bacground gradient shape
background gradient
background gradient

Privacy Policy

Privacy Policy

Last Updated: March 1st, 2026

Information We Collect

Effective date: 01.03.2026

Company: Prospexs Intelligence AB (“Prospexs”, “we”, “us”, “our”)

Registered / main establishment: Stockholm, Sweden

Contact: info@prospexs.ai

Website: www.prospexs.ai

Prospexs provides a B2B sales-matching and insight platform that helps users identify relevant companies and decision-makers, and generate insight-based content to support outreach. This Privacy Policy explains how we collect, use, share, and protect personal data, and how we comply with the EU General Data Protection Regulation (“GDPR”) and applicable Swedish data protection laws.

If you have questions about this policy or how we process personal data, contact us using the details above.

1. Definitions

  • Personal Data: Any information relating to an identified or identifiable natural person.

  • Processing: Anything done with personal data (collection, storage, use, disclosure, deletion, etc.).

  • Controller: The entity that determines the purposes and means of processing.

  • Processor: The entity that processes personal data on behalf of the Controller.

  • Customer: A company (and its authorized users) that subscribes to Prospexs.

  • Lead / Contact: A person whose business contact data may appear in Prospexs (e.g., decision-makers).

  • Publicly Available Information: Information made publicly accessible (e.g., company websites, press releases, public registers, public social profiles).

2. Who is responsible for the processing?

For personal data processed in connection with operating our platform, marketing, sales, billing, and account management, Prospexs Intelligence AB is the Controller.

For personal data that a Customer uploads to or inputs into the platform (for example, CRM exports or contact lists), the Customer is typically the Controller and Prospexs acts as a Processor. In those cases, our processing is governed by a Data Processing Agreement (DPA).


3. What personal data we collect

A) Data about website visitors

  • Device and usage data (IP address, browser type, pages visited, timestamps, referrer URL)

  • Cookie and tracking data (see Cookies section)

B) Data about Customer representatives (users, admins, buyers)

  • Name, business email, job title, company name

  • Login credentials and authentication data

  • Platform activity logs (features used, settings, actions performed)

  • Billing and transaction data (invoicing details, VAT number, payment status; we typically do not store full card details)

C) Data about Leads / Contacts (B2B prospect data)

Prospexs compiles lead insights mainly from publicly available sources, and also provides business contact data sourced from third-party data providers (see Section 6).

Typical data categories may include:

  • Name, business role/title, employer, business location (city/country)

  • Business contact details (e.g., business email, business phone) provided via third-party providers

  • Public professional information (e.g., public LinkedIn-style profile details, public biographies, press mentions)

  • Signals and insights derived from public information (e.g., inferred relevance indicators, role seniority, department, company changes when public)

Important clarification:

  • Insights and company-related analysis are primarily built from publicly sourced information.

  • Business contact data (such as emails/phone numbers) is provided by GDPR-compliant third-party data providers.

D) Support communications

  • Support tickets, chat messages, emails, call notes

  • Any attachments you provide to us

4. Where the data comes from

We source personal data from:

  1. You (when you create an account, use our platform, contact support, or visit our website)

  2. Our Customers (if they upload/import data into Prospexs)

  3. Public sources (company websites, press releases, public registers, public professional pages, public news and media)

  4. Third-party data providers (GDPR-compliant providers that supply business contact data for leads, such as business emails and phone numbers)

5. Why we process personal data and our legal bases

Under GDPR, we process personal data only when we have a lawful basis.

A) To provide and operate the platform (Contract)

  • Create and manage user accounts

  • Provide platform functionality and customer support

  • Authenticate users and prevent unauthorized access

Legal basis: Performance of a contract (GDPR Art. 6(1)(b))

B) To improve, secure, and maintain the platform (Legitimate Interests)

  • Debugging, analytics, product improvement

  • Fraud prevention, security monitoring, audit logs

  • Service reliability and performance

Legal basis: Legitimate interests (GDPR Art. 6(1)(f))

C) To communicate with you (Contract / Legitimate Interests)

  • Service messages (e.g., account, billing, security updates)

  • Respond to inquiries and support requests

Legal basis: Contract and/or Legitimate interests

D) Marketing and sales (Legitimate Interests / Consent where required)

  • B2B marketing communications (e.g., newsletters, product updates)

  • Sales outreach to business representatives

Legal basis: Legitimate interests, and consent where legally required (e.g., certain cookie categories)

You can opt out of marketing at any time (see Rights section).

E) Billing and compliance (Legal obligation)

  • Invoices, bookkeeping, tax compliance

  • Responding to lawful requests from authorities

Legal basis: Legal obligation (GDPR Art. 6(1)(c))

F) Lead / prospect data in the platform (Legitimate Interests)

Prospexs provides B2B lead intelligence and matching. We process lead data to help Customers identify relevant prospects and create insight-based outreach.

Legal basis: Legitimate interests (GDPR Art. 6(1)(f)), balanced against data subject rights and expectations in a B2B context.

