Privacy Policy

Fabola AB ("Fabola", "we", "us") is the data controller for the personal data described in this policy.

• Email: hello@fabo.la
• Website: https://fabo.la

For any question about this policy or to exercise your data protection rights, please use the contact details above.

When you submit the contact form on our website, we collect your name, email address, and the contents of your message.

• Purpose: to read your enquiry and respond to it.
• Legal basis: steps taken at your request prior to entering a contract (Article 6(1)(b) GDPR) and our legitimate interest in responding to business enquiries (Article 6(1)(f) GDPR).
• Retention: we keep the message for up to 24 months after our last substantive contact, after which it is deleted unless a contractual relationship requires longer retention.

Our hosting and content delivery provider (Cloudflare) processes standard request data such as your IP address, user agent, referrer, and the resource requested. This data is used to deliver the website, prevent abuse, and produce aggregated analytics.

• Legal basis: our legitimate interest in operating and securing the website (Article 6(1)(f) GDPR).
• Retention: standard log retention periods of our hosting provider, typically not longer than 30 days for raw logs.

The contact form is protected by Cloudflare Turnstile, a privacy-preserving challenge that helps us distinguish humans from automated submissions. Turnstile may process technical signals from your browser (such as IP address, headers, and device characteristics) to issue a one-time token. According to Cloudflare, Turnstile does not use tracking cookies and is designed to minimise data collection.

• Purpose: to prevent automated abuse of the contact form.
• Legal basis: our legitimate interest in securing the form (Article 6(1)(f) GDPR).
• More information: see Cloudflare's Privacy Policy.

The site loads typefaces from Google Fonts. When your browser requests a font, your IP address and user agent are transmitted to Google. We do not control this processing.

• Legal basis: our legitimate interest in consistent typography (Article 6(1)(f) GDPR).
• More information: see Google's Privacy Policy.

We do not sell personal data. We share it only with the processors and recipients listed below, each acting under appropriate contractual safeguards.

• Cloudflare, Inc. — website hosting, content delivery, and Turnstile bot protection.
• Google LLC — Google Fonts delivery.
• Our email provider — used to receive and respond to enquiries.
• Professional advisers and authorities — where required by law or to establish, exercise, or defend legal claims.

If you are in the EU or EEA, you have the following rights with respect to your personal data:

• Access — request a copy of the personal data we hold about you.
• Rectification — ask us to correct inaccurate or incomplete data.
• Erasure ("right to be forgotten") — ask us to delete your data, subject to legal exceptions.
• Restriction — ask us to limit how we use your data.
• Objection — object to processing based on legitimate interests.
• Data portability — receive your data in a structured, machine-readable format.
• Withdraw consent — where processing is based on consent, withdraw it at any time without affecting prior lawful processing.

To exercise any of these rights, email hello@fabo.la. We will respond within one month, as required by the GDPR.

You have the right to lodge a complaint with a supervisory authority. As Fabola AB is established in Sweden, the lead authority is the Swedish Authority for Privacy Protection (IMY):

• Integritetsskyddsmyndigheten (IMY)
• Website: www.imy.se
• Email: imy@imy.se