Skip to content
Contact us

Privacy Policy

Privacy Policy
Kim Advisory AB – Last updated: 18 July 2025



1. Who we are

Kim Advisory AB (org.-no. 559519-8275) is a privately held investment firm headquartered at Mariehällsvägen 30 G, SE-168 65 Bromma, Sweden. We decide why and how your personal data are processed, making us the “controller” under the EU General Data Protection Regulation (GDPR) and the Swedish Data Protection Act (Dataskyddslagen).

2. The personal data we collect

When you… We collect… Typical examples
Visit our website Technical data IP address, browser type, cookie IDs
Make an enquiry Contact data Name, e-mail, phone, company
Become a client  Identification & financial data Copy of ID, KYC information, account details
Receive newsletters Preference data  Topics you read, open/click rates


We do not seek to collect special-category data (e.g. health, ethnicity) or children’s data.

3. Why we use your data (legal bases)

Purpose Legal basis
Responding to enquiries Legitimate interest – to run our business and reply to you
Client onboarding and contract management Contract – to deliver the services you request
Anti-money-laundering (AML) checks Legal obligation – to comply with Swedish and EU law
Marketing our services Consent for e-mail marketing; you may withdraw at any time
Website analytics Consent via our cookie banner


4. Sharing and international transfers
    •    Service providers (e.g. cloud hosting, CRM) under written agreements.
    •    Professional advisers (lawyers, accountants) bound by confidentiality.
    •    Authorities where required by law or court order.
If we transfer data outside the EEA, we rely on adequacy decisions or EU Standard Contractual Clauses and apply additional safeguards where needed.

5. Security

We use industry-standard technical and organisational measures such as encryption at rest and in transit, multi-factor authentication, and strict access controls. We regularly test our systems and train staff on data protection.

6. How long we keep data

We keep personal data only as long as necessary:
    •    Enquiries: up to 12 months after last contact.
    •    Client files: 7 years after the end of the client relationship (to meet accounting and AML rules).
    •    Marketing lists: until you unsubscribe or your e-mail bounces.

7. Your rights

Under GDPR you can, at no cost:
    •    Access the data we hold about you.
    •    Correct inaccurate or incomplete data.
    •    Erase data (“right to be forgotten”) where no legal ground to keep it exists.
    •    Restrict or object to processing in certain cases.
    •    Data portability – receive a copy in a structured, machine-readable format.
    •    Withdraw consent at any time (this does not affect past processing).

To exercise any right, e-mail us at stefan@kimadvisory.se. We will respond within five business days.

8. How to contact us

E-mail: stefan@kimadvisory.se

If you feel we have not handled your request properly, you may lodge a complaint with the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten, IMY).

9. Changes to this policy

We review this notice at least annually. Significant changes will be posted on our website and, where appropriate, notified to you directly.



Plain-language summary: We collect only what we need, use it lawfully, keep it safe, never sell it, and respect your rights.