Privacy Policy
Last updated: April 2026
Blanketo takes your privacy seriously. This policy explains what personal data we collect, why we collect it, and how we handle it in compliance with the EU General Data Protection Regulation (GDPR) and Swedish data protection law.
1. Data controller
Blanketo is operated by [OPERATOR_NAME], a sole trader (enskild firma) registered in Sweden (org. nr [ORG_NUMBER]). Address: Stockholm, Sweden Email: [CONTACT_EMAIL]
2. What data we collect
When you use Blanketo to send a letter, we collect only the data strictly necessary to fulfil your order: • Recipient name and postal address – to print and mail your document. • Return (sender) name and postal address – printed on the envelope and cover page. • Your email address – to send you an order confirmation and a copy of the merged PDF. • Your uploaded PDF – processed in memory to add a cover page and submit to the postal operator. • Payment data – handled entirely by Stripe. We never see or store your card number or bank details.
3. How we use your data
We process your data for one purpose only: to fulfil the letter-sending service you have purchased. Specifically: • Printing and mailing your document via Ekopost (Swedish hybrid mail). • Sending you an order confirmation email with a copy of the final PDF. We do not use your data for marketing, profiling, or any purpose unrelated to your order.
4. Legal basis for processing
We process your personal data on the basis of contractual necessity (Article 6(1)(b) GDPR) – processing is necessary to perform the service you have requested and paid for.
5. Data retention
We retain your data for the shortest time technically necessary: • PDF and postal addresses: held in an encrypted, short-lived session store (Redis) with a maximum lifetime of 30 minutes. Deleted immediately once your order has been processed. • Email address: used only to dispatch the confirmation email; not stored beyond that send. • Payment data: stored and retained by Stripe in accordance with their own privacy policy and applicable financial regulations. Blanketo does not retain payment data. Because your data is deleted within minutes of your transaction, there is typically no data left for us to retrieve, correct, or transfer if you contact us after the fact.
6. Data processors (third parties)
We share your data with the following processors, solely to deliver the service: • Ekopost AB – receives the recipient address, return address, and merged PDF to print and mail your letter. Ekopost is a Swedish company subject to GDPR. • Stripe, Inc. – handles payment processing. Stripe is certified under the EU–US Data Privacy Framework and processes payment data on our behalf under a Data Processing Agreement. • Scaleway SAS – provides our hosting infrastructure (containerised application, session store, and transactional email). Scaleway is a French company and our data is processed within the EU. • PostHog, Inc. – provides product analytics. We use PostHog Cloud EU; all data is stored in Frankfurt, Germany (EU). PostHog is used to understand how users interact with the service (funnel analysis and product improvement). Analytics are only activated with your consent via the cookie banner. If you decline, PostHog operates in cookieless mode and no personal identifiers are collected. PostHog's privacy policy: posthog.com/privacy. We do not sell your data. We do not share your data with any other third party.
7. Your rights
Under GDPR you have the right to: • Access the personal data we hold about you. • Correct inaccurate data. • Request erasure ("right to be forgotten"). • Restrict or object to processing. • Receive your data in a portable format. Because we delete all data within 30 minutes of your transaction, we will typically have nothing on file. If you contact us promptly during or immediately after your order, we will do our best to accommodate your request. To exercise any of these rights, email [CONTACT_EMAIL].
8. Cookies and analytics
We use two categories of cookies and client-side storage: Strictly necessary: Stripe's JavaScript library (Stripe.js), loaded on the payment screen, may set cookies or use local storage for fraud detection and to provide a secure payment experience. These operate regardless of your cookie preference. Analytics (optional, consent required): We use PostHog to measure product usage — for example, which steps users complete and how many letters are sent. PostHog may set cookies and collect session data including page views, click events, and session recordings for product improvement and funnel analysis. • If you accept analytics cookies via the cookie banner, PostHog runs in standard mode and may set persistent cookies. • If you decline, PostHog runs in cookieless mode: events are still counted but no cookies are set and no personal identifiers (IP address, device fingerprint) are stored. You can change your preference at any time via the cookie banner. For details on how PostHog handles data, see their privacy policy at posthog.com/privacy. For Stripe, see stripe.com/cookies-policy.
9. Security
All data is transmitted over HTTPS. Session data is stored in an encrypted Redis instance hosted within the EU and is automatically expired after 30 minutes. We apply the principle of data minimisation: we collect only what is necessary and discard it as quickly as possible.
10. Changes to this policy
We may update this policy from time to time. When we do, we will update the "Last updated" date at the top of this page. Continued use of Blanketo after changes are published constitutes acceptance of the updated policy.
11. Contact and complaints
For any privacy-related questions, contact us at [CONTACT_EMAIL]. If you believe we have handled your data unlawfully, you have the right to lodge a complaint with the Swedish supervisory authority: Integritetsskyddsmyndigheten (IMY) www.imy.se imy@imy.se