Privacy Policy
Last updated: April 2026
This Privacy Policy explains how Strife AB ("Strife", "we", "us") processes personal data. We take your privacy seriously and process personal data only in accordance with applicable law, including the EU General Data Protection Regulation (Regulation (EU) 2016/679, "GDPR") and the Swedish Data Protection Act (Dataskyddslagen 2018:218).
If you have questions about this policy or want to exercise your rights, contact us at privacy@strife.app.
1. Summary
We process personal data in two distinct roles:
As Data Controller — for personal data about visitors to strife.app, our customers' representatives, prospects, suppliers, and job applicants. This policy describes that processing in Sections 3 to 10.
As Data Processor — for personal data that our customers store in the Strife Service (for example, their end-users, employees, or contacts). That processing is governed by our Data Processing Agreement with each customer, not by this Privacy Policy. Section 11 explains this boundary.
2. Who we are
The Data Controller for the processing described in this policy is:
Strife AB Company registration number: 559295-1114 Registered address: Larmgatan 5, 392 32 Kalmar, Sweden Email: privacy@strife.app
We have not appointed a Data Protection Officer, as we are not required to do so under GDPR Article 37. For all privacy-related matters, including requests to exercise your rights, use privacy@strife.app.
3. Who this policy covers
This policy covers personal data we process about:
Customers: representatives and contact persons at companies or organisations that purchase or use the Strife Service.
Visitors: people who visit strife.app, subscribe to our newsletter, attend our events, or otherwise interact with our marketing.
Prospects: representatives at companies we identify as potential customers.
Suppliers and partners: individuals at companies that provide services to us or collaborate with us.
Job applicants: people who apply to work at Strife.
4. What personal data we process and why
Category of data subject | Personal data we process | Purpose | Legal basis |
|---|---|---|---|
Customers | Name, work email (used for identification and authentication), workplace, job title, billing address, payment information, correspondence, IP address, usage data | Provide the Strife Service, manage the customer relationship, deliver support, invoice and collect payment, customer care, inform about product updates | Performance of a contract; legitimate interest in operating and improving our business |
Visitors | Name, email, IP address, device and browser information, pages viewed, interactions with our content, information voluntarily submitted through forms | Operate strife.app, understand how it is used, respond to inquiries, send marketing communications where consent has been given | Legitimate interest; consent (for marketing communications and non-essential cookies) |
Prospects | Name, work email, workplace, job title, public information about the company, interactions with our content | Identify and contact companies that may benefit from the Strife Service | Legitimate interest in marketing our products to businesses |
Suppliers and partners | Name, work email, workplace, job title, billing information, correspondence | Manage the supplier or partner relationship, fulfil contracts, meet legal obligations | Performance of a contract; legitimate interest; legal obligation (e.g., accounting law) |
Job applicants | Name, contact details, CV, application materials, correspondence, information about previous employers and education | Assess applications, conduct recruitment, communicate with applicants | Legitimate interest in recruitment; with consent for retaining applications beyond the immediate recruitment process |
Where we rely on legitimate interest, we have performed a balancing test and concluded that our interest does not override the rights and freedoms of the data subject. You can request more information about this assessment by contacting privacy@strife.app.
5 Sources of personal data
We collect personal data from:
You directly: when you fill in a form, register an account, contact us, apply for a job, or interact with our website.
Publicly available sources: such as company registries, company websites, and public professional profiles (for example LinkedIn) when identifying prospects.
Third-party services we use: such as our analytics and advertising platforms.
