PRIVACY NOTICE.

We at Nordic Relocation Group AB (“NRG”) are committed to protecting your personal integrity and want you to feel safe when contacting us or using our services. With this privacy policy, we want to inform you about how we process your Personal Data and how we ensure that the Data Processing we perform is done in a responsible manner and in accordance with law, including the General Data Protection Regulation (“GDPR”). The policy also describes what rights you have and how you can exercise them.

If you have any questions about how your Personal Data is processed, you can contact us via the contact details given below.

1. What does Data Processing mean?

1.1 ‘Personal Data’ is any information that may be directly or indirectly attributed to you. For example, name, social security number, address, picture, e-mail and IP address. Even such information which cannot in itself identify you may be personal data if it can be linked to you in combination with other information.

1.2 ’Controller’ is the organisation that decides on the purposes and means of processing Personal Data, i.e. how and why Data Processing is done.

1.3 ‘Data Processing’ means all actions taken with your personal data. For example, collection, registration, storage, alteration, processing, structuring, destruction, etc.

1.4 ‘Processor’ means the organisation that processes Personal Data on behalf of the Controller,

2. Who is responsible for the Data Processing?

2.1 Nordic Relocation Group AB, org. no. 556632-5550, Brunnsgatan 21 A, 111 38 Stockholm, is the Controller for the processing of Personal Data carried out by us or on our behalf. This means that we decide on how and why your Personal Data is processed.

2.2 When NRG carries out its relocation services towards its customers and collaboration partners NRG will process personal data on behalf of its customer or collaboration partner and in those cases NRG acts as a data Processor. Accordingly, in those cases the customer or collaboration partner acts as Controller. If you are an employee of one of NRG:s customers or collaboration partners who benefit from the relocation services provided by NRG then the privacy policy provided from your employer applies instead of this privacy notice.

3. What we collect and why?

3.1 NRG mainly collects such Personal Data that is necessary to deliver our services.

3.2 Collaboration partners. We process your name, title, e-mail and contact details about your organization. Such organization may be an employer to you and a customer or supplier to us or any other organization that we collaborate with. We process this data to enable collaboration with you or your organization and to keep in touch with you or your organization.

3.3 Support. When you contact us with questions or for other support, we process your name, title, e-mail and contact details about your organization, previous messages and notes on the matter, information about the specific matter and other information that you provide us with and that may be relevant to your matter. This data is processed so that we can offer you or your organization the best possible service.

3.4 Newsletter and offers. We process your name, title, e-mail and contact details about your organization in order to send you information about news and offers that may be of interest to you or your organization.

3.5 Visitor at nrgab.com. When you visit the website att nrgab.com, we generally do not process Personal Data and we do not use cookies. However, we will process such information that you enter in the form where property owners describe the property they would like to sublet to NRG customers. We do this to enable our services.

3.6 NRG’s legal obligations. We process data about your name, contact information, information about your or your organization’s service matters in order to fulfil our legal obligations according to, among other things, the Accounting Act, the Money Laundering Act and the Swedish Income Tax Act.

4. What are the legal grounds for the Data Processing?

4.1 We always process your Personal Data in accordance with current legislation, including GDPR.

4.2 When we process your Personal Data in order to be able to provide you and your organization with our services and support, inform about news and offers, keep in touch with you or your organization or to improve and develop our services we do so with the support of a so-called legitimate interest. We have then taken into account and weighed your interest of privacy in relation to our interest and purpose in the processing of Personal Data. In all above cases, taking into account both positive and negative effects, we have concluded that our interest is justified.

4.3 If we are to process your Personal Data for any purpose other than those mentioned above, we will inform you of this.

5. How long is your Personal Data stored?

5.1 The Personal Data we collect about you will be stored for as long as necessary, i.e. until the day when you and your organization no longer is an active customer, supplier or other organization that we collaborate with.

5.2 Please note that certain Personal Data must be stored for a longer period if it is required by law. No Personal Data about you will be stored for longer than is necessary or in a manner incompatible with current legislation.

6. Is any of your Personal Data shared?

6.1 In order for us to offer you and your organization our services, it will in some cases be necessary for us to share your Personal Data with other companies. Companies that process your Personal Data on our behalf and according to our instructions are called processors. The processor will always enter into a data processing agreement with us to ensure that a high level of protection is maintained for your Personal Data.

6.2 We use processors to be able to handle your organization’s payment (payment service providers and banks), to market our services (media agencies, advertising agencies etc.) and for our IT services (operation and technical support of the website and other IT systems).

6.3 It also happens that we share your Personal Data with authorities that are independent controllers once they have taken part of your Personal Data. This means that we no longer decide how your data is processed. This is the case, for example, when we assist with services regarding immigration. In this case Personal Data is shared with the Swedish Migration Board.

6.4 We may also share Personal Data with a third party (such as the police, the tax authority or any other authority) in the case of a criminal investigation or if we are otherwise obliged to provide such information under law or a governmental decision.

7. Where in the world is the Personal Data processed?

NRG strives to only process your Personal Data within the EU/EEA. Even though our IT systems and servers are located within the EU/EEA, your information may need to be shared with a supplier or a subcontractor outside the EU/EEA, for example for support of our IT systems. If so, we will take the necessary steps to ensure that your Personal Data is processed at the same level of protection as in the EU/EEA. If you have any questions about the security measures taken or would like a copy of these, you are welcome to contact us.

8. What are your rights?

8.1 You have the right to request access to the Personal Data processed about you at any time in accordance with GDPR and applicable data protection legislation. You also have the right to have inaccurate Personal Data about you corrected, in some cases to request the deletion of your Personal Data or restriction of our processing of your Personal Data, exercise your right to data portability and object to the processing of your Personal Data for instance Data Processing that is based on legitimate interest.

8.2 If you wish to exercise any of your rights, please contact us via the contact details below.

8.3 You also have the right to submit a complaint to the supervisory authority for data protection, Datainspektionen, at any time if you believe that your Personal Data is being processed in violation of GDPR and the applicable data protection legislation.

9.  How do you contact us?

9.1 NRG´s contact information

9.1. 1 The Controller for processing your Personal Data is Nordic Relocation Group AB. If you have any questions about how we process your Personal Data, please contact our regional managers via the following contact information:

GDPR@nrgab.com

Stockholm +46 10-130 74 11

Malmo/Lund +46 10-130 74 72

Gothenburg + 46 10-130 74 50