Privacy Policy

Introduction
This privacy policy contains information on how we handle your personal data.
Your privacy is important to us and we want to be open about how we handle your personal data so you feel safe when you give your data to us.

The policy may be updated. You will find the latest version at www.stua.se/integritetspolicy.

The privacy policy does not apply to personal data that you give to one of our partners (for example by clicking on a link to one of them in connection with an offer). We take no responsibility for the way your personal data is handled by our partners.

Who is responsible for your personal data?
Sörmlands turismutveckling AB, STUA (556619- 6357), is the data controller for your personal data that you give us.

If you have any questions about the way we handle your personal data, you are always welcome to contact us. You will find our contact details under point 9.

Personal data that we collect from you
We can collect different types of personal data about you in connection with you visiting our digital channels, registering for our newsletter, taking part in activities such as seminars, workshops or training, and other contact with us.

Examples of personal data that we collect about you on these occasions:
Name
Contact details such as address, email address and telephone number
User data (for example which web pages you visit/have visited and where on the webpages you click/have clicked)
IP address
Correspondence with us (for example personal data that you give us when you contact us)

Why we process your personal data 

We use your personal data for different purposes. Which personal data we use depends on the purpose.

Below is a list of the different purposes for which we use your personal data and the legal bases that support our processing.

When we use your personal data we do so, so that we can:

Our legal basis for this purpose:

A Apply for and carry out public projects.

Our legitimate interest in being able to apply for and carry out public projects.

B Meet our undertakings in agreements and carry out the services that we agreed to in our agreement.
By you giving your consent and entering an agreement with us.
C Market ourselves, for example through direct marketing via email, post or text, or through mailings of our newsletter or press releases.
We handle your data based on our legitimate interest in being able to send direct marketing about our organisation, for example about seminars, workshops and activities. If you subscribe to our newsletter as a private individual, we will handle your data based on your previous consent. You have the right at any time to revoke your consent. If you no longer want direct marketing from us, you can always unsubscribe from our mailings on the channel in question.
D Handle support matters or similar enquiries in contact with us.
Our legitimate interest in being able to help you with questions or complaints related to our services or activity.
E Carry out or handle your participation in seminars, activities or similar.
Our legitimate interest in being able to administer and follow up our seminars, events and similar, and provide information about what you need to know before and after a seminar, an event or similar. We also handle details about dietary restrictions for you.
F Update and improve technical functionality, services and products.
Our legitimate interest in being able to update the technology that allows you to visit our pages or to understand how you as a visitor experience our organisation and thereby be able to improve our activity.

How we share your personal data
We may share your details with companies or authorities that administer public projects in which you or your company takes part. We may also share your data with companies and/or authorities that help us to administer or evaluate activities, workshops or seminars. Only Sörmlands turismutveckling AB and our subcontractors’ employees who need access to your personal data for a specific task will be given access to your personal data.

If we share your personal data, it will not be used for purposes that are incompatible with the purpose for which it was collected. We will not sell your personal data to a third party.

We strive to protect your personal data and maintain suitable technical and organisational measures to prevent unsuitable or unintentional distribution, use, access, loss or change of, or damage to your personal data.

Storage
We will store your personal data as long as the data is necessary to meet the purposes for which it was collected. The data can also be saved for the time required according to the applicable law, for example seven years to meet the requirement of the Swedish Bookkeeping Act.

In other cases, we will review our personal data handling regularly. We may, among other things, delete your data if you have not been in contact with us for a long time.

Your rights
If you would like an insight into the way your personal data is handled, you have the right to request access to your data. When we receive a request for access, we may ask for further details to ensure that we give out the details to the right person.

You always have the right to have your personal data corrected.

We will always delete your details to the extent required according to the applicable law and do our best to meet your request for deletion. You also have the right to object to our handling (for example the handling based on our legitimate interests) or request to have the data you have given us transferred to another data controller (so-called data porting).

Your personal data may not be handled for direct marketing or profiling if you object to such handling. You also have the right at any time to revoke consent you have given, for example the consent that you as a private person give when you start subscribing to our newsletter.

Complaints and regulatory authority
Integritetsskyddsmyndigheten (the Swedish Data Protection Authority; before 25 May 2018 known as Datainspektionen) is the supervision authority in Sweden that monitors that personal data is processed in accordance with the General Data Protection Regulation (GDPR).

If you believe that Sörmlands turismutveckling AB is handling your personal data in contravention of the GDPR, you have the right to lodge a complaint to the Swedish Data Protection Authority.

Contact details
Telephone number: +46 (0)8-657 6100
Email: datainspektionen@datainspektionen.se

Contact us
If you have questions about the way we handle your personal data, you are welcome to contact us via email at stua@stua.se or by telephone on +46 (0)155-222770

The policy was drawn up in May 2018.