DER Legal’s Processing of Your Personal Data
Thank you for visiting our website.
Collection and Use of Personal Data
- DER Legal handles personal data with great care. This policy provides information on what data we collect when you use our website or our service.
- We care about your privacy and comply with applicable data protection legislation. On this page, we inform you about our processing of your personal data and about your rights according to applicable data protection legislation. The data is only processed if there is a legal basis. That is, in particular, if the processing of personal data is necessary for us to be able to fulfill our contractual obligations, i.e., when consent is mandatory by law and when this is based on legitimate and fundamental interests (for example, analysis, optimization, economic operation and IT protection according to Article 6 paragraph 1 of the GDPR – especially audience measurement, creation of profiles for advertising and marketing, as well as the collection of access data and the use of third-party services).
- The legal basis for consent can be found in Article 6, paragraph 1, and Article 7 of the General Data Protection Regulation (GDPR). Article 6, (1) b of the GDPR constitutes the basis for necessary processing of personal data for the performance of our services and contractual measures, as well as constitutes a necessary basis for the fulfillment of our legal obligations in accordance with article 6 (1) c. Article 6 (1) f of the Regulation constitutes the legal basis for personal data processing in order to protect our legitimate and fundamental interests.
Client means a natural person who uses, has used, or has expressed a wish to use our services. Personal data is information that can be linked directly or indirectly together with other data to a natural living person. Examples of personal data are name, address, telephone number, social security number, and e-mail address. Processing of personal data includes all handling of personal data, such as collection, analysis, modification, registration, and storage. Data controller is the person who, alone or together with another, determines the purpose and means of the processing of personal data, and who is responsible for ensuring that such processing follows applicable legislation.
WHAT PERSONAL DATA IS PROCESSED AND FOR WHAT PURPOSE?
We process your personal data if you
- visit our website (see above),
- as a private individual are a client or counterparty,
- are an employee of the client or the counterparty,
- in other ways are affected by our assignments,
- participate in our events, or
- are seeking employment with us.
In the case of purely informative use of our websites - i.e. if you do not submit a request, log in or enter personal data – we only process the data your browser sends to our server and that is technically necessary for the website to be displayed and to guarantee stability and security (“Visitor Data”):
b. Date and time of the visit
c. Website visit duration
d. Time difference compared to Greenwich Mean Time (GMT)
e. Content of page request (specific page)
f. Access Status/HTTP Status Code
g. Amount of data transferred for each visit
h. Website from which the access request originates
i. The websites you visit
j. Internet provider
k. Browser type
l. Server logs
m. Operating system and its interface
n. Language and browser version
- The legal basis for this processing is based on Article 6, (1) f of the GDPR, in particular our legitimate interest in offering and presenting the website for visitors.
- We create anonymous user profiles based on individual page visits in order to continuously improve the website.
We process personal data for the purposes of administering and performing our assignments, fulfilling our legal obligations, recruiting personnel, and marketing our services, in the ways described in more detail below.
We are data controllers for our processing and are responsible for complying with applicable data protection legislation.
Performance of Assignments
We process personal data that we receive within the scope of an assignment, or in connection with the preparation or administration of an assignment, for the purposes of administering and performing the assignment and fulfilling our legal obligations.
We also process personal data that we collect from private and public registers as well as from courts and authorities. This occurs, for example, when we fulfill our legal obligation to check our clients’ identity and ownership, to inform us about the case, and in some instances also the origin of client funds and other assets.
Newsletters, Customer Surveys, and Events, etc.
We may access personal data through contacts via e-mail and other communications or through your use of any of the services we provide through the website.
An example of such a service is DER Legal's newsletter where you register your e-mail address, which we store for the purpose of being able to send you the newsletters. Another such service is registration functions for DER Legal's various events, such as seminars or lectures. When registering, you need to provide your name, e-mail address, company, possible food allergy, telephone number, and your title. This information is saved in order to be able to send you invitations and follow-up e-mails regarding the various events that you have registered for. If you no longer wish to receive mailings from us, please contact us using the contact details at the bottom of this information text.
We may also use your personal data for customer surveys or other marketing activities.
Recruitment of Personnel or Hiring of a Consultant
We process personal data within the framework of personnel recruitment. The information we process is that which you provide in your application, such as CV, personal letter, grades, certificates, and references.
Processing of Personal Data Upon Other Contact
When you contact us by e-mail, telephone, or via a contact form, the data you provide (for example e-mail address, name, telephone number, or the content of the request) is processed by us to answer your questions and/or to process your inquiry. The legal basis for the above-mentioned processing is Article 6 (1) b of the GDPR.
- In addition to the above-mentioned handling of personal data, so-called cookies are stored on your computer when you visit our website. Cookies are small text files that are stored on your hard drive through your browser and then sent to us when you visit our website. These make our website more efficient and user-friendly. The legal basis is based on Article 6 (1) f of the GDPR, specifically our legitimate interest in improving the user-friendliness of our website and our online marketing services.
