Privacy policy
Contact details of the data controller
PO Söderberg & Partner AB (556659-9964)
Söderberg & Partners
Box 7785
103 96 Stockholm
Categories of personal data
Contact information – Information used to contact you, such as your email address and phone number.
Cookies – A small text file with information about your settings and preferences that is saved in your browser when you visit the website.
Corporate involvement – Information about your involvement in companies, e.g. board assignments, shareholding in companies and what degree of involvement you have in the company (i.e. passive or active involvement).
Identity data – Data used to identify you, such as your name and date of birth.
Our processing of personal data
Our processing of personal data depends on the relationship you have with us. You can read more about how we process your personal data by clicking on the respective heading below.
What categories of personal data are processed?
Corporate Involvement, identity data, contact information.
Is the data required or is it voluntary?
Collecting information from you is required to contact you based on your request.
From which sources do we collect your personal data?
We collect information from you or the company you represent if you have sent a request for us to contact you.
For what purposes do we process your personal data?
Booking of meetings
We process information in the form of identity data (name only), corporate involvement and your contact information for the purpose of administering contacts and questions from you.
On what legal basis do we process your personal data?
We process your personal data on your voluntary basis to manage our contacts and to discuss future potential partnerships.
Who are the recipients of your personal data?
The personal data we process about you may be required for the purpose of administering questions and contacts between you and Söderberg & Partners.
Transfer to third countries
Our processing primarily takes place in Sweden or within the EU/EEA. In certain cases, we use suppliers or subcontractors where personal data may be transferred outside the EU/EEA (so-called "third countries"), for example to the UK or the USA. This could be in special situations where crisis management and support are necessary and the necessary expert personnel are not available within the EU/EEA. In these cases, we ensure that measures are taken to meet the protection requirements of Article 46 of the GDPR, for example by ensuring that the EU-commission has recognised that the recipient country offers an adequate level of data protection or through the EU Commission's Standard Contractual Clauses (SCC), supplemented by encryption and data minimisation. You can read more about which countries have been assessed as offering an adequate level of data protection and what this means here (https://www.imy.se/verksamhet/dataskydd/det-har-galler-enligt-gdpr/overforing-till-tredje-land/adekvat-skyddsniva/). You can read more about the European Commission's SCC here (https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en).
How long do we store your personal data?
We process your personal data for as long as it is necessary with regard to the conclusion of a partnership. If the company or organisation you represent chooses to enter into a partnership with us, we save that agreement and information about the performance for the amount of time within which claims for damages arising from the agreement can be made, plus for an additional year. This means that we retain the information for five years.
Cookies
The purpose of our processing of personal data derived from cookies is to improve your user experience on our website. This is done through follow-up of web statistics to improve the website's content, appearance and functionality. The purpose is also to ensure that our website works, to analyse visitor statistics and to be able to provide relevant marketing and relevant offers to you through web advertising. In order for us to be able to target marketing and offers that are relevant to you as a visitor, we sometimes make selections based on your browsing habits and visitor statistics on our website. It may then happen that some visitors receive offers that others do not receive, based on so-called profiling.
To read more about specific cookies and their use, please see our Cookie Policy.
Transfer to third countries
Our processing primarily takes place in Sweden or within the EU/EEA. In certain cases, we use suppliers or subcontractors where personal data may be transferred outside the EU/EEA (so-called "third countries"), for example to the UK or the USA. This could be in special situations where crisis management and support are necessary and the necessary expert personnel are not available within the EU/EEA. In these cases, we ensure that measures are taken to meet the protection requirements of Article 46 of the GDPR, for example by ensuring that the EU-commission has recognised that the recipient country offers an adequate level of data protection or through the EU Commission's Standard Contractual Clauses (SCC), supplemented by encryption and data minimisation. You can read more about which countries have been assessed as offering an adequate level of data protection and what this means here (https://www.imy.se/verksamhet/dataskydd/det-har-galler-enligt-gdpr/overforing-till-tredje-land/adekvat-skyddsniva/). You can read more about the European Commission's SCC here (https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en).
How long is your personal data stored?
Please see our cookie policy for information on the storage period regarding cookie's.
In order to discuss future partnerships with the company or organisation you represent, we need to process your personal data. We do this in order to be able to take measures before entering into a parnership and simplify communication with the company or organisation you represent.
What personal data do we process?
We process information about employment information, identity data and contact information.
Is the data required or is it voluntary?
It is voluntary to provide the information we process about you.
From which sources do we obtain your personal data?
The data is collected directly from you or from the company or organisation you represent.
For what purposes do we process your personal data?
Conclusion of partnership
We process your identity data, contact information and your employment information in order to discuss future partnerships, take measures before entering into a partnership and simplify communication.
Meeting booking
We process your contact information for the purpose of administering the booking of a meeting with you as a representative at the company or organisation you represent.
On what legal basis do we process your personal data?
We process your personal data on your voluntary basis to manage our contacts and to discuss future potential partnerships.
Who are the recipients of your personal data?
PO Söderberg & Partner AB.
