How Nordic Riser AB collects, uses, and protects your personal information in accordance with the EU General Data Protection Regulation (GDPR).
Nordic Riser AB ("we", "our", or "us") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or engage with our advisory services.
This policy is designed to comply with the EU General Data Protection Regulation (GDPR) and applicable data protection legislation. By using our website or submitting an inquiry, you acknowledge that you have read and understood this policy.
Nordic Riser AB is the data controller responsible for your personal information collected through our website and services.
Nordic Riser AB
Email: info@nordicriser.com
Website: www.nordicriser.com
For all data protection matters, please contact us using the details above with the subject line "Data Protection Inquiry".
We collect information that you voluntarily provide to us, including:
When you visit our website, we may automatically collect:
We process your personal data only for the purposes outlined below, each supported by a lawful basis under GDPR:
| Purpose | Legal Basis (GDPR) |
|---|---|
| Responding to consultation requests and inquiries | Contract performance / Legitimate interest |
| Providing strategic advisory services | Contract performance |
| Communicating about our services and engagement progress | Contract performance / Consent |
| Improving our website and service quality | Legitimate interest |
| Coordinating with third-party professionals (legal, accounting) | Contract performance / Legitimate interest |
| Compliance with legal and regulatory obligations | Legal obligation |
We will not sell, rent, or trade your personal information to third parties. We will not use your data for purposes incompatible with those stated above.
Where required to deliver our services, we may share relevant information with qualified third-party professionals, including:
All third parties are required to maintain appropriate security measures and are permitted to process your data only as directed by us and within the scope of their professional obligations.
We may disclose your personal information when required to do so by law, regulation, legal process, or a legitimate governmental request.
We primarily process data within the EU/EEA. In the event that data is transferred outside the EU/EEA, we ensure that appropriate safeguards are in place — such as Standard Contractual Clauses or applicable adequacy decisions — prior to any such transfer.
We implement appropriate technical and organisational measures to protect your personal information against unauthorised access, alteration, disclosure, or destruction. These measures include:
While we take all reasonable precautions, no method of electronic transmission or storage is entirely secure. We cannot guarantee absolute security, but we are committed to protecting your data to the highest practicable standard.
We retain your personal information only for as long as is necessary to fulfil the purposes outlined in this policy and to comply with our legal obligations:
Upon expiry of the applicable retention period, personal data is securely deleted or anonymised.
As a data subject under the GDPR, you have the following rights in relation to your personal data:
Request a copy of the personal data we hold about you.
Request correction of inaccurate or incomplete data.
Request deletion of your data in certain circumstances ("right to be forgotten").
Request that we limit how we use your data in specified circumstances.
Receive your data in a structured, machine-readable format where applicable.
Object to processing based on legitimate interests or for direct marketing purposes.
Withdraw any consent given at any time, without affecting prior processing.
Lodge a complaint with the relevant supervisory authority (see Section 12).
To exercise any of the above rights, please contact us at info@nordicriser.com with the subject line "Data Subject Request". We will respond within one calendar month as required by GDPR.
Our website is a static informational site with minimal tracking. We may use essential cookies required for the basic operation of the site. We do not currently use third-party advertising or behavioural tracking cookies.
If we implement analytics or additional tracking technologies in the future, we will:
You may control and delete cookies through your browser settings at any time. Please note that disabling certain cookies may affect the functionality of the website.
Our services are directed exclusively at adults conducting professional and business activities. We do not knowingly collect personal data from individuals under the age of 18. If you believe we have inadvertently collected data from a minor, please contact us immediately and we will take appropriate steps to delete that information.
We may update this Privacy Policy periodically to reflect changes in our practices, applicable legislation, or operational procedures. Material changes will be communicated by:
We encourage you to review this policy periodically. Your continued use of our website following any update constitutes acceptance of the revised policy.
If you have concerns about how we handle your personal data and you are not satisfied with our response, you have the right to lodge a complaint with the relevant supervisory authority:
Integritetsskyddsmyndigheten (IMY)
Swedish Authority for Privacy Protection
Box 8114, 104 20 Stockholm
Phone: +46 8 657 61 00
Website: www.imy.se
If you have any questions, concerns, or requests relating to this Privacy Policy or our data practices, please contact us directly:
Email us with the subject line "Privacy Policy Inquiry" and we will respond promptly.