Last updated: February 27, 2026
Fortic AB, org.nr 556852-0042, ("we", "us", "our") operates StudentCompetitions.com. This privacy policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services.
1. Who We Are
Fortic AB is a Swedish registered company responsible for StudentCompetitions.com. We process your personal data in compliance with the General Data Protection Regulation (GDPR) and Swedish data protection laws.
Data Controller Contact: hello@studentcompetitions.com
2. What Information We Collect
2.1 Competition Submissions
When you submit a competition as an organizer, we collect:
- Competition title, organizer name, website URL
- Public contact email address
- Internal contact email address (for our use only)
- Competition description and uploaded image
- Your IP address and browser user agent
2.2 Email Subscriptions
When you sign up to receive information about competitions, we collect:
- Email address and name (optional)
- Regions and categories of interest
- Your IP address and browser user agent
This information is synchronized with Sendy, our self-hosted email marketing platform, to deliver newsletters about competitions matching your interests.
2.3 Payment Information
When you purchase a Boost or Gate Removal, payment is processed by Stripe. We store only the Stripe session ID, payment amount, currency and status. We do not store your credit card numbers, expiration dates or CVV codes.
2.4 Cookies & Analytics
We use cookies for site functionality and, with your consent, Google Analytics 4 for understanding how visitors use our site. Analytics cookies are only set after you consent via our cookie banner. See our cookie policy for details.
2.5 Bot Protection
We use Cloudflare Turnstile to protect our forms from spam and abuse.
3. Legal Basis for Processing
Consent
- Marketing emails & newsletters
- Google Analytics cookies
Contract Performance
- Competition submissions
- Payment processing
- Transactional emails
Legitimate Interests
- Bot & spam protection
- Fraud detection
- A/B testing
4. How We Use Your Information
- Processing and publishing competition submissions
- Sending verification emails and status notifications
- Delivering marketing emails about matching competitions
- Processing payments via Stripe
- Analyzing website performance (with consent)
- Preventing fraud and unauthorized access
- Complying with legal obligations
5. Third-Party Data Processors
| Service | Location | Purpose |
|---|---|---|
| Stripe | US (EU-US DPF) | Payment processing |
| AWS SES | EU (eu-central-1) | Transactional email |
| Sendy | EU (self-hosted) | Email marketing |
| Google Analytics | US (consent only) | Website analytics |
| Cloudflare Turnstile | Global CDN | Bot protection |
6. Data Retention
| Data | Retention |
|---|---|
| Competition data | While published; anonymized within 2 years after archival |
| Email subscriber data | Until you unsubscribe |
| Payment records | 7 years (Swedish accounting law) |
| Analytics data | 14 months (Google Analytics default) |
| IP addresses & user agents | Purged after 90 days |
7. Your Rights Under GDPR
You have the right to:
Access
Request a copy of your personal data
Rectification
Correct inaccurate data
Erasure
Request deletion ("right to be forgotten")
Data portability
Receive your data in machine-readable format
Restrict processing
Limit how we use your data
Object
Object to marketing or legitimate interest processing
Withdraw consent
At any time via email or cookie settings
Lodge a complaint
With IMY (Swedish Data Protection Authority)
To exercise your rights, email hello@studentcompetitions.com. We will respond within 30 days.
8. International Data Transfers
Some service providers (Stripe, Google Analytics, Cloudflare) process data in the United States. Transfers are protected by the EU-US Data Privacy Framework or Standard Contractual Clauses.
9. Security
We implement industry-standard measures including HTTPS encryption, secure password hashing, CSRF protection, rate limiting, virus scanning, and Content Security Policy headers.
10. Children's Privacy
StudentCompetitions.com is not intended for children under 13. We do not knowingly collect data from children under this age.
11. Changes to This Policy
We may update this policy from time to time. Material changes will be reflected in the "Last updated" date above.