Privacy Policy

We at +1 know how important privacy is for our customers, suppliers, partners and site visitors, and our goal with this policy is to clearly and transparently describe how we collect, use, display, transfer and store your information so that you are confident that your personal information is in safe storage. +1’s processing of personal data is governed by the General Data Protection Regulation (2016/679) – more known as the “GDPR”. You can read more about how +1 complies with the GDPR and your rights as a registered person in this policy. 

We may update this policy from time to time. You can always access the latest version at our website. 

Who is the controller of personal data? 

The controller of personal data is +1 Kommunikationsbyrå AB, Grev Turegatan 18, 114 46 Stockholm Sweden (phone + 46 8 555 776 00, email info@plus1.se).

What data do we process and why? 

Personal data is any information that directly or indirectly can be linked to a living natural person. +1 processes personal data in several ways, but primarily by means of personal contact with you. Our processing in typical situations is further explained below along with the lawful basis for the processing.

General inquiries 
We process personal data from you when you contact us, for example via the reception, by email, telephone, or in other ways. First of all, we process such information needed to answer your inquiry and thereby fulfill the contract between you and +1. We may also reconnect with you after a made inquiry. Such processing is based on our legitimate interests. 

When accessing our website
When accessing our website, your IP-number may be processed. This is necessary for accessing the website and the processing is based on the lawful basis contract. If you consent to cookies (you can find more information about our use of cookies here: plus1.se/cookie-policy we collect information about your use of our website. Some of the collected information may contain personal data. We also collect information about how you navigate the website and what information you are interested in. The lawful basis for the processing is your given consent. 

Contact with our customers and business partners 
 +1 processes personal data in order to answer and manage contacts and requests from customers, applicants, suppliers, and business partners in order to deliver and follow up on the services ordered from us and to perform in accordance with the contract between +1 and you/your company. And for marketing purposes, such as sending newsletters, information about competitions and other projects at +1. Our lawful basis for processing personal data is partly to perform in accordance with contract – If you choose not to provide your personal information, we may in some cases not be able perform in accordance with our obligations to you. Certain processing also takes place in order to comply with our legal obligations, such as +1’s legal obligation pertaining to accounting. If you have no contractual relationship with +1, we may process your personal data on basis of our legitimate interests by following up with you or by taking direct marketing measures. In such cases, personal data will be processed with consideration to your interests regarding privacy and with consideration of your fundamental rights and freedoms. In this regard, we specifically acknowledge that you have the right to reject further direct marketing at your own discretion. 

Do we share your personal data? 

To the extent necessary for us to provide our services to you, we hire external suppliers, such as cloud service providers for word processing, mail, Office products, storage and system services. Moreover, personal data may be processed by our IT providers in the area of operations, support, and maintenance of our IT environment. We enter into data processing agreements with such providers in order to secure that the processing of your personal data is conducted in accordance with applicable data protection law. 

We may also share personal data with other controllers of personal data. This may be the situation when we are obligated by law to share certain 

If you visit our website and consent to cookies, personal data will be shared with the companies listed below through the analytic tools implemented on our site. 

Google Analytics

Squarespace
 

Where is the processing conducted?

Our ambition is to process all personal data within the EU/EEA. Nevertheless, some of the processing of personal data may involve transfers outside the EU/EES (so-called “third countries”). Additionally, our aim is to provide extensive information on how personal data is transferred to third countries, the risk such transfers entail, and how your rights are secured in this regard. You can read more on the subject here below and you are also welcome to get in touch with us in case of any additional questions – in particular if you wish to access the standard data protection clauses used in specific cases. 

If personal data is transferred to third countries, it is foremost done so to countries subject to adequacy decisions and within the framework of a data processing agreement in order to guarantee the level of protection of personal data. In third countries not subject to any adequacy decision, the level of protection of personal data is not equivalent to the level existing in the EU/EEA. The consequence thereof is primarily that authorities in third countries may access the personal data and the possibility to exercise your privacy rights may be limited. In order to protect the personal data, we adapt appropriate safeguards by ensuring that the transfers are governed by data protection clauses adopted by the European Commission. 

