The 46elks API is bound by the EU directive 2002/58/EG (implemented by the Swedish law 2003:389 also called LEK). The rules from the Swedish telecom agency (PTS) also apply. For example the "PTS Föreskrift 2014:1” are the legal grounds for protecting personal data in the service, instead of GDPR.
In GDPR you find the exception under Chapter XI, Article 95, where it is explained that 2002/58/EG is not affected by the implementation of GDPR.
Thus we follow the same obligations as other telecom and internet operators, and thus it is not necessary for you to have a separate agreement with us to comply with GDPR, the general Terms and the LEK and PTS rules replace a separate agreement.
As a customer to 46elks you need to document this in your GDPR compliance process, 46elks should be listed as a Personal Data actor in your process. Rather than having a separate agreement with us you note that 2002/58/EG is the basis for conducting a lawful and transparent personal data handling.
For more information about how you can use us as your supplier and how we work with GDPR compliance get in touch with us at firstname.lastname@example.org.