Privacy policy
At H-RIZON Strategy Partners AB, we value the importance of data protection and actively ensure compliance with applicable data protection legislation, including GDPR. Personal data refers to any information that relates to an identified or identifiable individual. As the Personal Data Controller, we have a responsibility to those whose personal data we process. This privacy policy explains the type of personal data we collect, the purpose of its processing, how long it is stored, and the lawful basis for processing. It also outlines your rights and how to exercise them.
Data Processing Activities
Client Interaction and Contract Management
Categories of data: Name, personal identification number (personnummer), contact information (email, phone number).
Purpose: To communicate with clients, fulfill contractual obligations, and provide our services.
Lawful basis: Contractual necessity. The processing is required to meet obligations outlined in agreements with our clients.
Storage period: Data is stored as per statutory requirements outlined in the Swedish Bookkeeping Act.
Background Checks
Categories of data: Name, personal identification number, contact information, and relevant supporting information.
Purpose: To ensure compliance and due diligence when engaging with partners, clients, and stakeholders.
Lawful basis: Legitimate interest. This processing ensures our business integrity and supports our service delivery.
Storage period: Personal data is stored only as long as required to complete background checks and fulfill related obligations.
Marketing and Outreach
Categories of data: Name, email address, title, phone number.
Purpose: To inform potential and existing clients about our services, including ESG strategy seminars, sustainable business workshops, and consulting opportunities.
Lawful basis: Legitimate interest. We have a legitimate interest in marketing our services to individuals in key positions whose roles are relevant to sustainability and business transformation.
Storage period: Data is processed until the recipient opts out using the unsubscribe function in our emails. Upon opt-out, data is deleted immediately.
Data Processing Activities
Client Interaction and Contract Management
Categories of data: Name, personal identification number (personnummer), contact information (email, phone number).
Purpose: To communicate with clients, fulfill contractual obligations, and provide our services.
Lawful basis: Contractual necessity. The processing is required to meet obligations outlined in agreements with our clients.
Storage period: Data is stored as per statutory requirements outlined in the Swedish Bookkeeping Act.
Training and Seminars
Categories of data: Name, email address, title.
Purpose: To manage registrations for courses, workshops, and ESG training events.
Lawful basis: Legitimate interest. This data is required to administer and customize future offers to our clients.
Storage period: Data is stored until participants opt out or as long as it supports relevant business purposes.
Social Media
Categories of data: Photos, names.
Purpose: To share updates and events on platforms like LinkedIn, showcasing our work and engaging with stakeholders.
Lawful basis: Legitimate interest. We inform stakeholders about our activities while respecting the rights of individuals depicted in photos.
Storage period: Photos and related data are stored as long as they serve the intended purpose. Individuals may request removal at any time.
How We Share Data
H-RIZON Strategy Partners AB operates primarily within the EU/EEA. Personal data may be shared with:
IT service providers: To maintain and secure our technical systems.
Authorities: When legally required (e.g., Swedish Tax Agency).
Financial accounting services: To meet bookkeeping and compliance requirements.
We ensure all data processing agreements comply with applicable laws, ensuring the safety of your personal data.
How Long Do We Store Personal Data?
We only store personal data as long as necessary for the purposes outlined in this policy. Once the purpose is fulfilled, the data is securely deleted unless required by law to be retained.
Your Rights
As an individual, you have the following rights concerning your personal data:
The right to access: You can request a copy of the personal data we process about you.
The right to rectification: You can request corrections to inaccurate or incomplete data.
The right to erasure (“the right to be forgotten”): Under certain circumstances, you can request your data be deleted.
The right to restrict processing: You can request limitations on processing if you believe the data is inaccurate or being unlawfully processed.
The right to object: You may object to the processing of your data based on our legitimate interests.
The right to data portability: In certain cases, you can request that your data be transferred to another controller in a machine-readable format.
To exercise your rights, please contact us at alexander@h-rizon.com.
Data Security
We have implemented technical and organizational measures to protect your personal data:
Technical measures: Encrypted hard drives, firewalls, anti-malware systems, and regular backups.
Organizational measures: Password-protected systems, IT policies, and regular staff training on GDPR compliance.
Contact Us
If you have questions about how we process personal data, you can reach us at:
Email: alexander@h-rizon.com
Address: Oslo, Stockholm