The third country where transfers primarily will take place is – as mentioned – the United States of America. This can be the case for parts of our IT services. If you, when accessing our website, have consented to cookies, transfer of personal data will take place in this regard too. All transfers of personal data to the US is subject to data protection clauses and the transfers are also subject to additional protective measures. 

For how long is the processing conducted? 

Personal data used for the purposes of performance in accordance with the contract entered into with our customers is processed, as a rule, for the duration necessary for us to administrate the contractual relationship, exercise our rights, and perform in accordance with our obligations. Personal data within accounting records must be stored for seven years pursuant to law. If you receive our newsletter, your personal data will be processed until you choose to decline further marketing or until we discover that your contact details are inactive. Other types of personal data are subject to continuous limitation with the aim to only process the amount of personal data that is necessary.

What are my rights? 

You are guaranteed certain rights under the GDPR. In the following section, you can read more about your rights and how to exercise them. The concerned rights can also be found in Articles 15-22 of the GDPR. 

Right to access
 You have the right to inquire if your personal data is being processed and, if so, to request access to your processed personal data. You have the right to receive a copy of the personal data processed. You may, free of charge, request information regarding what personal data is processed, the purposes of the processing, and the category of your personal data being processed.

Right to rectification
 You have the right to request that, if any, wrong information regarding you is rectified and you also have the right to request that we limit our processing of your personal data when we handle your request. You also have the right to request that any incomplete information regarding you is supplemented. 

Right to data portability
 You have, in certain cases, the right to have your personal data transferred in a machine-readable format to another controller of personal data (so-called “data portability”). This right only applies if the transfer is technically feasible and can be conducted using automated means. The right to data portability only applies to data that you have provided to us which we process in order to fulfill a contract with your or or due to your provided consent.

Right to object to processing
 You have the right to object to our processing of your personal data if such processing is based on our legitimate interests as a legal ground. A continued processing of your personal data in that case requires that we are able to demonstrate that we have a legitimate interest with the processing. If not, we may only process your personal data in order to ascertain, pursue, or defend a legal claim. 

Right to delimitation of processing
 You have the right to demand that the processing of your personal data is limited. If a delimitation is made, we may only, aside for storing the data, process your personal data in order to ascertain, pursue, or defend a legal claim or in order to protect a third-party’s rights. A delimitation can be made due to several reasons.

– In case you dispute that your processed personal data is correct, you may request a delimitation
 of our processing when we control whether or not your personal data is correct.
 – If you have objected to our processing of your personal data based on our legitimate interests, you may request that our processing is limited when we balance our legitimate interests at hand against your interest of having your personal data deleted.
 – If you request that we delete your processed personal data and if we cannot fulfill your request, you may request that our processing is limited instead.

Right to be forgotten
 You have the right to request that your personal data is deleted under certain circumstances (also known as the “right to be forgotten”) such as those listed below.

– You have decided to withdraw your provided consent and our processing has been based on your provided consent.
 – Your personal data has been processed by us illegally.
 – Your personal data is no longer necessary for the pursued purpose of our processing.
 – You have objected to our processing of your personal data based on our legitimate interests and our continued processing cannot be justified on the basis of our legitimate interests.

We cannot accommodate a request to be forgotten under all circumstances. For instance, there may be legal obligations that prevent us from deleting your personal data or we may need to continue to process your personal data in order to fulfill a contract with you. 

Contact and complaints 

If you have any questions or concerns regarding our processing of personal data, please contact us at info@plus1.se or by telephone + 46 8 555 776 00, or by mail to +1 Kommunikationsbyrå AB, 114 46 Stockholm.

Anyone who considers that a company violates privacy laws may contact the supervisory authority – Swedish Authority for Privacy Protection (IMY) and lodge a complaint. Contact details are the following: 

Website: https://www.imy.se/
 Phone: (+46) 8-657 61 00
 Email: imy@imy.se
 Mail: Box 8114, SE-104 20 Stockholm