Privacy & Cookie Policy

Last updated: 15 May 2026.

1. Data controller

The data controller for this website is the operator of accesscontroller.org. For contact details, see section 10 below.

2. What personal data we process

We aim to collect as little personal data as possible. The following data may be processed:

• Server logs: Our hosting provider (Vercel Inc.) may automatically collect technical data such as IP address, browser type (user agent), referring URL, pages visited, and timestamps. These logs are used solely for security monitoring, abuse prevention, and infrastructure maintenance.
• No account data: We do not require registration, login, or any form of account creation.
• No payment data: We do not process any financial or payment information.
• No marketing profiling: We do not build user profiles or engage in behavioural targeting.

3. Legal basis for processing

Where the GDPR applies, our legal basis for processing server log data is our legitimate interest (Article 6(1)(f) GDPR) in maintaining website security, preventing abuse, and ensuring the proper functioning of the Site. We have assessed that this interest is not overridden by your rights and freedoms given the minimal nature of the data collected and the short retention period.

4. Data retention

Server logs are retained by our hosting provider in accordance with their data retention policies (typically no longer than 30 days for access logs). We do not independently store personal data beyond what our infrastructure providers retain for operational purposes.

5. Cookies and similar technologies

Strictly necessary cookies: We may use cookies that are essential for the Site to function (e.g., security or load-balancing cookies set by our hosting infrastructure). These do not require consent under the ePrivacy Directive as they are strictly necessary for the service you have requested.

No analytics or marketing cookies: As of the date of this policy, we do not use analytics cookies, advertising cookies, social media tracking pixels, or any other non-essential cookies or similar technologies.

Future changes: If we introduce non-essential cookies in the future, we will update this policy and implement a consent mechanism (cookie banner) before any such cookies are set, in compliance with applicable law.

6. Third-party links

When you follow a link from this Site to a third-party website, that site's own privacy policy applies. We have no control over what data third parties collect. We recommend you review the privacy policy of each site you visit.

7. Data transfers

Our hosting provider (Vercel) may process data in the United States or other countries outside the EEA. Such transfers are covered by appropriate safeguards (e.g., Standard Contractual Clauses or the EU-US Data Privacy Framework, as applicable).

8. Your rights

Where the GDPR or equivalent data protection legislation applies, you have the right to:

• Access the personal data we hold about you;
• Rectification of inaccurate data;
• Erasure ("right to be forgotten") where the data is no longer necessary;
• Restriction of processing in certain circumstances;
• Object to processing based on legitimate interest;
• Data portability where applicable;
• Lodge a complaint with a supervisory authority (in Sweden: Integritetsskyddsmyndigheten, IMY).

9. Security

We use industry-standard technical measures (HTTPS/TLS encryption, access controls) to protect data in transit and at rest. However, no method of electronic transmission or storage is 100% secure.

10. Contact

For privacy-related inquiries or to exercise your rights, contact the Site operator via the official contact channel published for accesscontroller.org.

11. Changes to this policy

We may update this policy at any time. The "Last updated" date at the top reflects the most recent revision. We encourage you to review this page periodically.