed in accordance with our backup schedule.

Among the things that are not removed are:

  • Data required by the Accounting Act.

Hey, do you need assistance?

Our popular SuperSupport is here to assist you.
Open weekdays 8-19, weekends 11-15