← Back to Map

Privacy Policy

Last Updated: February 18, 2026

1. Introduction

Kraftdata™ ("we", "our", or "the Service") is owned and operated by Serenit AB, a Swedish company. We are committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our electricity infrastructure mapping service.

In compliance with GDPR (General Data Protection Regulation - EU 2016/679), we ensure that any personal data processed is done so lawfully, fairly, and transparently.

2. Data Controller

The data controller responsible for your personal data is Serenit AB. For questions regarding data protection, please contact us through the information provided on the Service.

3. Information We Collect

3.1 Information We DO NOT Collect

Kraftdata is designed with privacy in mind. We do not collect:

  • Personal identification information (name, email, phone number)
  • Account or login information (we have no user accounts)
  • Payment or financial information
  • Location data beyond what you choose to view on the map
  • Cookies or tracking identifiers for advertising purposes

3.2 Technical Information We May Collect

To operate the Service, we may collect limited technical information:

  • Server Logs: IP addresses, browser type, operating system, pages viewed, and timestamps (retained for security and performance monitoring only)
  • Map Interactions: Anonymous usage statistics like map zoom levels, layers toggled, and geographic areas viewed (aggregated and anonymized)
  • Error Reports: Technical error information to improve Service stability

This technical data is collected anonymously and cannot be used to identify you personally.

3.3 Web Analytics

We use Matomo (formerly Piwik), a privacy-focused, self-hosted web analytics platform to understand how users interact with the Service. Matomo is hosted on our own server — no data is sent to third parties. The analytics system:

  • Operates in fully cookieless mode — no cookies are set on your device
  • Does not track users across websites or create user profiles
  • Does not collect User IDs or personally identifiable information
  • Anonymizes IP addresses before processing (at least 2 bytes masked, e.g. 192.168.x.x becomes 192.168.0.0)
  • Stores data exclusively on our own server within the EU (no third-party data sharing)
  • Collects only aggregated, anonymous metrics (page views, referrers, browser types)
  • Respects "Do Not Track" browser settings
  • Retains analytics data for a maximum of 25 months, after which it is automatically deleted
  • Is fully GDPR compliant with data minimization principles

Opt-out: You may opt out of anonymous usage tracking at any time. To do so, please visit our analytics opt-out page at analytics.kraftdata.se opt-out. If you have enabled "Do Not Track" in your browser, your visits are not tracked automatically.

Advertisement Click Tracking: The Service may display advertisements or sponsored content in the future. If implemented, we will track anonymous click events (which ads were clicked, when, and from which pages) to measure advertising effectiveness. This tracking:

  • Does not identify individual users or create user profiles
  • Records only aggregated, anonymous click statistics
  • Is processed on our own servers (not shared with third-party ad networks)
  • Does not involve cookies that track you across other websites
  • Complies with GDPR data minimization requirements

All analytics data is processed under our Legitimate Interest legal basis (GDPR Article 6(1)(f)) to improve the Service and measure effectiveness. You have the right to object to this processing at any time.

3.4 Local Storage

We use browser local storage to save your preferences (theme choice, visible map layers) locally on your device. This data never leaves your browser and is not transmitted to our servers.

4. Legal Basis for Processing (GDPR)

Under GDPR, we process your data based on the following legal grounds:

  • Legitimate Interest (Article 6(1)(f)): We process minimal technical data for operating, securing, and improving the Service
  • Consent (Article 6(1)(a)): Local storage preferences are saved only with your implicit consent through continued use

5. How We Use Your Information

Any technical information collected is used solely for:

  • Operating and maintaining the Service
  • Improving user experience and Service performance
  • Detecting and preventing security threats or abuse
  • Analyzing aggregated, anonymous usage patterns to improve features
  • Measuring advertisement effectiveness (if ads are implemented)

We do not:

  • Sell or share your data with third parties for marketing
  • Use your data for targeted advertising or personalized ads
  • Track you across other websites
  • Build user profiles or behavioral tracking systems
  • Share individual click data with advertisers (only aggregated statistics)

6. Third-Party Services

6.1 Data Sources

Kraftdata displays data from third-party sources:

  • OpenStreetMap: Map tiles and infrastructure data (see OSM Copyright)
  • Svenska Kraftnät (SVK): Swedish electricity grid data
  • ENTSO-E: European electricity transmission data
  • ECMWF: European Centre for Medium-Range Weather Forecasts
  • SCB: Statistics Sweden (Statistiska centralbyrån)
  • Global Energy Monitor: Energy infrastructure data
  • PyPSA: Python for Power System Analysis

When you use the Service, your browser may directly request map tiles and data from these providers. These requests are subject to their respective privacy policies.

6.2 Third-Party Analytics

We do not use third-party tracking services like Google Analytics. Our web analytics platform is self-hosted on our own infrastructure, meaning no data is sent to external companies for analysis or marketing purposes.

7. Data Retention

Technical logs and anonymous usage data are retained for a maximum of 90 days for security and operational purposes, after which they are automatically deleted.

Local storage preferences remain on your device until you manually clear your browser data.

8. Your Rights Under GDPR

As a data subject in the EU/EEA, you have the following rights:

  • Right of Access (Article 15): Request information about any personal data we process
  • Right to Rectification (Article 16): Request correction of inaccurate data
  • Right to Erasure (Article 17): Request deletion of your data
  • Right to Restriction (Article 18): Request limited processing of your data
  • Right to Data Portability (Article 20): Request your data in a machine-readable format
  • Right to Object (Article 21): Object to processing based on legitimate interests
  • Right to Withdraw Consent (Article 7): Withdraw consent at any time
  • Right to Lodge a Complaint (Article 77): File a complaint with your national data protection authority

To exercise any of these rights, please contact us. Note that due to our minimal data collection, we may not have any personal data associated with you.

9. Data Security

We implement appropriate technical and organizational measures to protect any data we process:

  • HTTPS encryption for all data transmission
  • Secure server infrastructure
  • Regular security updates and monitoring
  • Access controls and authentication for backend systems
  • Automated deletion of old logs

However, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

10. Cookies and Tracking

We do not use cookies for advertising or cross-site tracking purposes.

The Service may use minimal, essential cookies for:

  • Session Management: Maintaining your session while using the Service
  • Analytics: Our self-hosted analytics platform (Matomo) operates in fully cookieless mode and does not set any analytics cookies
  • Preferences: Browser local storage to save your theme and layer preferences
  • Advertisement Tracking: If advertisements are implemented, anonymous cookies may track which ads were shown and clicked (no personal identification)

These cookies are not used for personalized advertising or cross-site tracking, do not track you across other websites, and contain no personally identifiable information. Under GDPR, these are considered essential or legitimate interest cookies and do not require explicit consent.

You can disable cookies in your browser settings, though this may affect some functionality.

11. International Data Transfers

Our servers are located in the European Union (Sweden). If you access the Service from outside the EU, your technical data may be transferred to and processed in Sweden in accordance with GDPR standards.

12. Children's Privacy

The Service is not directed at children under 16 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last Updated" date. Continued use of the Service after changes constitutes acceptance of the updated policy.

14. Contact Us

If you have questions about this Privacy Policy, wish to exercise your GDPR rights, or want to file a data protection complaint, please contact us through the information provided on the Service.

You also have the right to lodge a complaint with the Swedish Data Protection Authority (Integritetsskyddsmyndigheten - IMY):

https://www.imy.se/

15. Summary

In short: Kraftdata collects minimal anonymous technical data needed to operate and improve the Service. We use privacy-focused, self-hosted analytics that do not track you across websites or create user profiles. We do not sell your data or use invasive third-party tracking. Your privacy is respected and protected in accordance with GDPR.