6. How long we retain personal data
Category | Retention period | Basis |
|---|---|---|
Active customer account data | Duration of agreement + 90 days | Contract performance |
Billing and transaction data | 7 years from the end of the financial year | Swedish Bookkeeping Act (Bokföringslagen 1999:1078) |
Support correspondence | 24 months from last interaction | Legitimate interest |
Website analytics and IP addresses | 14 months | Legitimate interest |
Marketing recipients (newsletter, campaigns) | Until consent is withdrawn + 90 days | Consent |
Prospect data | 12 months from last meaningful interaction | Legitimate interest |
Supplier and partner data | Duration of agreement + 7 years for billing data | Contract, legal obligation |
Job applications | 24 months after recruitment is concluded | Legitimate interest, potential discrimination claims |
Inquiries and contact form submissions | 12 months | Legitimate interest |
After these periods, personal data is either deleted or anonymised. Where we are required to retain data for longer under applicable law, only the specific data required is retained, for no longer than the period required.
7. Who we share personal data with
We do not sell personal data. We share personal data only with service providers that help us operate our business, and only under written agreements that require them to protect the data.
7.1 Our sub-processors
The following service providers process personal data on our behalf. Some are engaged only in specific circumstances, as indicated in the "Condition" column.
Sub-processor | Purpose | Condition | Location |
|---|---|---|---|
RavenDB Inc. (RavenCloud) | Primary database (managed service) for the Strife Service. RavenDB Inc. is part of the RavenDB group, which also includes RavenDB Ltd (Israel) and RavenDB Europe Ltd. Israel benefits from an EU Commission adequacy decision. | Default | EU region of the underlying cloud provider |
Microsoft Azure | Underlying cloud infrastructure engaged by RavenCloud | Via RavenCloud | EU regions |
Hetzner | Application server hosting for the Strife Service and strife.app; primary database hosting for enterprise customers who opt for a dedicated self-hosted RavenDB cluster | Default for application servers; conditional (case-by-case, enterprise) for dedicated database hosting | Germany and Finland (EU/EEA) |
Anthropic PBC (Claude API) | AI model processing for Strife Intelligence features | On paid subscriptions, only when Customer has enabled Strife Intelligence (disabled by default). On trial accounts (try.strife.app), Strife Intelligence is pre-enabled and cannot currently be disabled. Anthropic does not use Customer Content to train its models. | United States, under Standard Contractual Clauses |
Bunny.net | Content delivery network (CDN) for strife.app | Default | Slovenia (EU/EEA) |
OpenPanel | Cookieless product and website analytics | Default | Germany and Finland (EU/EEA) |
7.2 Other recipients
We may disclose personal data to:
Legal and regulatory authorities where we are required to by law, court order, or lawful request.
Professional advisers such as lawyers and auditors under confidentiality obligations.
Acquirers in the event of a merger, acquisition, or sale of all or part of our business. In that case, we will take steps to ensure that the recipient continues to protect the data in accordance with this policy.
8. International transfers
We primarily process personal data within the European Union and the European Economic Area.
When a customer has enabled Strife Intelligence (disabled by default), Anthropic PBC processes Customer Content in the United States. This transfer is governed by the European Commission's Standard Contractual Clauses and additional safeguards required following the Schrems II judgment.
You can request a copy of the safeguards applied to international transfers by contacting privacy@strife.app.
9. Cookies and tracking technologies
strife.app does not use cookies for analytics, marketing, or tracking. We do not operate a cookie consent banner because we do not set cookies that would require consent.
The only cookies on strife.app are strictly necessary session cookies used for authentication and session management. These are exempt from consent requirements under Article 5(3) of the ePrivacy Directive.
Our analytics provider does not set cookies or other client-side identifiers on visitor browsers.
10. Your rights
You have the following rights under the GDPR:
10.1 Right of access
You have the right to know whether we process personal data about you and, if we do, to receive a copy of that data and information about how we process it.
10.2 Right to rectification
You have the right to have inaccurate personal data corrected and incomplete data completed.
10.3 Right to erasure
You have the right to have personal data deleted where it is no longer necessary for the purpose for which it was collected, where you withdraw consent and no other legal basis applies, where you object to processing based on legitimate interest and we have no overriding grounds, or in other cases specified in GDPR Article 17. Some data may need to be retained to comply with legal obligations (such as accounting law).
