GDPR Compliance

Our Data Protection Policy

The purpose of processing personal data on our website is to assist our work to match our host families with suitable au pair candidates and for au pair candidates to have an interest in registering with us.

The more information we have about the host family and their criteria’s the better we can match them with the au pair candidates registered with us or at our agencies around the world.

All information presented on our web and communicated when performing the match is masked information for both the host families and au pairs.

The information recorded in our database comes to usage when issuing required Power of Attorneys, insurances and when performing the Visa Process through the Scandinavian Migrations Boards.

If you have ticked the box Newsletter we will share information relevant to the au pair program with you.


General information

Our home page and data are all WP Engine is a managed WordPress hosting platform that specializes in providing hosting services for WordPress websites. It is designed to make it easier for individuals and businesses to build, optimize, and maintain their WordPress websites. Here are some key features and information about WP Engine:

WP Engine is a fully managed hosting provider, which means that it takes care of various technical aspects of hosting your WordPress site, including server maintenance, security, updates, and backups. This allows users to focus on their content and website development without worrying about server management.

WP Engine automatically updates the WordPress core, plugins, and themes to keep your site secure and up to date. This helps in maintaining the stability and security of your website.



WP Engine takes security seriously. They provide features like daily malware scans, firewall protection, and automated SSL certificates to ensure your website is secure. They also offer tools to help you comply with GDPR and other privacy regulations.

WP Engine has data centers in various locations worldwide to ensure fast loading times for visitors from different regions in our case, in Finland.

Processing of Personal Data

Your personal information is secure with us. We process data in accordance with the requirements of the Personal Data Act. By giving your consent to the processing of personal data, you agree that SAPC may store information about your family and provide you with information about au pair candidates and the au pair program in general. You as host family decide if you wish to make your profile public on our websites. Our host family’s profiles are only shared with an au pair candidate we consider relevant to the family or with agents chosen by the au pairs. Your personal contact details, such as last names, addresses, phone numbers, email addresses, other contact addresses, are not disclosed to au pair candidates or agents until you decide to contact the au pair for an interview or enter into an agreement with the named au pair.

Our staff is committed to the proper, confidential and secure handling of all personal data.

How long time do we save your data.

The information you provided when filling in your profile is stored in our system maximum three (3) years, open for your updates or upon your request of its deletion. If you decide to delete your family profile, you will need to complete a new another one if you wish to have our assistance for a new au pair in the future.

After 3 years without active customer relationships, all your personal data will be deleted. According to the Accounting Act, certain information must be stored for 7 years. Thus, we keep payment history and financial information for 7 years, starting 1 year after the initial agreement.

Encrypted payment transactions on this website


We are currently offering the payment service Swish, which is a popular mobile payment system in Sweden that enables users to make secure, real-time money transfers and payments from their bank accounts using a mobile app.

Swish takes security seriously to protect the financial transactions and personal information of its users.  Swish is integrated with various Swedish banks, which means it leverages the security measures and infrastructure provided by these financial institutions. This integration helps ensure the security of user accounts and transactions.

Google Analytics

This website uses functions of the web analysis service Google Analytics. The provider of this service is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.


Google Analytics enables the website operator to analyze the behavior patterns of website visitors. To that end, the website operator receives a variety of user data, such as pages accessed, time spent on the page, the utilized operating system and the user’s origin. This data is assigned to the respective end device of the user. An assignment to a user-ID does not take place.


Furthermore, Google Analytics allows us to record your mouse and scroll movements and clicks, among other things. Google Analytics uses various modeling approaches to augment the collected data sets and uses machine learning technologies in data analysis.


Google Analytics uses technologies that make the recognition of the user for the purpose of analyzing the user behavior patterns (e.g., cookies or device fingerprinting). The website use information recorded by Google is, as a rule transferred to a Google server in the United States, where it is stored.

The use of these services occurs on the basis of your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TTDSG. You may revoke your consent at any time.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission.

Plug-ins and Tools


Scrive is a digital document signing and eID, Scrive employs various security measures and practices. Here are some key aspects of Scrive’s security:

Scrive uses strong encryption to protect data both in transit and at rest. This includes secure socket layer (SSL) encryption for data in transit, as well as encryption of stored documents and user data.

Scrive complies with various data protection and privacy regulations, such as GDPR (General Data Protection Regulation), to ensure that the personal data of users and signatories is handled in accordance with legal requirements.

Control: Scrive implements robust access control mechanisms to restrict access to user accounts and sensitive documents. This includes user authentication, role-based access controls, and permissions management.

Scrive’s infrastructure is hosted in data centers with strong security measures in place. They also use Amazon Web Services (AWS) for their hosting, which is known for its high-level security practices.

Scrive uses cryptographic methods to ensure the authenticity and integrity of documents. Each signed document is accompanied by a cryptographic seal, making it tamper-evident.

What rights do you have as far as your information is concerned?

SAPC complies with the requirements for information security in the Personal Data Regulations and the Privacy Policy. In line with applicable privacy laws, you have the following rights:

The right to receive information about:

  • The personal information we have registered about you.
  • The purpose of its use and who has access to this information.
  • If you notice that SAPC has recorded incorrect, outdated, or incomplete information about you, you have the right to request corrections or updates.
  • You have the right to have your data deleted. In specific circumstances, you can request the removal of your family information as soon as your au pair, placed by us, has left and financial matters related to the au pair have been settled.
  • If you wish to have your username deleted from our system, please inform us.

Communication Consent

To effectively perform our services, we require the ability to contact you via email and telephone.


The purpose of sending the newsletter is to provide information about news related to the au pair program and services from our company. Your consent is necessary for newsletter subscription. Newsletter contact information is not shared with any other operations and is deleted upon your request to stop receiving information from us.

Cookies by Shopify

Our website uses “Cookies,” which are small text files stored on your computer. We use cookies to enhance your webpage experience and gain better insight into how our customers use our websites. Cookies are employed to remember your settings, reducing the need to repeat certain steps when visiting our web pages and to provide you with relevant information. Cookies may also be used to collect statistics on webpage usage.

The Electronic Communications Act mandates that we inform our customers about the use of cookies. By using our web pages, you consent to the use of cookies as described above. If your personally identifiable information changes or you no longer desire our service, you can correct, update, amend, deactivate, or delete it by making the desired changes on your “My page.”

Service Provider

The contact person for managing GDPR on the webpage is

Operations Manager: Victoria K Dunker

Contact Information: