Boka bord

GDPR Information

GDPR Information — Puerto 34

Version: 3.0

Last updated: 2026-06-24

Applies to: Puerto 34 (https://puerto34.se/)

1. Purpose

This page provides the information required under GDPR Articles 13–14 when we collect personal data via the website.

This notice fulfills the information obligation under GDPR Articles 13 and 14 when personal data is collected via the website.

2. Data controller

| | |

|—|—|

| Name | Puerto 34 |

| Email | it@puerto34.se |

| Website | https://puerto34.se/ |

3. Processing activities

Web server and operational logs

  • Data: IP address, timestamp, URL, browser, referrer
  • Purpose: Operation, troubleshooting, and security
  • Legal basis: Legitimate interest (GDPR Art. 6(1)(f))
  • Retention: Hosting provider — typically 30–90 days in access logs
  • Recipients: Hosting provider
  • Transfer outside EU/EEA: May occur depending on server location

Google Site Kit

  • Source: Site Kit by Google
  • Data: Webbstatistik och sökdata beroende på aktiverade Google-tjänster (Analytics, Search Console m.m.)
  • Purpose: Statistik, sökordsanalys och webbplatsoptimering
  • Legal basis: Consent (GDPR Art. 6(1)(a))
  • Retention: Enligt respektive Google-tjänst — se Googles dokumentation
  • Recipients: Google LLC
  • Transfer outside EU/EEA: Kan innebära överföring till USA beroende på tjänst
  • Vendor privacy policy: https://policies.google.com/privacy

Wordfence

  • Source: Wordfence Security
  • Data: IP-adress, webbläsarinformation, loginförsök och säkerhetshändelser
  • Purpose: Säkerhet, brandvägg, skadlig kod och intrångsförsök
  • Legal basis: Legitimate interest (GDPR Art. 6(1)(f))
  • Retention: Enligt Wordfence-inställningar och säkerhetsbehov
  • Recipients: Wordfence LLC (vid molntjänster)
  • Transfer outside EU/EEA: Kan innebära överföring till USA vid Wordfence molnskydd
  • Vendor privacy policy: https://www.wordfence.com/privacy-policy/

WPForms

  • Source: WPForms Lite
  • Data: Formulärinnehåll enligt konfigurerade fält
  • Purpose: Samla in förfrågningar, bokningar eller registreringar
  • Legal basis: Legitimate interest (GDPR Art. 6(1)(f))
  • Retention: Enligt plugin-inställningar och intern gallringsrutin
  • Recipients: Webbplatsens personal
  • Transfer outside EU/EEA: Kan förekomma om WPForms molntjänster används
  • Vendor privacy policy: https://wpforms.com/privacy-policy/

4. Purposes and legal bases

Each processing activity must have a valid legal basis under GDPR Article 6:

Legal bases

  • Legitimate interest (Art. 6(1)(f)) — security, operations, spam protection, responding to inquiries, after balancing interests.
  • Consent (Art. 6(1)(a)) — optional cookies, newsletters, marketing where consent is required. You may withdraw at any time.

5. Sources

We collect data from you directly (forms, orders, accounts) and automatically (logs, cookies per your consent). Partners may provide data for orders.

6. Retention

We retain personal data only as long as needed for the purpose or as required by law, then delete or anonymize securely.

7. Recipients

Data may be shared with hosting, CDN, email, payment, analytics, and support providers under processor agreements.

8. Transfers outside the EU/EEA

Some providers may process data outside the EU/EEA. This occurs only with a valid transfer mechanism.

We rely on EU Standard Contractual Clauses, supplementary measures, and adequacy decisions where applicable.

9. Your rights

You have the following rights when we process your personal data:

Your rights

  • Right of access (Art. 15)
  • Rectification (Art. 16)
  • Erasure (Art. 17)
  • Restriction (Art. 18)
  • Objection (Art. 21)
  • Data portability (Art. 20)
  • Withdraw consent (Art. 7(3))
  • Lodge a complaint with a supervisory authority (Art. 77)

To exercise your rights, contact us at it@puerto34.se.

We respond without undue delay and within one month (extendable by two months for complex requests under Art. 12(3)).

Supervisory authority

You may lodge a complaint with your local data protection authority if you believe processing violates GDPR.

10. Automated decision-making

We generally do not use automated decision-making or profiling with legal or similarly significant effects.

11. Cookies

See our [cookie policy]() and [privacy policy]().

Related documents

*This document was generated by maca Polly from an automated review of your website. It is a professional draft but does not replace individual legal advice.*