Privacy policy

Validity date: 1 November 2024

At Anundsjö Vildmark we respect your right to privacy. This privacy policy sets out how your personal data may be collected and otherwise processed when you use our website, www.anundsjovildmark.com.

1. Principles of data processing

We are committed to upholding the six principles of the EU General Data Protection Regulation ('GDPR'):

  1. Legality, fairness and transparency - obeying the law, processing data fairly and being open about policies and practices.

  2. Purpose limitation - only process data for the specific purpose it was collected.

  3. Data minimization - process only the data that is needed.

  4. Accuracy - ensuring that the data being processed is sufficient and accurate.

  5. Retention restriction - keep data only as long as it is needed.

  6. Privacy and confidentiality - keeping data safe.

2. contact

For the purposes of this Privacy Policy, Anundsjö Vildmark ("we", "us", "our", "Anundsjö Vildmark"), is the data controller of your personal data and any questions can be sent to info@anundsjovildmark.com.

3. collection of data

We do not collect personal data about you directly when you visit our website. However, data may be collected using cookies in your browser, including information such as your IP address, your device and browser type, and which pages you visit and for how long. Our website is provided by Squarespace, which integrates the use of cookies into its services to us. You can read Squarespace's privacy policy on their website www.squarespace.com. Read more about how we use cookies and similar technologies in our Cookie Policy.

4. Our purpose for processing your personal data

Personal data may be collected or otherwise processed for the following purposes:

  • To improve our services
    We use relevant data to improve our services. Such information may include data collected via cookies as described in our Cookie Policy.

  • Preventing fraud and IT security
    In some cases, data may be processed to ensure such things as fraud prevention and security around IT systems.

5. Our legal bases for data processing

The data we process follows legal bases under the GDPR:

  • Legal obligation
    We may need to process personal data as part of our procedures to comply with legal requirements applicable to our business.

  • Consent
    In some situations, we will request your consent to process your personal data. For example, in relation to our marketing activities.

  • Legitimate interests
    We collect and process data only for our legitimate interests when that information is necessary and it does not affect your rights or freedoms. For example, to prevent fraud and IT security.

6. data saving

We retain data only for as long as necessary for the purpose and legal basis for which it was processed.

Data processed in relation to our legal obligations are retained for as long as those obligations need to be fulfilled, which may be a number of years.

When you give consent to process certain information, we keep that information until you either withdraw your consent or the purpose for which consent is given no longer exists.

7. data sharing

We only share your data with trusted third parties that we have engaged to provide services in relation to our business activities. Generally, the third parties we engage will only collect, use and share your information to the extent necessary to perform the services they provide to us. Such third parties have their own privacy policies.

Third parties we may use include, but are not limited to:

  • Website providers

  • Web analytics providers

8. International transfers

Personal data may only be transferred outside the EU when circumstances are necessary and lawful. For example, some of our third parties are global companies and personal data may be stored and processed in the countries where they operate.

We will only transfer your personal data to trusted third parties that have adequate safeguards for international transfers, such as those that are members of the EU-U.S. Privacy Shield.

9. Your rights

Under the GDPR, you have a number of rights. Individual rights may be affected by the legal basis under which your data is processed:

  • Right to be informed
    We shall provide information about the processing of your data when it is collected or when you otherwise request information.

  • Right of access
    You have the right to know what data we hold about you.

  • Right to rectification
    You have the right to have incorrect data corrected.

  • Right to be forgotten
    You have the right to delete your data, with some exceptions. For example, we may be required to retain data to meet our legal obligations.

  • Right to restrict processing
    In certain circumstances, you may have the right to restrict how we use your data.

  • Right to data transfer
    Under certain circumstances, you may have the right to move, copy or transfer your data from one IT environment to another.

  • Right to object
    You have the right to object to our processing of your data. This right is affected if the legal basis applied is performance of contract or statutory obligation.

  • Rights related to automated decision making
    Anundsjö Vildmark does not use any automated decision making processes.

10. use your rights

If you wish to exercise any of the above rights or are unhappy with how we have used your data, please email info@anundsjovildmark.com. Please note that we may keep a record of your messages to help us deal with any issues you raise.

11. Changes to our privacy policy

We will update this Privacy Policy periodically as necessary to incorporate feedback, changes to our data protection policies or legal changes. When we post changes to this Policy, we will revise the "Effective Date" at the top of this Privacy Policy. If there are material changes to this Policy, we will describe the changes.