GDPR Policy – ReturnPATH Systems AB

Effective Date: 07 May 2026
Company: ReturnPATH Systems AB, Organization number: 559586-2888
Address: Västerås, Sweden
Email: contact@returnpathsystems.com

At ReturnPATH Systems AB, we value your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and protect your information in compliance with the EU General Data Protection Regulation (GDPR).

1. Data Controller

ReturnPATH Systems AB acts as the data controller. This means we determine the purposes and means of processing your personal data.

Contact details:

  • Email: contact@returnpathsystems.com

  • Address: Västerås, Sweden

2. Personal Data We Collect

We may collect personal data you provide directly or through our services, including:

  • Name, email address, phone number

  • Billing and shipping information

  • Account login credentials

  • Cookies and usage data (for analytics and service improvement)

  • Other data you voluntarily provide

3. Purpose of Processing

Your personal data is collected and processed for the following purposes:

  • Providing and improving our services

  • Fulfilling orders and requests

  • Communicating updates, newsletters, or promotions (with consent)

  • Compliance with legal obligations

  • Security, fraud prevention, and analytics

4. Legal Basis for Processing

We process your personal data under the GDPR lawful bases:

  • Consent: When you agree to receive communications or services

  • Contractual Necessity: To provide services you request

  • Legal Obligation: To comply with laws and regulations

  • Legitimate Interests: For business operations, security, and service improvement

5. Data Sharing

We do not sell your personal data. We may share your information with:

  • Service providers who help us operate (e.g., payment processors, cloud providers)

  • Legal authorities if required by law

  • Third parties in case of business transfers or mergers

All third parties are contractually required to process data according to GDPR standards.

6. Data Retention

We retain personal data only as long as necessary to provide our services or comply with legal obligations. After this period, your data will be securely deleted or anonymized.

7. Your GDPR Rights

Under the GDPR, you have the following rights:

  • Access: Request a copy of your personal data

  • Correction: Update inaccurate or incomplete data

  • Deletion: Request erasure of your data (“right to be forgotten”)

  • Restriction: Limit processing of your data

  • Portability: Receive your data in a structured, machine-readable format

  • Objection: Object to processing based on legitimate interests or marketing

To exercise your rights, contact us at contact@returnpathsystems.com.

8. Cookies and Tracking

We may use cookies or similar technologies to improve your experience, analyze usage, and provide targeted content. You can manage cookie preferences through your browser or our website settings.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, or misuse. However, no system is completely secure, so please use discretion when sharing sensitive information.

10. International Transfers

If your data is transferred outside the EU, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or transfers to countries with adequate protection levels.

11. Updates to This Policy

We may update this policy from time to time. We will notify users of significant changes via our website or email. Please review this policy periodically.

12. Contact

For questions, complaints, or to exercise your GDPR rights, contact:

ReturnPATH Systems AB
Email: contact@returnpathsystems.com
Address: Västerås, Sweden