- You can change your browser settings to disable the storage of cookies. However, blocking cookies may prevent you from using all the features on our websites.
- Our websites use temporary and permanent cookies, the function of which is explained in the next section.
- Temporary cookies are automatically deleted when the browser is closed. This includes “session cookies” which save a so-called session ID that sends various requests from the website and your browser. This way, your computer can recognize if you return to the website.
- Permanent cookies are automatically deleted after a few days or longer, depending on the type of cookies. You can delete cookies at any time by going to your browser’s security settings.
To market DER Legal’s services.
- directly addressed letters,
- setting up target groups on Facebook and Google's advertising services, as well as
- analysis of marketing.
Categories of Personal Data
- date of birth,
- e-mail address, and
- mailing address.
Visits to the Website
When a visitor enters the website, the visitor’s computer is assigned a temporary cookie to be able to identify the browser and convey user behavior and search methods. In addition to this, we use permanent cookies to improve the usability of our websites so that you can see the results of an interrupted session ten days after leaving the page.
- We use Google Analytics, a web analytics service from Google LLC, Amphitheatre Parkway, Mountain View, CA 94043, USA (”Google“). The information that cookies provide about the use of our websites is usually sent to a Google server in the USA and stored there.
- However, if IP anonymization is enabled, your IP address will be shortened by Google in advance within member states of the European Union or other contracting countries within the European Economic Area (EEA). Only in exceptional cases will the full IP address be sent to a Google server in the USA and shortened there. Our website uses active IP anonymization. Google will use this information on our behalf to evaluate the use of our websites, compile reports on activities and provide us with other services related to website and internet usage.
- The IP address that your browser transmits within the scope of Google Analytics – according to data from Google - will not be associated with other data held by Google. For more information, we refer to Google’s data protection policy. You can prevent the collection and use of data generated by the cookie and its transmission (including your IP address) to Google by downloading and installing a so-called plug-in to your browser.
Google Adwords Conversion-Tracking
- We use the online advertising tool “Google AdWords” and its conversion tracking Conversion Tracking, which is an analysis service from Google. When you click on a Google ad, a conversion tracking cookie is stored on your computer. Cookies are automatically deleted after 30 days. These cookies do not contain any personal data and cannot be used to identify you.
- If you visit specific pages on our website and the cookie has not yet expired, Google and derjuridik.se can detect that you have clicked on the ad and been redirected to that particular page. Every Google AdWords customer receives a specific cookie which prevents cookies from being tracked through AdWords customers’ websites. The information obtained by the conversion cookie is used to generate conversion statistics for AdWord customers who use conversion tracking. With a conversion tracking tag, customers can see the total number of users who clicked on their ad and were redirected to their page. However, they do not receive information that can personally identify users. Thus, there is no way for cookies to be tracked through the AdWords customers’ websites.
- Google’s data protection policy can be found here: https://policies.google.com/technologies/ads?hl=sv.
Google Dynamic Remarketing
- We use Remarketing (or ”Similar target groups”) on our websites – a service from Google.
- This feature allows us to target advertising to you as a visitor to our websites by showing you personalized, interest-based ads when you visit other websites on the Google Display network.
Facebook, Custom Audiences and Facebook-Marketing
- Due to our legitimate interest in the analysis, optimization and economic activities, and operation of our websites, in accordance with Article 6 (1) f of the GDPR, we use the so-called “Facebook Pixel” service from the social network Facebook, operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA and Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal.
- With the help of Facebook Pixel, Facebook can determine the target group for which ads (so-called “Facebook ads”) are shown. Consequently, we use Facebook Pixel to show our Facebook ads only to Facebook users who have shown interest in our websites or who have particular characteristics (e.g. interests in certain topics or products determined by the websites visited) that we send to Facebook (so-called “custom audience”). With the help of Facebook Pixel, we also want to make sure that our Facebook ads are in line with users’ potential interests and that these are notn-disruptive. With the help of Facebook Pixel, we can also track the effectiveness of Facebook ads for statistical and market research purposes by seeing if users have been redirected to our website after clicking on a Facebook ad (so-called conversion).
- Facebook Pixel is integrated with our websites and has permission to save cookies on your device. If you log in to Facebook or visit Facebook while logged in, your visit will be noted in your user profile. Your data is anonymous to us, which means that we are not able to draw conclusions about the user’s identity. However, personal data is stored and processed by Facebook so that it can be linked to the respective user profile - these are used by Facebook as well as for our own market research and advertising purposes. If we transfer personal data to Facebook for comparison purposes, these are encrypted locally in the browser and then sent to Facebook only via a secure https connection. This is done solely for the purpose of matching data encrypted by Facebook.
- You can refuse the collection of data through Facebook Pixel and the use of your data for the purpose of displaying Facebook ads. To specify the type of ads you see on Facebook, you can go to the page that Facebook has set up for this purpose and follow the instructions on how to set up user-based advertising.
