Privacy policy


Valid from 2022-01-01

  1. Introduction

We follow GDPR – The General Data Protection Regulation. It is important for us at Bohemian Royalties that you as a customer feel safe at our website, meaning that you will feel assured that your private integrity is respected and that your personal data is treated correct. Please take your time to thoroughly read through this Privacy Policy.

  • Personal data and the administering of personal data
    a) Personal data consists of all information that directly, or indirectly together with other information, can be connected to a living (physical) person. Some examples of personal data consists of:
  • Name
  • Personal ID number
  • Credit card number
  • Email-address
  • IP-address
    b) The Managing of personal data includes every action related to the use of the personal data, regardless of whether the action is performed automatically or not automatically. Some examples of actions, among others, are:
  • Registration of data
  • Use of data
  • Collection of data
  • Storage of data
  • Alteration of data
  • Deletion of data

III. The relevancy of this police

  • This Privacy Policy is primarily relevant to individuals who purchase our products online and from whom we collect and process personal data (”Data Subjects”). Some parts of this Privacy Policy may also be applicable to others depending on their relationship to us. All things considered, this policy is relevant for people who:
  • visit our website or our social media platforms
  • are considered our customers, or
  • communicate with us.
    By approving to this Privacy Policy you agree to our processing of your personal data in accordance with this Privacy Policy.
  1. Relevant areas for this policy
    This Privacy Policy controls how we can collect and process personal data in order to continue delivering and developing our Services.
  2. Data Controller
    a) General
    A Data Controller is a legal person or other entity that controls the purpose and processes for the managing of personal data. A corporation is a Data Controller in regards to the personal data it has for its own benefit in relation to its customers, employees, partners, users and others.
  3. b) Bohemian Royalties as a Data Controller
    Bohemian Royalties is owned by Crystal Mind Creation (company VAT. no. SE860529018101), who is the Data Controller and therefor responsible in accordance with relevant legislation, for the processing that occurs with your personal data, within the range of our Services.
  • Permissible to process personal data
    a) There must always be support within the GDPR, so-called legal foundation, for us to be allowed to process personal data. Such legal foundation might include:
  • Consent from the Data Subject
  • That the managing of personal data is required to fulfill the terms of an agreementwith the Data Subject, for example the use of the Service we provide.
  • Fulfilling a legal obligation, for example storing certain information due to legislation regarding certain accounting standards and practices. This might also be the circumstance when handling opt-out settings requests concerning your rights as a Data Subject in accordance with GDPR.
  • A weighing of interests when we have a legitimate interest the use of your data, for example for statistical reasons and to market our services, and to secure payment and prevent fraud.
  1. b) It may occur that the same personal data is handled both;
    – through support in terms of fulfilling an agreement, as well as
    – in terms of specific consent, or
    – in terms of the processing of that specific information is necessary to fulfill other legal obligations. This means that even though you may withdraw your consent and the treatment based on said consent terminates, that specific personal data could remain with us for different separate reasons.
  • The personal data we process
    This part of the policy describes how your personal data is used in order for us to be able to offer you high quality experiences, services and offers.
    a) When you purchase our products online
    When you purchase our products at our website we process the following personal data, which you personally provide us with:

  • Your name and contact information (phone number, email, etc)
  • Your credit card number and bank information

We handle your personal data in order to:

  • Identify you as a person
  • Charge you for the services and products that you have purchased
  • In order to discover, and prevent, fraud in conjunction with bank card payments
  • Handle and deliver what you have purchased in accordance with our terms and conditions
  • Notifying you (through email, or similar) regarding information connected to purchase
  • Market our Services and products, for example by email
  • Produce statistics regarding purchases and usage, in order to improve our Services

Legal grounds for the handling personal data:
We handle your personal data based on performance of a contract when we provide our Services; based upon a evaluating of interests when we have a legitimate interest in using your data for statistical purposes and to market our services, as well as to secure payment and prevent fraud, and based upon a legal obligation for handling opt-out settings requests concerning your rights in accordance with the GDPR.

Period of storage:
We save personal data about you for a maximum of 12 months after termination of your user account, among other objects to keep information regarding any complaints or similar situations.

  • b) Communicating with us
    There are several different ways to communicate with us, for example through social media and by emails with our customer service. When communicating with us, we process personal data which you personally provide us with, such as:
  • Name and contact information
  • Information regarding your views, questions, or other matters

We handle your personal data in order to:

  • Answer questions and handle your matters, for example addressing defects, handling complaints etc which are of value for you as a customer
  • Develop our services and the information we provide and publish on our website and other communication environments.

