Privacy Policy
Last updated: 2026-01-05
Introduction
ASAP Services AB ("Frisken", "we", "us") cares about your privacy. This privacy policy explains how we collect, use, store, and protect your personal data when you use our wellness benefit management service.
By using Frisken, you accept the processing of your personal data as described in this policy.
Data Controller
ASAP Services AB is the data controller for the processing of your personal data.
ASAP Services AB
Email: kontakt@frisken.se
What Personal Data Do We Collect?
We collect the following categories of personal data:
Account Data
- Email address (used for login and communication)
- Name (optional)
- Phone number (optional)
- Swedish personal identity number (only the last four digits are stored, the rest is hashed for identification)
Transaction Data
- Date of gym visit
- Which gym the visit was made at
- Amount
- Service description
Technical Data
- IP address
- Browser information
- Access timestamps
Why Do We Process Your Data?
We process your personal data to:
- Provide and administer the wellness benefit service
- Record and manage transactions between you, your employer, and gyms
- Invoice employers and pay out to gyms
- Prevent fraud and verify your identity
- Comply with legal requirements (e.g., Swedish Accounting Act)
Legal Basis for Processing
We process your personal data based on the following legal bases under GDPR:
| Processing Activity | Legal Basis |
|---|---|
| Create and manage your account | Contract (Art. 6.1.b) |
| Record wellness transactions | Contract (Art. 6.1.b) |
| Verify your identity via BankID | Legitimate Interest (Art. 6.1.f) |
| Create and store invoices | Legal Obligation (Art. 6.1.c) |
| Respond to contact inquiries | Legitimate Interest (Art. 6.1.f) |
Who Do We Share Data With?
We share your personal data with:
- Your employer (transaction data for wellness benefits)
- Gyms you visit (for identity verification during visits)
- Technical service providers (hosting, email)
We never sell your personal data to third parties.
All our service providers are based within the EU/EEA.
How Long Do We Keep Your Data?
We retain your data as follows:
- Account data: As long as the account is active, plus 7 years (accounting requirements)
- Transaction history: 7 years (per Swedish Accounting Act)
- Contact inquiries: Until the matter is resolved, plus 1 year
Some data may need to be retained longer by law, even if you request deletion.
Your Rights
Under GDPR, you have the following rights:
- Right of Access - You can request a copy of all personal data we hold about you.
- Right to Rectification - You can request that incorrect data be corrected.
- Right to Erasure - You can request that we delete your data (with exceptions for legal requirements).
- Right to Restriction - You can request that we restrict the processing of your data.
- Right to Data Portability - You can request your data in a machine-readable format.
- Right to Object - You can object to certain processing based on legitimate interest.
To exercise your rights, contact us at kontakt@frisken.se. We will respond to your request within 30 days.
You also have the right to lodge a complaint with the Swedish Authority for Privacy Protection (IMY):
Integritetsskyddsmyndigheten (IMY)
imy.se
Security
We implement appropriate technical and organizational measures to protect your personal data, including:
- Encrypted transmission (HTTPS/TLS)
- Role-based access control
- Logging of access to personal data
- Regular security updates
Your Swedish personal identity number is never stored in plain text. We only store a hashed version for identification and the last four digits for display.
Cookies
We only use essential cookies required for the service to function:
- Session cookie for login
We do not use tracking cookies or third-party analytics.
Changes to This Policy
We may update this privacy policy. For significant changes, we will inform you via email or through a notice in the service.
Contact
Do you have questions about how we process your personal data? Contact us:
E-post: kontakt@frisken.se