We use so-called plug-ins from the social network www.facebook.com operated by Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA (”Facebook”). You can recognize these plug-ins by the Facebook logo and the “Like” button.
When you open a page on our website that contains such a plug-in, your browser establishes a direct connection to the Facebook servers. The content of the plug-in program is sent directly from Facebook to your browser and becomes embedded in the page. Thus, Facebook receives information that a user with a specific IP address, namely the IP address assigned to your internet access at the time of transmission, has visited the relevant website. If you are logged in to Facebook while visiting our website, it may associate the visit with your Facebook account even if you do not press the ”Like” button. If you use the plug-in program by clicking on the “Like” button, it is also transmitted from your browser to Facebook and stored there. If you do not want Facebook to collect personal information and transfer it to your Facebook account, you should log out of Facebook before visiting our websites.
For information on the purpose and scope of Facebook’s collection and processing of personal data, your rights in this regard, and settings available to protect your privacy, please see Facebook’s data protection policy.
We use plug-ins from the social network Google+ from Google LLC, Amphitheatre Parkway, Mountain View, CA 94043, USA (”Google“). You can recognize these plug-ins by the colored font with “Google+” and the Google+ logo on our websites.
When you open a page on our website containing such a plug-in, your browser establishes a direct connection to Google’s servers. This allows the content of the plug-in to be transmitted to the browser and displayed on our website. Thus, Google experiences that a user has visited our website together with the visitor’s IP address. If you are logged in to Google+ and do not want Google to store information about your visit, you must log out of your Google account before visiting our website.
For information about the purpose and scope of data collection and processing by Google, as well as your rights in this regard and settings available to protect your privacy, please see Google’s data protection policy.
DISCLOSURE OF YOUR PERSONAL DATA
We only forward your personal data to third parties if it is justified in accordance with Article 6, (1) b of the GDPR, or strictly necessary for us to fulfill our contract (Article 6, (1) b of the GDPR).
The personal data stored by us is deleted as soon as it is no longer necessary for the intended purpose, and the deletion does not conflict with statutory storage requirements. If the data cannot be deleted due to legitimate or legal reasons, the processing will be limited. This means that the data is blocked and inaccessible for further processing. This happens if the personal data must be retained due to commercial and/or tax reasons. Thereafter, the personal data is deleted in accordance with our data removal procedure.
DER Legal is the data controller for the processing of your personal data. You have the following rights vis-à-vis us:
- Right of access by the data subject (Article 15 of the GDPR),
- Right to erasure and rectification (Article 16 and 17 of the GDPR),
- Right to restriction of processing (Article 18 of the GDPR),
- Right to object (Article 21 of the GDPR), and
- Right to data portability (Article 20 of the GDPR).
If you believe that our processing does not transpire in accordance with data protection legislation, you also have the right to complain to the Swedish Authority for Privacy Protection, which is the supervisory authority.
- We would like to point out that you can revoke any personal data consent granted to us at any time. The same applies to consent given to marketing. The easiest way to contact us regarding withdrawal of consent is by emailing us at firstname.lastname@example.org. The respective suspension may result in our service becoming unavailable to you or only available in a limited capacity.
- To the extent that we base the processing of your personal data on our legitimate interests (Article 6, (1) f of the GDPR), you may object to the processing. When you object, we ask that you indicate why we should not process your personal data in the way we have. In the event of a reasoned objection, we will review the matter and either stop or adapt the data processing or indicate the justified reasons for continuing the processing of data.
- You have a right to receive a so-called register extract. We are open and transparent about how we process your personal data. If you want to gain deeper insight into which personal data we process about you, you may request an extract of the personal data.
- You have the right to request that our processing of your personal data be limited as much as possible. This means, for example, that we stop processing personal data for marketing purposes. If you dispute the accuracy of the personal data we process, you can request that the processing of the personal data be restricted for the time necessary for us to be able to check whether the personal data is correct or not. If we no longer need the personal data for the stated purposes, but you need it to be able to establish, assert or defend legal claims, you can request limited processing of the data with us. This means that you can, for example, request that we do not delete your information.
- You have the right to object to the processing of personal data based on a balancing of interests, such as the processing we carry out for marketing purposes. You can read more about the specific legal grounds for the processing of your personal data under the respective purposes above.
- If our right to process your personal data is based either on your consent or the fulfillment of an agreement with you, you have the right to request that the data concerning you and that you have provided to us be transferred to another data controller (so-called data portability). A prerequisite for data portability is that the transfer is technically possible and can be automated.
- In some cases you have the right to have your personal data deleted, for example, if the personal data is no longer necessary for the purposes for which it has been collected. Note that in some cases, DER Legal needs to save certain information by law and thus may not delete information. See more information under each purpose above.
- You have the right to have incorrect personal data regarding you corrected without undue delay. Depending on the purpose of the processing, you also have the right to supplement incomplete personal data.
If you would like further information on how your personal data is processed or would like to exercise any of the rights above, please contact us:
Lilla Nygatan 14
111 28 Stockholm