top of page

Privacy Policy

Privacy Policy

FutureSpex AB
Organization Number: 559414-7588
Website: https://futurespex.com
Contact: academy@futurespex.com
Effective date: 23 February 2026


1. General Information

FutureSpex AB, organization number 559414-7588 (“FutureSpex”, “the Company”, “we”, “us”, or “our”), is committed to safeguarding the privacy and integrity of personal data.

This Privacy Policy describes how FutureSpex AB collects, processes, stores, transfers, and protects personal data in connection with:

  • Visits to our website, futurespex.com (the “Website”);

  • Registration for and participation in courses, training programs, certifications, and events;

  • Communications relating to courses, promotions, or employment opportunities;

  • Recruitment processes; and

  • Other interactions with FutureSpex AB.

FutureSpex AB acts as the data controller in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation, “GDPR”) and applicable Swedish data protection legislation.


2. Definitions

For the purposes of this Privacy Policy:

Personal Data means any information relating to an identified or identifiable natural person.

Processing means any operation performed on Personal Data, including collection, recording, organization, structuring, storage, adaptation, retrieval, consultation, use, disclosure, restriction, erasure, or destruction.

Candidate refers to any individual who connects with the Company regarding employment or opportunities, submits an application, is sourced for recruitment purposes, or is referred to the Company.

Service Provider means any third party engaged by FutureSpex AB to provide services on its behalf, including but not limited to hosting providers, recruitment systems, course platforms, analytics providers, and IT service providers.


3. Categories of Personal Data Processed

3.1 Data Provided Directly by You

FutureSpex AB may process the following categories of Personal Data:

  • Full name

  • Email address

  • Telephone number

  • Postal address

  • Employer and professional title

  • Curriculum vitae, cover letters, portfolios, work samples

  • Education history, certifications, professional qualifications

  • Reference details

  • Communications submitted via email, forms, chat, surveys, or other correspondence

  • Course registration details

  • Payment and invoicing information (where applicable)

3.2 Data Collected Automatically

When accessing or interacting with the Website, certain technical information may be collected automatically, including:

  • IP address

  • Browser type and version

  • Device type and operating system

  • Pages visited and duration of visit

  • Date and time of access

  • Referring URLs

  • Language preferences and screen resolution

  • User interaction and behavioral data

Such data is collected through cookies and similar tracking technologies.

3.3 Course and Training Data

In connection with participation in courses, training programs, and certifications, the Company may process:

  • Enrollment information

  • Participation records

  • Assessment results and progress tracking

  • Certificates issued

  • Feedback and evaluations

  • Webinar or session recordings, where applicable and consent has been obtained

Course administration may be facilitated through third-party platforms, including but not limited to Thinkific or equivalent systems.

3.4 Recruitment Data

In connection with recruitment activities, the Company may process:

  • Application documentation

  • Interview notes

  • Assessment and test results

  • Salary expectations (where relevant)

  • Publicly available professional profile information (e.g., LinkedIn, GitHub)

  • Information provided by references

Recruitment processes may be administered through external applicant tracking systems, including Teamtailor.


4. Sources of Personal Data

Personal Data may be obtained from:

  • You directly;

  • The Website;

  • Course and training platforms;

  • Recruitment systems;

  • Publicly available professional sources;

  • Employees, collaborators, partners, or references;

  • Sister companies within the same corporate group, including Cyber Instincts AB and UltraDefy AB, where lawful and relevant.

5. Purposes of Processing

FutureSpex AB processes Personal Data for the following purposes:

  • Administration and delivery of courses, training programs, and certifications;

  • Management of registrations, payments, and invoicing;

  • Administration of recruitment and employment processes;

  • Communication regarding services, programs, promotions, and employment opportunities;

  • Marketing communications, where permitted by law;

  • Improvement, development, maintenance, and security of the Website and services;

  • Collection of feedback and performance evaluation;

  • Protection and enforcement of legal rights;

  • Compliance with legal and regulatory obligations.

6. Legal Bases for Processing

Processing of Personal Data is conducted on one or more of the following legal grounds:

Performance of a contract
Where processing is necessary for the performance of a contract or to take steps prior to entering into a contract.

Legitimate interests
Where processing is necessary for the Company’s legitimate interests, including recruitment, business development, service improvement, and IT security, provided such interests are not overridden by the interests or fundamental rights and freedoms of the data subject.

Consent
Where you have provided explicit consent, including for marketing communications, recordings, testimonials, or inclusion in talent pools.

Legal obligation
Where processing is necessary to comply with applicable legal requirements.

Consent may be withdrawn at any time without affecting the lawfulness of processing based on consent prior to withdrawal.

7. Disclosure and Sharing of Personal Data

Personal Data may be disclosed to:

  • Authorized Service Providers engaged by the Company;

  • Sister companies within the corporate group, including Cyber Instincts AB and UltraDefy AB, for compatible business purposes;

  • Legal advisors, auditors, or regulatory authorities where required by law;

  • Prospective buyers or successors in the event of a merger, acquisition, restructuring, or sale of assets.

FutureSpex AB does not sell Personal Data to third parties.

8. International Transfers

Personal Data may be processed within the European Union or European Economic Area (EU/EEA).

Where Personal Data is transferred outside the EU/EEA, appropriate safeguards shall be implemented in accordance with Chapter V of the GDPR, including:

  • European Commission adequacy decisions;

  • Standard Contractual Clauses;

  • Other legally recognized transfer mechanisms.

9. Data Retention

Personal Data is retained only for as long as necessary to fulfill the purposes for which it was collected, including for the satisfaction of legal, accounting, or reporting requirements.

In general:

  • Visitor data is retained for up to twelve (12) months for analytics and security purposes;

  • Recruitment data is retained for as long as necessary for recruitment and potential future opportunities, subject to applicable law;

  • Course and certification data is retained for administrative, contractual, and legal compliance purposes;

  • Marketing data is retained until consent is withdrawn or the data is no longer relevant.

Retention periods may vary depending on legal or contractual obligations.

10. Cookies and Tracking Technologies

The Website uses cookies and similar technologies to ensure functionality, enhance user experience, analyze traffic, and improve services.

Users may control cookie preferences through browser settings. Disabling cookies may impact certain functionalities of the Website.

11. Data Security

FutureSpex AB implements appropriate technical and organizational measures designed to ensure a level of security appropriate to the risk, including protection against unauthorized or unlawful processing, accidental loss, destruction, or damage.

Notwithstanding the above, no method of transmission over the internet or electronic storage is entirely secure, and absolute security cannot be guaranteed.

12. Data Subject Rights

Pursuant to the GDPR, you have the right to:

  • Request access to your Personal Data;

  • Request rectification of inaccurate or incomplete data;

  • Request erasure of Personal Data under applicable conditions;

  • Request restriction of processing;

  • Object to processing based on legitimate interests;

  • Withdraw consent at any time;

  • Request data portability where applicable;

  • Lodge a complaint with a competent supervisory authority.

Requests concerning the exercise of these rights may be submitted to:
academy@futurespex.com

13. Third-Party Websites

The Website may contain links to third-party websites. FutureSpex AB assumes no responsibility for the privacy practices or content of such websites. Users are encouraged to review the respective privacy policies of those third parties.

14. Amendments to This Policy

FutureSpex AB reserves the right to amend this Privacy Policy at any time to reflect changes in legal requirements, operational practices, technologies, or services.

The most current version shall at all times be available on futurespex.com.

bottom of page