Taight
Tight on tech, high on ai

Privacy Policy

How TaiGHT Consulting AB collects, uses, and protects your information.

Last updated: April 2026
1. Who We Are

TaiGHT Consulting AB (organisation number pending) is the data controller for personal data processed through this website (taight.net). We are a Swedish consulting company based in Sweden.

Contact for privacy matters:
Email: privacy@taight.net
General: info@taight.net

2. What Personal Data We Collect
Contact Form Submissions

When you submit the contact form, we collect:

  • Name (first and last name)
  • Email address
  • Phone number (optional)
  • Company name (optional)
  • Job title (optional)
  • Your message and selected subject
  • Timestamp of submission and consent
User Accounts (Authenticated Users)

If you are given access to the platform as a partner or team member, your account is managed through Microsoft Entra ID. We store locally:

  • Name, email address, phone number
  • Company, job title
  • Entra ID identifier (for account linking)
  • Assigned roles and last login timestamp
Website Usage Data

If you accept analytics cookies, we collect anonymised usage data via Google Analytics (GA4), including pages visited, time on site, and general interaction patterns. This data does not directly identify you. Analytics tracking is only activated after you give consent through the cookie banner.

3. Why We Process Your Data (Legal Basis)
Data Purpose Legal Basis (GDPR)
Contact form data Respond to your inquiry Consent (Art. 6(1)(a))
User accounts Provide access to the platform Legitimate interest (Art. 6(1)(f))
Analytics data Understand how the site is used and improve it Consent (Art. 6(1)(a))
Authentication data Secure login and access control Legitimate interest (Art. 6(1)(f))
4. How Long We Keep Your Data
  • Contact form submissions: Retained for up to 24 months after submission, then anonymised or deleted.
  • User accounts: Retained as long as the account is active. Anonymised upon request or when the account is no longer needed.
  • Analytics data: Subject to Google Analytics' own retention policies (default 14 months).
  • Application logs: Retained for 30 days, then automatically deleted.
5. Cookies and Tracking

We use a cookie consent banner. You choose whether to accept or decline analytics cookies before any tracking begins.

Cookie / Storage Purpose Duration Consent Required
taight_cookie_consent (localStorage) Remembers your cookie choice Persistent No (strictly necessary)
.AspNetCore.Cookies Authentication session Session No (strictly necessary)
_ga, _ga_* Google Analytics (visitor statistics) Up to 2 years Yes

If you decline analytics cookies, no tracking data is collected and no Google Analytics scripts are loaded. You can change your choice at any time by clearing your browser's local storage for this site.

6. Who Has Access to Your Data

Your personal data is not sold, rented, or shared with third parties for marketing purposes. The following service providers process data on our behalf:

  • Microsoft Azure (hosting, database, authentication, email delivery) — data stored in Sweden Central (EU).
  • Microsoft Entra ID (identity management for authenticated users) — EU data residency.
  • Google Analytics (website usage statistics, only with your consent) — data may be processed in the US under Google's data processing terms.

All data processors are bound by data processing agreements and are required to handle your data in accordance with GDPR.

7. Where Your Data Is Stored

Your data is primarily stored within the European Union. Our infrastructure runs on Microsoft Azure in the Sweden Central region. If you consent to analytics cookies, some data may be transferred to Google's servers, which may be located outside the EU. Google provides adequate safeguards for such transfers under their data processing terms.

Visitors outside the EU: As a Swedish company, we apply the same GDPR protections to all personal data we process, regardless of where you are located. If you contact us from outside the EU, your data is still processed and stored in our EU infrastructure under the same safeguards described in this policy.

8. Your Rights Under GDPR

Under the General Data Protection Regulation (GDPR), you have the following rights regarding your personal data:

  • Right of access — You can request a copy of all personal data we hold about you.
  • Right to rectification — You can ask us to correct inaccurate or incomplete data.
  • Right to erasure ("right to be forgotten") — You can ask us to delete your personal data. We will anonymise or delete it unless we have a legal obligation to retain it.
  • Right to data portability — You can request your data in a structured, commonly used format (JSON).
  • Right to restrict processing — You can ask us to limit how we use your data.
  • Right to object — You can object to processing based on legitimate interest.
  • Right to withdraw consent — Where processing is based on consent, you can withdraw it at any time. This does not affect the lawfulness of processing before withdrawal.

To exercise any of these rights, contact us at privacy@taight.net. We will respond within 30 days.

9. Data Security

We take appropriate technical and organisational measures to protect your personal data, including:

  • HTTPS encryption for all data in transit
  • Azure-managed encryption for data at rest
  • Role-based access control for admin functions
  • Authentication via Microsoft Entra ID with multi-factor authentication support
  • Secrets stored in Azure Key Vault, not in application code
10. Children's Privacy

This website is not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

11. Changes to This Policy

We may update this privacy policy from time to time. The "last updated" date at the top of this page indicates when it was last revised. We encourage you to review this policy periodically.

12. Supervisory Authority

If you are not satisfied with how we handle your personal data, you have the right to lodge a complaint with the Swedish data protection authority:

Integritetsskyddsmyndigheten (IMY)

Box 8114, 104 20 Stockholm, Sweden

www.imy.se imy@imy.se
13. Contact Us

For any questions about this privacy policy or how we handle your personal data, contact us at:

Taight Consulting AB

Privacy inquiries: privacy@taight.net

General: info@taight.net

Rejoining the server...

Rejoin failed... trying again in seconds.

Failed to rejoin.
Please retry or reload the page.

The session has been paused by the server.

Failed to resume the session.
Please retry or reload the page.