Kontor med man

This is how we process your personal data

The General Data Protection Regulation (GDPR) is intended to prevent your personal integrity from being violated by the processing of personal data. Your personal data may only be processed if you have consented to it or if it is supported by the General Data Protection Regulation or other law.

Business Region Göteborg (BRG)  is responsible for all processing of personal data that takes place within BRG's operations, like the website for Invest in Gothenburg. BRG protects personal integrity and strives to protect the personal integrity of all individuals who are in contact with us in all contexts. 

BRG processes personal data in our mission to develop and create conditions for the region's business community. All processing of personal data within BRG aims to support this mission.

We have gathered information about how we use your personal data and what rights you have. You can select and view the information that interests you by clicking on the relevant heading below.

Content on this page

1. What personal data may we collect?  
2. What is the personal data used for, what is the legal basis and how long is it stored?
3. How is your data protected?
4. Your rights when your personal data is processed by us
5. How do you withdraw your consent?
6. Who do we share your personal data with?
7. About cookies

1. What personal data may we collect?

Here we describe what kind of personal data we collect or create based on what is required to carry out our assignment. In section 2, we describe what we use the personal data for.

  • Contact and identification information - name, social security number, title, gender, postal address, e-mail address, telephone number.
  • Device information – device identification, IP address (anonymized), geolocation (country).
  • Information from your contact with BRG - photographs, film and e-mail correspondence.
  • Health data – food allergies and dietary preferences.

2. What is the personal data used for, what is the legal basis and how long is it stored?

Here we describe what your personal data is used for, what it is and where we obtained it from. We also describe what gives us the right to process your personal data and how long we store it.

Advice and support

What we use the personal data for

Advice and support for those who work in a company or who are about to start a business. This includes administering our customer relationship and sending information electronically to you.

What personal data is and where we obtained it from?

From you: contact and identification information From other sources: device information

Our legal basis which gives us the right to process your personal data

The processing is necessary in order for us to be able to perform a contract with you and perform a task in the public interest (support the business community).

How long do we keep your personal data?

Your personal data is stored for as long as it is necessary for the purposes for which it is processed. We must comply with the Archives Act and other laws, which may require a longer retention period. The data is deleted, i.e. removed and destroyed, in accordance with applicable deletion rules and decisions.

Information mailings

What we use the personal data for

Information to spread knowledge about our services and knowledge of the Gothenburg region as a business destination.

What personal data is and where we obtained it from?

From other sources: Certain personal data (name, telephone number, e-mail address) of the managing director of a company through the purchase of address registers.

Our legal basis which gives us the right to process your personal data

The processing is necessary in order for us to be able to perform a task of public interest (strengthen the business community and market the Gothenburg region as a business destination).

With support in the performance of agreements when you subscribe to information mailings from us, such as newsletters.  

How long do we keep your personal data?

Your personal data is stored for as long as it is necessary for the purposes for which it is processed. We must comply with the Archives Act and other laws, which may require a longer retention period. The data is deleted, i.e. removed and destroyed, in accordance with applicable deletion rules and decisions.

If you choose to unsubscribe, the current information will be discontinued.

Administration and implementation of events

What we use the personal data for

Administration and implementation of events, seminars, trade fairs, etc.

What personal data is and where we obtained it from?

From you: contact information, information about food allergies and dietary preferences From other sources: photographs and film

Our legal basis which gives us the right to process your personal data

The processing is necessary in order for us to be able to perform a contract with you and perform a task in the public interest (strengthening the business community).

If our processing requires your consent, we will obtain your consent before the processing begins.

How long do we keep your personal data?

Your personal data is stored for as long as it is necessary for the purposes for which it is processed. We must comply with the Archives Act and other laws, which may require a longer retention period. The data is deleted, i.e. removed and destroyed, in accordance with applicable deletion rules and decisions.

If the processing is based on your consent, the processing will cease if you withdraw your consent.

3. How is your data protected?

BRG is obliged to ensure that personal data is protected by appropriate technical and organisational measures.  BRG ensures a level of security that is appropriate in relation to any risks associated with the processing of personal data.

When we share your personal data, we ensure that the recipient processes it in accordance with applicable law, e.g. by entering into a so-called data processing agreement with the recipient.

4. Your rights when your personal data is processed by us

The General Data Protection Regulation (GDPR) gives you the right to:

  • Request access to your personal data - you have the right to receive confirmation as to whether we are processing your personal data and an extract of what data is being processed.
  • Request correction or erasure or restriction of processing of your personal data. (There may be provisions stating that personal data may not be deleted or restricted, e.g. the Archives Act, in which case these provisions apply.)
  • Request data portability – you have the right to request that personal data be moved from us to another company, authority or organisation. This right is limited to information that you have provided to us yourself.
  • Object to the processing of your personal data. (In this case, BRG will not continue to process the data unless we are compelled to continue for other reasons, e.g. there are legal grounds.)
  • Complain about our processing of your personal data to the Swedish Authority for Privacy Protection

On the Swedish Authority for Privacy Protection's website, you can read about your rights when it comes to your personal data. 

5. How do you withdraw your consent?

In cases where BRG uses your personal data based on your consent, you can withdraw your consent at any time. You can do this by sending an e-mail to info@businessregion.se or contact us at 031-367 61 00

6. Who do we share your personal data with?

We may disclose your personal data to those mentioned below in order to perform our services:

  • Suppliers who provide IT services, to manage information or perform services on behalf of BRG
  • Personal data processors that BRG uses in some cases. The personal data processors engaged may only process personal data in accordance with the purposes and instructions that BRG has provided for the processing.
  • Partners to be able to carry out, for example, a project or event that you participate in.
  • Since BRG is a public organisation, this means that we are subject to the principle of public access to official documents. This means that everyone has the right to request access to all the information held by BRG. The information may include personal data. A requirement to disclose information applies provided that confidentiality does not apply under the Public Access to Information and Secrecy Act.
  • If you use social media, such as Facebook, LinkedIn or Instagram, to get in touch with us, the information and personal data will always be transferred to a third party (the company that operates the social media). The personal data is processed by the social media company in accordance with their data protection information. The legal basis for the sharing is that it takes place in order to fulfil the agreement with you. For your own sake, we recommend that you do not send sensitive information to us via social media.

7. About cookies

When you visit our websites, we may collect information and data about you by using so-called cookies. More information about how we use cookies.

Controller

Business Region Göteborg (BRG), with corporate identity number 556439-5878, is the data controller for the processing of personal data within the company. The owner is the City of Gothenburg.

Questions?

Contact regarding our processing of personal data is via info@businessregion.se or 031-367 61 00

There is also a Data Protection Officer who can be reached at: dso@intraservice.goteborg.se 

 

Last Updated: 14th February 2024