Legal

GDPR Compliance

How Euroland IR processes personal data and your rights under the General Data Protection Regulation.

Last updated: April 2025

1. Introduction

Euroland IR AB ("Euroland IR", "we", "us", "our") is committed to protecting your personal data and respecting your privacy rights under the General Data Protection Regulation (GDPR) (EU) 2016/679 and the Swedish Data Protection Act (Dataskyddslagen). This page explains how we comply with GDPR obligations and how you can exercise your rights as a data subject.

2. Data Controller

Euroland IR AB is the data controller for personal data processed in connection with our website and services. Euroland IR AB Stureplan 4C, 114 35 Stockholm, Sweden Organisation number: 556608-6768 Email: privacy@euroland.com Data Protection Officer: dpo@euroland.com

3. Legal Bases for Processing

We process personal data on the following legal bases under Article 6 GDPR:

  • Contract (Art. 6(1)(b)): processing necessary for the performance of a contract with you, such as providing our platform services.
  • Legitimate Interests (Art. 6(1)(f)): processing necessary for our legitimate interests, such as improving our services, preventing fraud, and direct marketing to existing clients.
  • Legal Obligation (Art. 6(1)(c)): processing necessary to comply with a legal obligation, such as tax and accounting requirements.
  • Consent (Art. 6(1)(a)): processing based on your freely given, specific, informed, and unambiguous consent, such as for marketing communications to prospects.

4. Categories of Personal Data

We process the following categories of personal data:

  • Identity data: name, job title, employer.
  • Contact data: email address, telephone number, postal address.
  • Account data: login credentials, platform usage history, preferences.
  • Technical data: IP address, browser type, device identifiers, cookies.
  • Communications data: emails, support tickets, and other correspondence.
  • Marketing data: communication preferences and engagement history.

5. Your Rights Under GDPR

Right of Access
You have the right to request a copy of the personal data we hold about you, along with information about how we process it.
Right to Rectification
You have the right to request that we correct any inaccurate or incomplete personal data we hold about you.
Right to Erasure
You have the right to request that we delete your personal data in certain circumstances, such as when it is no longer necessary for the purpose it was collected.
Right to Restrict Processing
You have the right to request that we restrict the processing of your personal data in certain circumstances, for example while we verify the accuracy of data you have contested.
Right to Data Portability
You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit it to another controller.
Right to Object
You have the right to object to the processing of your personal data where we rely on legitimate interests as our legal basis, or where we process your data for direct marketing purposes.
Right to Withdraw Consent
Where we process your personal data based on your consent, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing before the withdrawal.

6. Exercising Your Rights

To exercise any of your rights, please submit a request to privacy@euroland.com. We will respond within 30 days. We may need to verify your identity before processing your request. There is no charge for exercising your rights unless requests are manifestly unfounded or excessive.

7. International Transfers

Where we transfer personal data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission, or we rely on adequacy decisions where applicable.

8. Retention Periods

We retain personal data only for as long as necessary for the purposes for which it was collected, or as required by law. Client account data is retained for the duration of the contract and for 7 years thereafter for accounting purposes. Marketing data is retained until you withdraw consent or object to processing.

9. Supervisory Authority

You have the right to lodge a complaint with the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten, IMY) at imy.se, or with the supervisory authority in your country of residence, if you believe we have processed your personal data in violation of GDPR.

10. Changes to This Page

We may update this GDPR information page from time to time to reflect changes in our processing activities or legal requirements. The effective date at the top of this page indicates when it was last updated.