Your personal data is important to us
Business Sweden (hereinafter referred to as “Business Sweden”, “we”, “our” and “us”) takes privacy and integrity very seriously, and we only process personal data relating to an identified or identifiable natural person in accordance with applicable data protection legislations and this privacy policy.
Purpose of this policy
The purpose of this privacy policy is to provide you with information about how we use, capture and share your personal data. This privacy policy sets the data protection and security standards within Business Sweden, applies worldwide, including all of our subsidiaries and branches, and is based on globally accepted principles on data protection.
Our employees are obliged to adhere to this privacy policy as well as observe applicable local data protection legislations.
Data controller
The Swedish Trade and Invest Council (“Business Sweden”), corporate identity no. 262000-1194, with its registered office in Stockholm, Sweden, postal address; Box 240, SE-101 24 Stockholm, Sweden, and all its affiliates and subsidiaries, privacy@business-sweden.se, is the data controller of Business Sweden’s processing of your personal data.
The legal entity within Business Sweden that provides services to you or with whom you otherwise interact is the controller for the processing of your personal data.
If you have questions about the legal entities within Business Sweden that act as controller for the processing of your personal data, please contact us at privacy@business-sweden.se,
Business Sweden is responsible to ensure that your personal data is processed in a safe manner and in accordance with applicable data protection legislation.
If you have any questions or wish to receive further information on our processing of your personal data, please contact us at privacy@business-sweden.se, or by letter to the above-mentioned postal address.
Where your personal data come from
Most personal data that we process comes directly from you. That could be data you provide to us when applying for one of our services, downloading a report from our web site, communicating with us by e-mail, signing up for one of our seminars, events or delegation trip, applying for a job or otherwise interacting with us.
We may also collect personal data about you as a result of you visiting our web site, for example, we save visitor traffic and communication data. An example of such personal data is, your IP-address, type of device, operating system and browser.
If you do not provide us with the personal data we ask for, we may not be able to provide our consultancy or other services to you. We will clearly mark when it is mandatory to provide certain personal data.
Processing reliability and security
Business Sweden only collects and processes personal data about you if it is necessary to meet legal obligations, fulfill an agreement with you, or if it is in our legitimate interest or if you have explicitly given your consent to our processing.
Business Sweden is also committed to ensuring that personal data is secure regardless whether the data is processed electronically or in paper format. To prevent unauthorized access, disclosure or destruction Business Sweden has put in place appropriate physical, electronic and managerial procedures to safeguard and secure your personal data
Our processing of your personal data
In the tables below, you will find a summary with information about the purpose for the processing of your personal data, the categories of personal data, how long we process your personal data and the legal basis on which we base the processing.
| Managing relationships and services to customers | ||
|---|---|---|
| Purpose of processing | Categories of personal data | Data Subjects |
|
Provide consultancy services, reports and other materials available for downloading or purchasing on our web site and answering questions. To establish and manage relationships with customers |
|
|
|
Legal basis:
|
||
|
Retention period: Personal data collected for the purpose of providing consultancy and other services will be stored for ten years after the assignment is fulfilled, as long as required by law or as long as we maintain a customer relation with you |
||
| Events, seminars and delegations | ||
|---|---|---|
| Purpose of processing | Categories of personal data | Data Subjects |
|
Invitations to and administration of various events, seminars and delegation trips independently or in corporation with our partners. Including activities such as handling of participant lists, communicating with the participants before, during and after the event. |
|
|
|
Legal basis: Fulfillment of an agreement with you and/or consent through an unambiguous affirmative action, for example when you sign up for an event or a delegation trip. |
||
|
Retention period: Personal data collected in connection with your attendance at a seminar, event or delegation trip hosted by us will be deleted as soon as the event has been conducted and any follow-up survey has been conducted. |
||
| Customer surveys | ||
|---|---|---|
| Purpose of processing | Categories of personal data | Data Subjects |
|
To monitor the impacts of Business Sweden’s efforts, such as satisfaction surveys and specific investigations, for example after the implementation of an event. |
|
|
|
Legal basis: Consent through an unambiguous affirmative action, for example when you choose to participate in a survey. |
||
| Retention period: 24 months from last active survey | ||
| Marketing | ||
|---|---|---|
| Purpose of processing | Categories of personal data | Data Subjects |
|
Direct marketing, follow up by e-mail, telephone or mail Marketing optimization, including, market research, analyzing and improving marketing campaigns and profiling internet users |
|
|
|
Legal basis:
|
||
|
Retention period: Personal data collected for marketing purposes and the purpose of providing you with invitations to seminars, events and delegation trips will be stored until you deregister or unsubscribe for such mailings. Personal data collected from marketing optimization will be stored as long as consent is maintained or maximum 24 months. |
||
| Communication | ||
|---|---|---|
| Purpose of processing | Categories of personal data | Data Subjects |
|
To send communication via different digital channels to registered users based on:
|
|
|
|
Legal basis:
|
||
|
Retention period: As long as consent is maintained or maximum 24 months from last web activity for registered users |
||
| Management of your user account: | ||
|---|---|---|
| Purpose of processing | Categories of personal data | Data Subjects |
