Privacy policy | Popzine

1. Introduction

This privacy policy describes how Popzine (“we”, “us”) processes personal data when you visit popzine.se and use our services (for example reading articles, creating an account, posting comments, or subscribing to a newsletter).

The controller of personal data is Popzine. Contact details: info@popzine.se, phone +46 8 123 456 78, address Musikvägen 1, 123 45 Stockholm, Sweden. For privacy-related questions, please contact us at the same email address.

2. What data do we collect?

Depending on how you use the website, we may process the following categories of data:

Account and sign-in data: if you create an account or sign in (e.g. with email and password or Google sign-in), we process data required for authentication and account management, such as email address, display name, and technical identifiers linked to your account.

Comments: if you comment on content, we may process your name or pseudonym, comment text, timestamp, email address if you provide it, and technical information needed to display and moderate comments.

Newsletter and contact: if you subscribe to a newsletter or contact us via a form, we process the information you provide (e.g. name, email address, message).

Technical and usage data: we collect information about how the site is used, such as page views, approximate geographic location (where applicable at an aggregated level), device type, browser, and time of visit. This includes data processed through Firebase Analytics and related tools.

Security and abuse prevention: we may use Google reCAPTCHA Enterprise and Firebase App Check to protect the service against automated abuse. Technical data may be transferred to Google in accordance with their terms.

3. Cookies and similar technologies

We use cookies and similar technologies so the site works and to remember your settings. For analytics through Google (Firebase Analytics) we ask for your consent where required by law. You can change your choice at any time via cookie settings in the footer.

We also count page views in our own server-side statistics (to understand traffic and improve the site). That measurement is separate from Firebase Analytics and is not controlled by the same consent toggle for Google analytics; a technical identifier may be stored locally in your browser to avoid double counting.

If you accept analytics cookies, we store your consent in your browser’s local storage so we do not need to ask again on every visit. If you choose necessary only or decline analytics cookies, we do not store consent locally, and you may see the prompt again on a later visit.

You can configure your browser to block or delete cookies and some storage. Note that some features may work less well if you do.

4. Why we process data (purposes and legal bases)

We process personal data in order to:

Provide and improve the service (e.g. display content, manage accounts, comments, and search) – legitimate interests and, where required, performance of a contract with you.

Analyse usage and traffic to understand how the site is used and to develop it – legitimate interests; where the law requires consent for certain cookies or similar technologies, we rely on your consent.

Ensure security, prevent fraud and abuse – legitimate interests and sometimes legal obligation.

Send newsletters if you have explicitly subscribed – consent or legitimate interests as permitted by applicable marketing law.

Comply with legal obligations, e.g. accounting or authority requirements – legal obligation.

5. Sharing and processors

We use suppliers who process data on our behalf (“processors”). We primarily use Google Firebase (including authentication, Firestore database, cloud functions in the europe-west1 region, and Firebase Analytics for measurement). Firebase is provided by Google LLC / Google Ireland Limited depending on service and configuration.

When you sign in with Google, Google’s privacy policy for that service also applies.

We do not sell your personal data to third parties for their own marketing purposes beyond what follows from this policy and applicable law.

6. Transfers outside the EU/EEA

Some providers may process data in countries outside the EU/EEA. Where this occurs, we ensure appropriate safeguards where required, such as standard contractual clauses approved by the European Commission or other lawful mechanisms under the GDPR.

7. Retention

We keep personal data for as long as necessary for the purposes above or as required by law. Account data is kept until you delete your account or we discontinue the service, unless longer retention is required for e.g. accounting or claims. Comments and logs may be retained to enable moderation and security. Analytics data may be aggregated and anonymised for statistics.

8. Your rights

Under the GDPR you have the right to access, rectification, erasure, restriction of processing, objection to certain processing based on legitimate interests, and data portability where applicable.

Where processing is based on consent, you may withdraw consent at any time (without affecting the lawfulness of processing before withdrawal).

You also have the right to lodge a complaint with the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten, IMY), www.imy.se, if you believe we process your personal data unlawfully.

9. Children

The website is not directed at children under 13. We do not knowingly collect personal data from children without parental consent where required by law.

10. Changes

We may update this privacy policy when needed, for example due to new features or legal requirements. The latest version will always be published on this page with the date of the last update.

Last updated: 28 March 2026.