Privacy Policy 

This privacy policy was last updated on October 1, 2023.

Morling Consulting AB, registration number 556903-7301 (“Morling Consulting”) is the data controller for the personal data processed when you are in contact with us. At Morling Consulting, we value your personal privacy, and we are committed to being transparent about the information we collect about you and why we collect it. This privacy policy outlines how we, as the data controller, collect and use your personal data. It also explains your rights and how you can exercise them.

You have the right to object to our processing of your personal data in certain respects. Please read more about this under each specific purpose.

You can always contact us at Morling Consulting if you have questions about data protection and how we handle your personal data. The easiest way to reach us is via email at privacy@morlings.se.

What is personal data, and when does Morling Consulting process personal data?

Personal data is any information relating to an identified or identifiable natural person. An identifiable natural person is someone who can be identified, directly or indirectly, such as through a name, social security number, or address. Even encrypted data and various types of electronic identities (e.g., IP addresses) constitute personal data to the extent that they can be linked to a natural person.

Processing of personal data includes everything that can be done with personal data, such as collection, recording, adaptation, and storage.

What information do we collect about you and why?

Purpose:
Providing legal services

In order to provide legal services, Morling Consulting processes personal data about individuals working in companies for which we carry out assignments, including prior to entering into such cooperation. Some processing of personal data is also necessary for Morling Consulting to provide good service and to conduct legal research. The personal data we may collect includes, for example, names, professional qualifications, personal identification number, email addresses, phone numbers, and IP addresses. In certain cases, we may need to obtain information from credit reporting agencies.

Certain personal data may also be processed due to legal obligations imposed on us by law, such as our obligations related to accounting or other obligations.

From which sources do we collect personal data?

In addition to the personal data you provide to us, it may also be obtained from third parties such as public records, social media, and credit reporting agencies.

Legal basis: Performance of a contract. To fulfil our legitimate interest in provide good service and to conduct legal research, such processing is carried out based on a balancing of interests where we assess that the processing does not significantly infringe your privacy.

Your right to object to the processing: This processing of your personal data is necessary for Morling Consulting to fulfil its service. If you wish to object to this type of processing, unfortunately, we cannot offer our service.

We value your privacy and promise not to perform the processing of your personal data carried out for our legitimate interest if you no longer wish. Please contact us at privacy@morlings.se if you wish to restrict such processing.

Retention period: We retain your personal data for as long as necessary to fulfil our contractual obligations and/or as required by law. After the relationship has ended, we keep the personal data for the duration under which a legal claim can be made based on the agreement.

When we retain your personal data for purposes other than our contractual obligations, such as our legitimate interest, we keep your personal data only for the time required for the purpose and/or as necessary to comply with our legal obligations.

Your personal data will be deleted or anonymized when the purpose or the legal obligation to store the personal data ceases.

Purpose:
Communication of offers and business activities

In order to communicate our offering and our business, Morling Consulting processes personal data about individuals working in a company with which we have, have had, or intend to initiate such communication. The personal data we may collect includes, for example, names, email addresses, phone numbers, and IP addresses.

From which sources do we collect personal data?

In addition to the personal data you provide to us, for instance through the contact form on our website www.morlings.se, it may also be obtained from third parties such as public records and social media.

Legal basis: Legitimate interest in communicate our offering and our business. This processing is carried out based on a balancing of interests where we assess that the processing does not significantly infringe your privacy.

Your right to object to the processing: We value your privacy and promise not to process your personal data for this purpose if you no longer wish us to do so. Please contact us at privacy@morlings.se and we will remove your information.

Retention period: When we retain data for our legitimate interests, we keep your data only for as long as necessary for the purpose and/or as required to comply with our legal obligations.

Your personal data will be deleted or anonymized when the purpose or the legal obligation to store the personal data ceases.

Who else may have access to your personal data?

We do not sell, trade, or otherwise transfer your personal data to third parties. However, in cases where such transfer is consistent with the purposes for which we collected the data, we may transfer your personal data to companies that are so called data processors who act on our behalf. A data processor is a company that processes personal data on behalf of the data controller.