10.4 Right to restriction of processing
You have the right to request that we temporarily restrict processing, for example while we verify the accuracy of personal data or your objection to processing.
10.5 Right to data portability
For personal data you have provided to us that we process automatically based on consent or a contract, you have the right to receive that data in a structured, commonly used, and machine-readable format, and to transfer it to another controller where technically feasible.
10.6 Right to object
You have the right to object to processing based on legitimate interest. If the processing is for direct marketing, we will stop processing for that purpose upon your objection. For other legitimate interest processing, we will stop unless we have compelling legitimate grounds that override your interests.
10.7 Right to withdraw consent
Where we process personal data based on your consent, you have the right to withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing before withdrawal.
10.8 How to exercise your rights
Contact privacy@strife.app to exercise any of these rights. We will respond within one month. In some cases we may need to verify your identity before providing access or taking other action.
11. The Strife Service: our role as Data Processor
When our customers upload, store, or generate personal data in the Strife Service (such as information about their end-users, employees, or contacts), Strife processes that data as a Data Processor on behalf of the customer. The customer is the Data Controller for that data.
This Privacy Policy does not govern that processing. It is governed by the Data Processing Agreement between Strife and the customer, available at https://strife.app/en/dpa.
If you are an end-user of a website, application, or service built on the Strife Service, you should contact the operator of that website, application, or service for information about how your personal data is processed.
If a customer enables Strife Intelligence (an optional set of AI-assisted features, disabled by default), Customer Content processed through those features is transmitted to Anthropic PBC via the Anthropic Claude API. Anthropic acts as a sub-processor and does not use the content to train its models. This processing is governed by the Data Processing Agreement between Strife and the customer, and by our agreement with Anthropic.
We value your privacy, and this policy (Privacy Policy) has been designed to inform you about how we legally, appropriately, and securely handle your personal data when you or the company or organization you represent request or purchase our services when you visit our website or otherwise come into contact with us. The Privacy Policy describes when, how, and why we collect, use, disclose, and store personal data and what rights you have when we process your personal data. If you have any questions or wish to exercise any rights, please do not hesitate to contact us at: privacy@strife.app
In the summary below, you can read more about our processing of your personal data based on your role when you contact us. You can then read more about how we process your personal data under the relevant heading in the privacy policy.
12. Automated decision-making and profiling
We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects individuals, as defined in Article 22 GDPR. AI-assisted features within Strife Intelligence provide suggestions and generate content; they do not make legally or otherwise significant decisions about individuals.
13. How we protect your data
We maintain appropriate technical and organisational measures to protect personal data, including:
Passwordless authentication: we use passwordless authentication methods only and do not store passwords.
Encryption of data in transit using TLS
Encryption of data at rest for sensitive data
Access controls on the principle of least privilege
Regular security reviews
Staff confidentiality obligations
Personal data breach response procedures
If a personal data breach occurs that poses a risk to the rights and freedoms of data subjects, we will notify Integritetsskyddsmyndigheten (IMY) within 72 hours and affected data subjects without undue delay, as required by GDPR Articles 33 and 34.
14. Right to complain to a supervisory authority
If you believe that our processing of your personal data does not comply with the GDPR, you have the right to lodge a complaint with a supervisory authority. In Sweden, the supervisory authority is:
Integritetsskyddsmyndigheten (IMY) Box 8114, 104 20 Stockholm, Sweden imy@imy.se +46 8 657 61 00 www.imy.se. You can file a complaint online at www.imy.se/en/individuals/forms-and-e-services/file-a-gdpr-complaint/.
15. Changes to this Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our processing or legal requirements. We will notify you of material changes by email or through a prominent notice on strife.app before the changes take effect.
The "Last updated" date at the top of this policy indicates when the policy was most recently revised.
16. Contact
For any questions about this Privacy Policy or our processing of your personal data, contact:
Strife AB Email: privacy@strife.app Address: Larmgatan 5, 392 32 Kalmar, Sweden