PRIVACY POLICY


Last updated: 2026-07-13


1. Who we are


This Privacy Policy explains how TSOSS Service AB (“TSOSS”, “we”, “us” or “our”) collects and processes personal data when you visit our website, create an account, purchase an online course or use our learning services.


Data controller:


TSOSS Service AB

Organisation number: 559517-8517

Snapperupsgatan 3

211 35 Malmö

Sweden


Email: [email protected]

Website: https://www.tsoss.se

Course platform: https://amm-s-school.thinkific.com/


TSOSS Service AB is the data controller for the personal data described in this Privacy Policy.


2. Personal data we collect


Depending on how you use our services, we may collect:


• Your name and email address

• Account and login information

• Billing address and transaction information

• Information about the courses you purchase or enrol in

• Course progress, completion records and quiz or assignment results

• Messages, questions and customer-support communications

• Information you voluntarily provide through forms or course activities

• Technical information such as your IP address, browser, device type, login activity and platform usage

• Records of your acceptance of our Terms of Use and Privacy Policy


Payment-card details are processed by Thinkific and its payment providers. TSOSS Service AB does not normally receive or store your complete payment-card number.


Please do not submit sensitive personal data unless it is specifically requested and necessary for a course.


3. How we collect personal data


We collect personal data when you:


• Create an account

• Purchase or enrol in a course

• Use the Thinkific learning platform

• Complete lessons, quizzes, assignments or other course activities

• Contact us by email or through the platform

• Request support, a cancellation or a refund


We may also receive limited information from Thinkific and the payment providers used to process your purchase.


4. Why we process your personal data


We process personal data to:


• Create and administer your account

• Process purchases and payments

• Provide access to purchased courses

• Deliver course content and record your progress

• Communicate with you about your account, purchases and courses

• Respond to questions and provide customer support

• Process cancellations, withdrawal requests and refunds

• Protect our platform and prevent fraud or misuse

• Maintain accounting and transaction records

• Establish, exercise or defend legal claims

• Comply with legal and regulatory obligations

• Improve the operation and quality of our courses and services


We do not currently use your personal data for newsletters, behavioural advertising or advertising analytics.


5. Legal grounds for processing


We process your personal data on one or more of the following legal grounds:


• Performance of a contract: when processing is necessary to provide a course or service you purchased or requested

• Legal obligation: when we must retain or process information under accounting, tax, consumer-protection or other applicable laws

• Legitimate interests: when necessary to operate, secure and improve our services, provide support or protect our legal rights, provided that these interests do not override your rights

• Consent: where we specifically ask for your consent


Where processing is based on consent, you may withdraw your consent at any time. Withdrawal does not affect processing that occurred before consent was withdrawn.


6. Service providers and recipients


We may share personal data with service providers when necessary to operate our business, including:


• Thinkific, which hosts our course platform, user accounts and course content

• Thinkific Payments and the payment providers involved in processing transactions

• IT, hosting, security and technical-support providers

• Accountants, auditors, legal advisers and other professional advisers

• Government agencies, courts or authorities where disclosure is required by law


These organisations may process information only for the relevant service, under their own legal obligations or under contractual instructions.


We do not sell or rent personal data.


7. International transfers


Thinkific and some of its service providers may process personal data outside Sweden or the European Economic Area.


Where required by law, international transfers are protected through an adequacy decision, approved contractual safeguards or another lawful transfer mechanism.


8. Data retention


We retain personal data only for as long as necessary for the purpose for which it was collected.


In general:


• Account and course information is retained while your account remains active and for a reasonable period afterwards

• Transaction, invoice and accounting information is retained for the period required by Swedish accounting and tax law

• Customer-support communications are retained for as long as reasonably necessary to handle the matter and protect our legal rights

• Information connected with a dispute or legal claim may be retained until the matter and any applicable limitation period have ended


When information is no longer required, it will be deleted, anonymised or securely restricted.


9. Cookies and technical information


Our website and Thinkific course platform may use cookies and similar technologies that are necessary for:


• Account login and authentication

• Security and fraud prevention

• Remembering settings

• Checkout and payment functionality

• Operating and maintaining the platform


Third-party services may also set cookies in accordance with their own policies.


We do not currently use separate advertising pixels or behavioural advertising tools. You can control cookies through your browser and any cookie settings made available on the website.


10. Communications


We may send administrative and service-related messages concerning:


• Your account

• Your purchases and payments

• Course access or important course updates

• Security

• Changes to our policies

• Customer-support matters


These communications are necessary to provide the service and are not promotional marketing.


We do not currently send general marketing newsletters. If this changes, we will obtain consent where required and provide an unsubscribe option.


11. Your data-protection rights


Subject to applicable law, you may have the right to:


• Obtain information about how we process your personal data

• Request access to your personal data

• Request correction of inaccurate or incomplete information

• Request deletion of your personal data

• Request restriction of certain processing

• Object to processing based on legitimate interests

• Receive certain information in a portable format

• Withdraw consent where processing is based on consent

• Submit a complaint to a data-protection authority


These rights are not absolute. For example, we may need to retain certain transaction information to comply with accounting or legal requirements.


To exercise your rights, contact us at [email protected]. We may ask you to verify your identity.


You may also lodge a complaint with the Swedish Authority for Privacy Protection, Integritetsskyddsmyndigheten (IMY).


12. Security


We and our service providers use reasonable organisational and technical security measures intended to protect personal data against unauthorised access, alteration, disclosure, loss or destruction.


No internet-based service is completely secure, and we cannot guarantee absolute security.


13. Children


Our services are primarily intended for adults aged 18 or older.


A person under 18 may use our services only with the permission and involvement of a parent or legal guardian. The parent or guardian is responsible for the purchase and the minor’s use of the service.


If you believe that a child has provided personal data without appropriate permission, please contact us.


14. Third-party links


Our website or courses may contain links to websites or services operated by other organisations.


We are not responsible for the privacy practices of third parties. You should read their privacy notices before providing them with personal data.


15. Changes to this Privacy Policy


We may update this Privacy Policy when our services, suppliers or legal obligations change.


The latest version will be published on this page with a revised “Last updated” date. Where required, we will provide additional notice of material changes.


16. Contact us


For questions about this Privacy Policy or the processing of your personal data, contact:


TSOSS Service AB

Snapperupsgatan 3

211 35 Malmö

Sweden


Email: [email protected]