Legal grounds for the handling personal data:
We handle your personal data for both our, and your, legitimate interest in administering your matter (evaluating of interests).

Period of storage:
We save personal data about you for a maximum of 12 months after the matter is terminated in order to ensure traceability in your communications with us.

  1. c) When you visit and use our website
    We handle:
    data about your interaction with us, and use, our website, such as in combination with purchase of our products and information about your visits to our website, through cookies. If you want to learn more about how we use cookies, please read our Cookie Policy.

We handle your personal data in order to:

  • provide our services online
  • provide support when you face any kinds of technical difficulties
  • maintain, test and develop our services online
  • discover and prevent security attacks, such as virus attacks etc

Legal grounds for the processing:

We handle your personal data based on an evaluation of interests for our rightful interest in maintaining, testing, and improving our digital services.

Period of storage:

We save personal data for 90 days after you have used our digital channels.

VIII. For how long do we normally store personal data?

Personal data is only stored during the period for which there is a need to store the data to be able to complete the terms of the agreement. We can store your personal data longer if this is necessary from a legal point of view or to protect our legal interests, such as within the scope of legal procedures that we are a part of.

  1. Our activities to protect the personal data
    We have ensured that we have taken all required and proper technical and organizational procedures to protect your personal data against loss, mishandling or unauthorized access. We also use digital networks that are breach protected by encryption, fire walls and password protection, to technically ensure that personal data is handled in a safe and confidential manner. We will furthermore organize ongoing educational efforts regarding GDPR, both for us at Bohemian Royalties as well as the consultants that can from time to another be contracted to do some work for us, to ensure a suitable knowledge level regarding handling of personal data.
  2. When do we share personal data?
    a) We will not sell, make available or spread personal data to third parties with the exception for what is specified in this Privacy Policy. Within the range of the Services personal data may be shared to subcontractors or partners, if it is necessary for the fulfillment and performance of our Services, for example to process your payments.
    b) Additionally, we may share personal data if needed to do so by law, court order or if withholding such personal data would delay any ongoing legal investigation.
  3. Your rights
    a) We are responsible for your personal data being handled in harmony with relevant legislation.
    b) You have the right to request access to your personal data. This means that you have the right to request transcripts regarding the handling that we have maintained over your personal data. You furthermore have the right to receive a copy of the personal data that is being processed at the time. Each year you have the right to, and by written request, without any cost receive a record regarding what personal data is stored in regards to you, the purpose of the storage and handling as well as to whom the information has been made available. You moreover have, within the records, the right to be informed of the period of time in which the personal data will be stored and what principles we have used to determine that period of time.
    c) Upon customers request, or at our own initiative, we will correct, de-identify, delete or complete any data that has been found to be wrongful, incomplete or distorted.
    d) You have the right to correction of your personal data. Upon your request, we will correct the incorrect or incomplete personal data we process in favors to you.
    e) You also have the right to object to any handling of personal data that is carried out on a lawful basis of weighing of interests. If you object to such handling we will just continue the handling if there are legal reasons for the handling that outweigh your interests.
    f) You have the right to request deletion of your personal data. Therefore, you have the right to request that your personal data is removed if it is no longer necessary for the purposes for which it was collected. There may however exist legal requirements stating that we may not immediately delete personal data (for example in terms of auditing and taxation related law). We will in any such case terminate the handling being done for any other reasons than to follow to the GDPR regulation.
    g) If you do not want us to process your personal data for direct marketing, you always have the right to refuse to such handling. You can do this either by unregistering in each specific email or by sending us an email to When received, we will terminate the handling of personal data for any such marketing. Before reporting our processing of your personal data to any public authority responsible for monitoring the application of the GDPR, such as The Swedish Data Protection Authority in Sweden, which is a legal right that you have, we highly recommend that you contact us first so that we can try to resolve the matter in a more efficient and appropriate way.

XII. Cookies
We can collect information and data about you by the use of cookies when you visit our website. For more information about how we use cookies, please see our cookie policy at

XIII. Changes to this policy
We reserve the right to make adjustments to this Privacy Policy from one time to another. You will find the date for the latest adjustment of this document at the top of this Privacy Policy.

XIV. Contact
Crystal Mind Creations (VAT. no. SE860529018101) is the Data Controller for managing your personal data. If you want further information on how your personal data is handled, feel free to contact us through a written and personally signed request sent to: Crystal Mind Creations, Sollerövägen 10, 167 71 Bromma.

Please include your name, address, email, telephone number and personal ID number in the letter. Please also enclose a copy of your valid ID. Our response will be sent to your address as listed in the National Population Register.