Transfer to third countries
Our processing takes place mainly in Sweden or within the EU /EEA. In certain cases, we use suppliers or subcontractors where personal data may be transferred outside the EU / EEA (so-called "third countries"), for example to the USA or the UK. These may be special situations where crisis management and support are necessary and the necessary expert personnel are not available within the EU/EEA. In these cases, we ensure that measures are taken to meet the protection requirements of Article 46 of the GDPR, for example by ensuring that the recipient country has an adequate level of protection or through the EU Commission's Standard Contractual Clauses (SCC), supplemented by encryption and data minimisation. You can read more about which countries have been assessed as having an adequate level of protection and what this means here (https://www.imy.se/verksamhet/dataskydd/det-har-galler-enligt-gdpr/overforing-till-tredje-land/adekvat-skyddsniva/). You can read more about the European Commission's SCC here (https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en).
How long do we store your personal data?
We process your personal data for as long as it is necessary with regard to the conclusion of a partnership. If the company or organisation you represent chooses to enter into an agreement with us, we save that agreement and information about the performance for the amount of time within which claims for damages arising from the agreement can be made, plus for an additional year. This means that we retain the information for five years.
Automated decision-making
We do not perform automated decision-making based on your personal data.
Your rights
What rights do I have and how do I use them?
If we process personal data about you, you have a number of rights under the GDPR that you can use. If you are unsure whether we process information about you, you also have the right to receive information about whether we do or not. See the list below where we describe in more detail your rights and how you should go about using them.
You have the right to receive confirmation of whether we process personal data about you and in such cases to access your personal data (also called "register extract"). You also have the right to receive a copy of your personal data being processed. You have the right to receive a register extract free of charge showing what personal data is registered about you, the purposes of the processing and the categories of personal data to which the processing relates.
If you wish to receive a register extract, you can apply for this by submitting the application form that you find here.
You have the right to request that any incorrect information about you be corrected and also demand that we limit our processing of your personal data while we investigate your request. You also have the right to request a supplement to any incomplete information we hold about you.
If you wish to have information corrected, you can request this by submitting the application form that you will find here.
Under certain conditions, you have the right to have the information we process about you deleted. You have the right to have your personal data deleted if:
- the personal data is no longer necessary for the purposes of the processing,
- you withdraw your consent on which the processing is based,
- if you have objected to the processing that is supported by a balance of interests and we are not considered to have a legitimate interest in continued processing that outweighs your interest,
- if the processing is for direct marketing purposes and you object to the processing of the data,
- the personal data has been unlawfully processed, or
- if deletion is required to comply with a legal obligation.
We are not always able to comply with a request for deletion. For example, there may be legal requirements that require us to retain the personal data or if we need the information to be able to fulfill an agreement with you.
In case you wish to have information deleted, you can request this by submitting the application form that you find here.
You have the right to request that our processing of your personal data be restricted. Restriction can occur for several reasons.
- If you dispute that the personal data we process about you is correct, you can request restricted processing while we check whether the data is correct.
- If the document is unlawful and you object to the erasure of the personal data and instead request restriction of use.
- If you have objected to processing that is based on a balance of interests that we have used as a legal basis for a certain purpose, you can request restricted personal data processing while we work to assess whether our legitimate interests outweigh your legitimate interest.
- If we as a controller no longer need the personal data for the purposes of the processing but you need it to be able to establish, exercise or defend legal claims.
If restriction occurs, we may only, in addition to storing the data, process the data for the establishment, exercise or defense of legal claims, to protect someone else's rights or because you have given your consent. If you have had the processing of your personal data restricted, we will inform you before the restriction of processing ends.
In case you wish to have information restricted, you can request this by submitting the application form that you find here.
You have the right to object at any time to our processing of your personal data based on a balance of interests as a legal basis (legitimate interest) including profiling. Continued processing of your personal data requires us to show a legitimate interest that outweighs your interest in the processing in question. Otherwise, we may only process the data for the establishment, exercise or defense of legal claims.
You also have the right to object at any time to processing carried out for direct marketing purposes, including profiling to the extent that it is related to such direct marketing. If you have objected to processing for direct marketing purposes, we may no longer process your data for such purposes.
If you wish to object to our use of your personal data, you can request this by submitting the application form that you can find here.
In some cases, you have the right to have your personal data transferred in electronic format to another data controller (so-called "data portability"). This assumes that the transfer is technically possible and can be done in an automated way. The right to data portability applies to data that you have provided to us and that we process on the basis of performance of a contract or consent as legal bases.
If you wish to have data portability of your data, you can apply for this by submitting the application form available here.
How is your data protected
We pursue a very ambitious information security programme. This means, among other things, that we have strong technical measures that protect all our information, such as firewalls and intrusion protection. In addition, we work with access control, which means that personal data is not accessible to more of our employees than is necessary for each employee to be able to perform their work. Finally, we impose at least as high security requirements on the suppliers who process personal data on our behalf.
Questions & Complaints
If you have questions or concerns regarding our personal data management that cannot be answered by this page, you are welcome to contact your advisor, our switchboard (+46(0)8-451 50 00), or email info@soderbergpartners.se.
We have appointed a Data safety representative who works to monitor compliance with the rules on the protection of personal data. Our Data Protection Officer can be reached via dataskyddsombudet@soderbergpartners.se.
If you think that we process information about you in a way that violates the Data Protection Regulation, you can primarily contact us through one of our communication channels above. If, after handling by us, you do not feel satisfied, you have the right to file a complaint with the Swedish Authority for Privacy Protection, which is responsible for the supervision of personal data processing in Sweden. The Swedish Authority for Privacy Protection can be reached via www.imy.se.