Privacy Policy

The General Data Protection Regulation (“GDPR”) is enforced throughout the European Union since the 25th of May 2018. It replaced the previous person Data Act. The GDPR regulates how personal data for individuals shall be managed and include stricter requirements on how corporates can process your personal data.

Your data privacy is important to us at Risk & Regulatory Advisory. We treat it with outmost discretion and in accordance with the requirements stipulated in the GDPR.

Where, and when, do we process your personal data?

We collect your personal data when you communicate with us over phone, e-mail or social media, attend one of our lectures or read one of our newsletters. Occasionally we will also collect personal data through third parties which in these cases stem from public registers.

What data do we process?

The following personal data is processed;

  • Title/function
  • Name
  • Address
  • Postal address
  • E-mail
  • Phone number
  • Lectures taken
  • Course certificates
  • Invoice information
Why do we process your personal data?

We process your personal data in order to be able to;

  • Invite you to, and manage, lectures
  • Send out booking confirmations
  • Send out invoices
  • Communicate with current or prospective clients over e-mail, phone or social media. 
  • Evaluate, amend and improve our services to you
  • Deliver meaningful marketing
Legal basis

The legal basis for our processing of your personal data is generally consent i.e. that you consent to us processing your personal data when you sign up for a lecture, newsletter or engage us for an assignment. In marketing activities, it is a matter of balancing different stakeholders’ interest. We have a legitimate interest in informing prospective clients about our services and we deem the likelihood of this resulting in a material integrity violation as minimal.

How do we protect your personal data?

We ensure the confidentiality, integrity and restricted access to the information we process with various IT-tools. We have executed the necessary mitigating actions to protect your personal data against illegal our unauthorized processing and continuously evaluate how we can improve in this regard. It is important for us at Risk & Regulatory Advisory that your personal data is safe from harm. 

How long do we store your personal data?

This depends on why we store your personal data. If it is in order to fulfill a common contractual obligation, we store personal data for as long as is needed to fulfill our obligation to you. If we store personal data in order to fulfill a legal requirement we do so for as long as is legally required.

 

If our storage of your personal data is based on our legitimate interest e.g. If you register for one of our lectures or receive our newsletters by email, we only save your personal data for as long as is necessary for the purpose.

 

In recruitment processes we only save your personal data while you are in the recruitment process. After this point we delete your personal data including cover letter and CV.

 

Your personal data will be deleted or anonymized when the purpose, obligation or regulatory requirement ceases.

What rights do you have?

The rights you have is described below.

  • You have the right to request information about what personal data we process or have access to.
  • We are required to have correct and updated personal data about you. If you believe that your personal data is incorrect, you can request that it is corrected. You also have the right to request that we limit the processing of your personal data. For example, if you contest our claim to legitimate interest.
  • You can also, under certain conditions, request that data about you is erased when it is no longer necessary for the purpose.
  • You have the right to object to the processing of personal data based on legitimate interest.
  • You also have the right to object to direct marketing.
  • When our processing of personal data is based on consent or an agreement between us, you have the right, under certain circumstances, to obtain the personal data that you have provided us: you also have the right to transfer it to another controller.

To assert any of your rights, please contact us at info@riskandregulatoryadvisory.com.

Complaints

If you find that we have processed your personal data incorrectly, you can send a complaint to the Swedish Authority for Privacy Protection (sw. “Integritetsskyddsmyndigheten”, “IMY”), which is the supervisory authority for personal data management in Sweden. 

IMY’s contact details

E-mail: imy@imy.se

 

Phone number: +46 (0) 8 657 61 00

 

Postal address: Integritetsskyddsmyndigheten, Box 8114, 104 20 Stockholm, Sweden.

 

You can find further information on how to file a complaint on IMY’s website www.imy.se.

Our contact details

At Risk & Regulatory Advisory we take data protection seriously. You can always contact us for questions about how we process your personal data. The easiest way to reach us is through e-mail, fredrik@riskandregulatoryadvisory.com, or phone +46 (0) 76 393 13 23.