When your personal data is shared with data processors, it is done only for purposes that are compatible with the purposes for which we collected the information. Morling Consulting ensure that all data processors provide sufficient guarantees regarding the security and confidentiality of personal data. We have written agreements with all data processors through which they guarantee the security of the personal data they process and commit to following our security requirements and instructions.

Your personal data is shared with another data controller only if we have obtained your consent to share the data. Another data controller is a company that processes personal data for its own purposes and has independent responsibility toward you for the processing of personal data they undertake.

Your personal data is shared with another data controller only when necessary for the performance of the contract, to provide good service, conduct legal research, or if we have obtained your consent to share the information. A ‘data controller,’ means another company that processes personal data for its own purposes and has independent responsibility towards you for the processing of personal data they carry out.

Your personal data may be disclosed to third parties when required by law or other statutory decisions. We may also disclose personal data to third parties such as the Police, the Tax Authority, or other law enforcement authorities during a criminal investigation or if we are obligated to provide such information under the law or a government decisions.

Where do we process your personal data?

Our goal is to process your personal data only within the EU/EEA. In some cases, Morling Consulting may need to transfer your personal data to a third country, for example, due to systems, cloud service solutions, or server locations that cannot be avoided. In cases where we need to transfer your personal data to a third country, Morling Consulting will implement appropriate safeguards to ensure that your rights and freedoms are protected and that your data is processed as securely as it is with us.

When transferring personal data to a country outside the EU/EEA, we rely either on decisions by the EU Commission that the country in question ensures an adequate level of data protection or on EU Commission’s standard contractual clauses.

Transfer of personal data may occur to data processors participating in the EU-U.S. Data Privacy Framework (DPF). It may become necessary for such a data processor to disclose personal data processed within the framework of DPF in response to lawful requests from public authorities, such as to meet national security or law enforcement requirements.

What rights do you have as a registered individual?

Right to access: You have the right to request information about the personal data we process about you. To ensure that no one else gains access to your data, you must identify yourself when requesting an extract.

Right to rectification: Morling Consulting is obliged to have correct and up-to-date personal data about you. If your personal data is incorrect, you can request correction. Depending on the purpose of the processing, you also have the right to supplement incomplete personal data.

Right to restriction: You also have the right to request that we limit the processing of your personal data, for example, during an investigation of our legitimate interest.

Right to erasure: Under certain conditions, you can request that data about you be deleted when it is no longer necessary for the purposes for which it was collected. Morling Consulting deletes data about you when it is no longer needed, but may be required to retain data about you due to other legislation to fulfil legal obligations.

Right to object: You have the right to object to the processing of data based on legitimate interest. You also have the right to object to direct marketing.

Right to data portability: If you have provided your consent or if we are processing your data based on an agreement with you, you have the right to request the transfer of the data concerning you, which you have provided to us, to another data controller (commonly referred to as data portability). Data portability is subject to the condition that the transfer is technically possible and can be automated.

To exercise any of your rights, you can contact us most easily via email at privacy@morlings.se.

Cookies

Our website www.morlings.se does not use any cookies or similar technologies.

How are your personal data protected?

Morling Consulting exclusively employs IT systems that safeguard the confidentiality, integrity, and accessibility of personal data. We have implemented technical and organizational measures to mitigate risks and ensure the protection of the personal data we process. Access to your personal data is granted only to those individuals who require it to fulfil our stated purposes.

What does it mean that the Integritetsskyddsmyndigheten (IMY) is the supervisory authority?

The Integritetsskyddsmyndigheten (IMY), also known as the Swedish Data Protection Authority, is responsible for supervising the compliance with data protection legislation. If you believe that Morling Consulting is handling personal data incorrectly, you can file a complaint with IMY.

Telephone: +46 8-657 61 00
E-mail: imy@imy.se
Postal address: Integritetsskyddsmyndigheten, Box 8114, 104 20 Stockholm.

On IMY’s website, www.imy.se, you can find additional information on how to file a complaint.

How can you reach us for questions regarding data protection?

Questions about data protection are of great importance to us. If you have questions about Morling Consulting’s handling of personal data, you can reach us most easily via email at privacy@morlings.se.