PRIVACY NOTICE

Your personal data and the protection of such data is of great importance to Norelid Advokatbyrå (henceforth also the Law Firm, we, our, us). The correct and lawful treatment of personal data in under any and all applicable legislation and regulations is at the core of our business.

In the course of our business, we sometimes receive personal data or have to actively collect such data. This Privacy Notice explains how and why Norelid Advokatbyrå collects and uses (i.e. processes) your personal data. This Privacy Notice also describes your rights and details how and in what circumstances you can exercise such rights.

Norelid Advokatbyrå AB, corporate registration number 559125-2316, having the address Nybrokajen 5, 111 48 Stockholm is the controller of the personal data processing described in this Privacy Notice.

Through all means of communication between yourself and Norelid Advokatbyrå, whether it be by mail, e-mail, telephone or in meetings in person personal data is exchanged and processed. This means that for the most part, the personal data that we process are provided us from you directly. As a general rule, we collect most of the personal data that we process directly from the individual whose personal data we process. However, during the course of our business, we sometimes receive information about individual data subjects that are involved in our engagements without the information being provided directly from them. We also supplement the personal data provided by obtaining additional information from public and private records.

 

Generally, you have no obligation to provide us with personal data. However, if we do not receive and process certain personal information, we are unable to accept engagements since we will not be able to comply with our obligations, inter alia, to perform conflict of interest and money laundering checks in accordance with the rules issued by the Swedish Bar Association and anti-money laundering legislation.

The personal data that we process can be dived into different categories. Given the nature of the Law Firm’s daily activities it is not possible to provide an exhaustive list of types of personal data that will be processed. Below are listed such categories of Personal Data that the Law Firm processes:

 

• Contact information, e.g. phone number, address, e-mail address title etc.;
• Information for certain identification, such as ID/passport copies, personal identification number etc.;
• Information from resumés and letters of application;
• Meeting notes
• References and interview notes
• Information from public records e.g. court cases and documents provided and/or registered with public authorities.

 

Considering the Law Firm’s business and the legal questions that we deal with on a day-to-day basis it is not possible to draft a complete list over the categories of personal data we process as this changes with regards to the specific assignment at hand. The list above is thus not exhaustive but aims to give an exemplifying sense of the categories of personal data that is most common in our personal data processing.

All personal data that the Law Firm processes is processed for a particular purpose. In other words, we process your personal data based on the need that we have in our business regardless of whether our contacts with you are based in a client relationship or in a commercial relationship between business partners or support services. Examples of such general needs are, inter alia, our fulfilment of contractual obligations, the administration of client engagements, the administration of the relationships we have with business partners, internal and external communication, purchases and marketing, as well as the execution of client assignments. More specifically we process personal data for the following purposes:

 

• To comply with our legal obligations, such as performing conflict of interest and anti-money laundering checks, comply with our obligation keep accounts and to comply with the requirements we are under either expressed in law or through the rules and regulations of the Swedish Bar Association;
• The handling and administration of our commercial relationships with you and/or your organization such as execute client assignments, including but not limited to, administer payments, accounting, invoicing, receive payments, administer support services etc.
• Marketing such as the drafting and sending of newsletters and updates on legal events developments, seminars and other special events,
• Keep and update contact lists and records,

All of the Law Firm’s processing of personal data is lawful and based in the following legal grounds:

 

• Fulfillment of a contractual obligation or the processing is a necessary step prior to entering into a contract and has been requested by the data subject.
• Complying with legal obligations.
• The data subject’s consent, when this has been especially collected.
• The legitimate interest of Norelid Advokatbyrå or a third party.

Norelid Advokatbyrå does not sell, rent, distribute or otherwise makes your personal data accessible for any third party for marketing purposes. As a general rule, Norelid does not disclose your personal data to anyone outside the Law Firm other than:

 

• When this has been agreed between us and the data subject whose personal data is subject to transfer;
• When in the course of a specific assignment is necessary to defend our clients’ rights and interests, including transfers to courts and other public authorities;
• When we contract an external service provider or business partner that processes personal data on our behalf. Such service providers or business partners has, without fail, undertaken to only process personal data according to our explicit instructions and for the above-mentioned purposes;
• When it is necessary for us to comply with a legal obligation, to comply with a decision from a public authority or to comply with rules issued by the Swedish Bar Association;
• When otherwise permitted under the law.

Norelid Advokatbyrå will process special categories of personal data and data relating to criminal conviction and offences only when doing so is necessary for the establishment, exercise or defense of legal claims.

Norelid Advokatbyrå’s offices are protected by customary access restrictions. The access of electronically stored information is protected from unauthorized access by user-ID and password protection. Data processors are obligated to take appropriate security measures and at all times at least offer the same level of protection as does Norelid Advokatbyrå.

Norelid Advokatbyrå does not save your personal data longer than necessary given the purpose of the processing unless otherwise required or permitted by law.

 

In accordance with the from time to time applicable guidelines from the Swedish Bar Association, Norelid Advokabyrå stores client-related information, and the personal data therein, for ten (10) years, after the completion of the relevant assignment.

 

Where information relates to matters where statutes of limitation are longer than ten years, Norelid Advokatbyrå will store the information and the personal data therein for the duration of the relevant statute of limitation.

 

Norelid Advokatbyrå uses professional services to destroy physical documents that ensures the integrity and confidentiality of the information contained in the documents. For handling digital information, Norelid Advokatbyrå uses professional service providers that are specialized in accommodating the needs for digital integrity, confidentiality and reliance of law firms.

Data subjects have, unless this is restricted by the duty of confidentiality set by the Swedish bar Association, the right to know what personal data we process about them. A data subject also has the right to request that we rectify or erase incomplete or inaccurate information about them. Furthermore, data subjects are entitled to object to specific processing of personal data and request that the processing of personal data be restricted. Data subjects also have the right to receive, in a machine-readable format, personal data they have provided and have the data transferred to another controller.

If you have any questions regarding this policy you are welcome to contact us at info@norelidlaw.com. If you are dissatisfied with Norelid Advokatbyrå’s processing of your personal data, you can always turn to the Swedish Data Protection Authority with any complaints you may have, more information is available at www.datainspektionen.se.

Norelid Advokatbyrå reserves the right to amend this Privacy Notice at any time. The latest updated privacy notice can always be found at our website, www.norelidlaw.com. We urge you to check our website frequently to see the current Privacy Notice that is in effect and any changes the may have been made to it.