6. Third-party data providers and contact data

Prospexs works with third-party GDPR-compliant data providers to obtain and provide business contact data for leads (e.g., business email addresses and business phone numbers).

We require our providers to:

  • Represent that their collection and sharing of business contact data is GDPR-compliant

  • Maintain appropriate safeguards and documentation

  • Provide mechanisms to handle data subject rights requests, where applicable

  • Enter into appropriate contractual arrangements (e.g., controller/processor terms as relevant)

Summary:

  • Public information is used to compile company and role insights.

  • Contact details for leads are provided via third-party GDPR-compliant providers.

7. Use of LLMs and AI systems

Prospexs uses a variety of Large Language Models (“LLMs”) and related AI services to support features such as summarization, insight extraction, and drafting text (e.g., suggested outreach messages).

We may use:

  • Our own processing pipelines

  • Third-party LLM providers (which may change over time)

We implement controls designed to keep processing GDPR-compliant, such as:

  • Using LLMs as service providers under contractual safeguards where applicable

  • Data minimization (sending only what is needed for the requested function)

  • Security measures (encryption in transit, access controls)

  • Configurable product settings and internal governance around what data is processed

No method is perfect: AI-generated outputs can be inaccurate. Customers remain responsible for verifying outputs before use, especially for compliance-sensitive communications.

8. Cookies and similar technologies

We use cookies and similar technologies for:

  • Essential website functionality (e.g., security, session management)

  • Analytics to improve site performance

  • Marketing cookies (only where applicable and permitted)

Where required by law, we ask for consent before setting non-essential cookies. You can also control cookies via your browser settings.

9. Who we share personal data with

We may share personal data with:

A) Service providers (processors)

  • Hosting and cloud infrastructure

  • Analytics and monitoring

  • Customer support tools

  • Billing and invoicing providers

  • Security and fraud-prevention services

  • LLM/AI providers supporting platform features

  • Third-party prospect/contact data providers

B) Business transfers

If we are involved in a merger, acquisition, financing, or sale of assets, personal data may be shared as part of that transaction (subject to appropriate safeguards).

C) Legal requirements

We may disclose data if required by law, court order, or to protect rights, safety, and security.

We do not sell personal data in the consumer-adtech sense. We provide a B2B intelligence service to Customers.

10. International data transfers

Prospexs is based in Sweden, but some service providers may process data outside the EU/EEA. Where data is transferred outside the EU/EEA, we use appropriate safeguards such as:

  • EU Standard Contractual Clauses (SCCs)

  • Additional technical/organizational measures where needed

  • Adequacy decisions where applicable

11. Data retention

We keep personal data only as long as necessary for the purposes described, including:

  • As long as a Customer account is active (plus a limited period for backups, audits, and dispute handling)

  • As required by law (e.g., bookkeeping retention obligations)

  • As needed to protect security and prevent fraud

Retention periods can vary depending on data type. You may request deletion as described below.

12. Security

We use appropriate technical and organizational measures to protect personal data, such as:


  • Access controls and least-privilege principles

  • Encryption in transit (and where appropriate at rest)

  • Logging and monitoring

  • Vendor due diligence and contractual safeguards

  • Incident response procedures

No system is 100% secure, but we work to reduce risks and continuously improve protections.

13. Your rights under GDPR

Depending on the circumstances, you may have the right to:

  • Access your personal data

  • Rectify inaccurate or incomplete data

  • Erase your data (“right to be forgotten”), subject to legal exceptions

  • Restrict processing

  • Object to processing (especially where based on legitimate interests)

  • Data portability (where processing is based on contract or consent and carried out by automated means)

  • Withdraw consent at any time (where processing is based on consent)

How to exercise your rights

Email us at: info@prospexs.ai

If you are a Lead/Contact shown in Prospexs and wish to object, correct, or remove your data, contact us and we will handle your request in accordance with applicable law and our obligations with relevant providers/customers.

You also have the right to lodge a complaint with a supervisory authority. In Sweden, this is Integritetsskyddsmyndigheten (IMY).

14. Marketing preferences

You can opt out of marketing emails at any time by:

  • Clicking the unsubscribe link in the email, or

  • Contacting us at info@prospexs.ai

Service-related messages (e.g., security, billing, account notices) may still be sent when necessary.

15. Children

Prospexs is intended for business use and is not directed at children. We do not knowingly collect personal data from children.

16. Changes to this Privacy Policy

We may update this policy from time to time. We will post the updated version on our website and update the “Effective date.” If changes are material, we may provide additional notice.

17. Contact

Prospexs Intelligence AB

Stockholm, Sweden

Email: info@prospexs.ai

circle image
circle image

AI That Finds Your Next 100 Customers.

AI That Finds Your Next 100 Customers.

Find companies that actually need you - instantly (no credit card needed).

Find companies that actually need you - instantly (no credit card needed).

Get Started - Free

Get Started - Free

Get Started - Free

Get Started - Free

View Pricing

View Pricing

View Pricing

View Pricing