|
Create and administrate your user account Send e-mails to you based on how you use our services Deliver the services you have requested |
|
|
| Legal basis: Fulfillment of an agreement with you | ||
|
Retention period: Personal Data relating to registered users will be deleted when the user account has been inactive for 24 months. |
||
| Job candidates | ||
|---|---|---|
| Purpose of processing | Categories of personal data | Data Subjects |
|
To evaluate and recruit job candidates |
|
|
|
Legal basis: Our legitimate interest of conducting an effective and fair recruitment process |
||
|
Retention period: Personal data collected in connection with a recruitment process will be stored for as long as the recruitment process is open and thereafter for as long as a job applicant not being employed may take legal actions against us in respect of the recruitment process. |
||
| Accounting | ||
|---|---|---|
| Purpose of processing | Categories of personal data | Data Subjects |
| Accounting. |
|
|
| Legal basis: To fulfill our legal obligations. | ||
| Retention period: 10 years | ||
| Supplier relationships | ||
|---|---|---|
| Purpose of processing | Categories of personal data | Data Subjects |
|
To establish and manage relationships with suppliers. |
|
|
| Legal basis: Fulfillment of an agreement with you | ||
|
Retention period: Personal data collected for the purpose to administrate our contractual relationship with our suppliers, will be stored for ten years after the contractual relation has ended unless we are required under law (book keeping or account legislation) to store the information for a longer period. |
||
| Whistleblower service | ||
|---|---|---|
| Purpose of processing | Categories of personal data | Data Subjects |
|
To manage the whistleblower service and investigate reported incidents. |
|
|
|
Legal basis: Our legal obligation to comply with the Act on the Protection of Persons Reporting Irregularities. |
||
|
Retention period: Personal data related to whistleblower reports will be retained only as long as necessary to investigate and conclude the case, and to comply with statutory obligations, however not longer than 24 months. |
||
Who we may share your personal data with
As a general rule, we do not share your personal data with third parties. However, we may share your personal data to certain trusted third parties to be able to provide our consultancy and other services, including:
- Third parties performing services on our behalf, inter alia, authorized vendors, agents and representatives;
- Suppliers to whom we outsource certain IT support services, such as IT infrastructure suppliers, document and workflow management systems and other similar systems;
- Partners, collaborators, customers and service providers involved in hosting and arranging events, seminars and delegation trips;
All transfers of personal data will be in accordance with law and will only be used for the purposes it was collected for. We ensure that your personal data is processed in a lawful and correct way where the data is transferred outside the EU/EEA-area. Where we transfer your data to countries outside the EU/EEA, we will do so on the basis of: (i) an adequacy decision by the European Commission; (ii) EU standard contract clauses; or (iii) another valid transfer mechanism under the GDPR. If you would like to receive further information about transfers to countries outside the EU/EEA, or if you would like to receive a copy of the safeguard we have used, you can contact us at privacy@business-sweden.se.
Business Sweden may place ads on its websites, on publishers' websites or within e-mail content, either directly through the publisher or via a third party. For Individuals interacting with the advertising content, ad server companies may collect information about Individuals such as domain type, IP address, clickstream data. This information is not identifiable by Individuals’ personal data other than their IP address.
Cookies and similar technologies
We use Cookies on our website and in our services to, among other things, improve your experience with us. Our Cookie Policy explains in more detail how we use Cookies and what choices you can make about our Cookies. Please see our Cookie Policy for more information.
Your rights
According to the EU:s general data protection regulation, you as an Individual have the following rights in relation to the personal data we process about you.
Access to your personal data: You have the right to access your personal data and receive information on how it is processed.
Rectification, erasure and restriction: You are entitled to rectification of the personal data you consider to be incorrect. In certain cases, you are entitled to have your personal data deleted. This does not apply if your personal data still is required, for example due to legal requirements or if the processing may be based on any other legal ground. You have the right to request that the processing of personal data is restricted to a shorter time when we investigate potential errors.
Withdraw consent: If you have consented to a certain type of processing, you have the right to withdraw your consent.
Objection to balancing of interests: When the processing is based on balancing of interests you have the right, at any time, to object to such processing.
Objection to direct marketing: You may, at any time, object to processing of your personal data for direct marketing purposes. Upon such objection, the personal data shall not be processed for such purpose anymore.
Data portability: You are entitled to data portability, which means that you may, under certain circumstances, have the right to receive such personal data that you have provided to us, for the purpose of transferring such personal data to another controller.
Complaint: You also have the right to file a complaint to your national supervisory authority (Sw. Integritetsskyddmyndigheten) if you believe that our processing of your personal data does not meet the requirements of the EU Data Protection Regulation.
Request for information and contact
If you have any questions or complaints regarding our processing of your personal data or if you wish to exercise any of your statutory rights, please contact us on privacy@business-sweden.se or
Business Sweden
Box 240
101 24 Stockholm
SWEDEN
Changes to this Privacy Policy
We may make additions and alterations to this privacy policy. We encourage you to review the content of this notice regularly.
You can always find the latest version of the Privacy Policy on our website, and we will always indicate the date of the last update at the top.