Privacy policy

Who controls your data?

Stockholm Business Region AB, reg. # 556491-6798, located at Fleminggatan 4, SE-102 26 Stockholm is the data controller for the processing of your personal data related to this service as described in this policy. If you have any questions related to how we process your personal data, please contact us at info.sbr@stockholm.se.

Why do we process your personal data?

To offer you this service we need to collect personal information about you. The General Data Protection Regulation (‘GDPR’) is a European privacy law that we apply in our work as it is an important regulation regarding individuals’ data privacy. We always aim to ensure that our business operations, services, contracts, and documentation comply with the GDPR.

We wish to inform you that you always have the right to access your information, we will deliver it to you as soon as possible as a ´register extract´ in an easily readable format. We may ask you for additional information to ensure that you are the one who has the right to request the data.

You also have the right to correct the incorrect or incomplete personal information; to request that our processing of your personal data be limited; to request that we delete the personal data we process about you and to object to any processing of personal data based on a balancing of interests. If you believe that we are processing your personal data incorrectly, you may file a complaint with the Swedish Authority for Privacy Protection (IMY) here.

What personal data do we process?

We collect personal and contact information through the service we provide, mainly name, e-mail address, and phone number. We also collect information about how you interact with our website, device information such as IP address, language & browser settings, time zone, operating system, platform, and screen resolution.

How do we process your data?

We process your data to:

• To provide business service and interact with our business target groups upon request.
• manage external dialogue; respond to requests, feedback and/or complaints.

Cookies

We use cookies on our website. Some are necessary for the site to function while others are used to save your selected preferences as a visitor and to obtain visitor statistics. You can control the use of the cookies you allow by changing your browser settings. For example, you can block all cookies, only accept first-party cookies, or delete cookies when you close your browser.

To manage your cookie preferences, click on the "cookie settings" link in the footer of this page. From there, you can accept or reject different types of cookies, and view information about each cookie. Remember that disabling certain cookies may affect how our website functions.

What legal grounds do we rely on?

Depending on the purpose of processing we rely on the following legal grounds:

• Balancing of interest: we at times weigh our personal interests against the individuals’ rights and freedoms.
• Contract: To fulfill contractual agreements.
• Legitimate interests: for the purposes of legitimate interests.
• Legal obligation: to fulfill our legal obligations.

Collection for marketing purposes

For marketing purposes, we may contact you. We may do so if you have registered your interest in receiving such information or if we have a legitimate interest in sending you this information. You always have the right to decline direct marketing. Contact us if you do not wish to receive information from us at info.sbr@stockholm.se.

Who do we share your information with?

Sometimes it is necessary for us to share your personal data with other organizations to provide our services. Our data processors are companies that process the information on our behalf according to our instructions. We have data processors that help us with:

• IT services (companies that handle the necessary operation, technical support, and maintenance of our IT solutions).

We also share information with organizations that are independent data controllers. These are:

• State authorities: (the police, the National Tax Board, or other authorities), if we are required by law to share the information or in cases of suspected crimes.
• Other administrations and municipal companies (in the City of Stockholm): to fulfill our establishment service obligations to a business, we may need to share your personal data with other administrations and companies concerned, for example with the City Development Department if your case regards matters related to construction or land.
• Business partners: (professional organizations or other industry actors). We aim to promote interaction both nationally and internationally, and we may therefore pass on some of your data to facilitate such collaboration.

Where do we process your personal data?

We always process your data within the EU/EEA.

How do we protect your personal data?

All the data processed by us are secured and used only for the purposes indicated in this Privacy Policy. We are concerned about the security of your information. To prevent unauthorized access, disclosure, loss, alteration, misuse, destruction to your data, to maintain data accuracy, and to ensure the appropriate use of information, we have put in place safeguards to secure the information we collect.

How long do we keep your personal data?

We never keep your personal data for longer than is necessary for their respective purposes. We never store your data for more than 1 year, after that period it is deleted. We do not keep your data for longer than is required to meet the existing statutory storage periods or is necessary for the purposes of other legitimate interests.

Deletion

Deleted immediately

Processing

• The data are no longer necessary for the purposes for which they were collected or processed.

Deletion

Deleted immediately

Processing

• You object to a balancing of interests we have made based on the legal grounds of legitimate interests and your reasons for objection outweigh our legitimate interests.

Deletion

Deleted immediately

Processing

• You object to the processing of your personal data for direct marketing purposes.

Deletion

Deleted immediately

Processing

• Personal data has been processed in an unlawful manner.

Deletion

Deleted immediately

Processing

• Personal data must be deleted in order to fulfill a legal obligation to which the Group is subject.

Deletion

Deleted immediately

Processing

• The personal data collected is about a child (under 13 years)

Deletion

Kept according to stipulations in established applicable law

Processing

• To establish, exercise, or defend legal claims

Deletion

Deleted unless we can demonstrate compelling legitimate grounds for the processing which outweigh your interests.

Processing

• Processing of personal data based on a balancing of interests

Please be aware that there may be legal obligations that prevent us from immediately deleting parts of your data. These obligations are imposed by the Public Access to Information and Secrecy Act, the Archives Act, the Administrative Procedure Act, and accounting and tax legislation, among others.

Contacts regarding data protection and subject rights

The Data Protection Authority is a regulatory government authority that is responsible for monitoring the application of privacy legislation. If you believe that our organization is processing personal data incorrectly, you may file a complaint with them here.

If you have any questions or concerns about this Privacy Policy or our privacy practices, please contact us at info.sbr@stockholm.se.

Changes to the Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We encourage you to check this page regularly for any updates. Changes to this Privacy Policy will be effective when they are posted on this page.