GDPR
Privacy policy
Hassel Hub (“we”, “us” or “the Company”) is the data controller responsible for the processing of personal data in accordance with this Privacy Policy. Here we explain what type of personal data we collect, how we process it, and what rights you have. This policy applies to filippahassel.com, www.hasselhub-team.com/webbinarium, and hasselfilippa.systeme.io/webbinarium.
You are always welcome to contact us if you have questions regarding how we process your personal data.
What personal data do we collect about you and when?
Data you provide to us
We process the personal data that you provide to us when you are in contact with us. This may be via our website or when you use our services. We also collect personal data that you send to us via e-mail, SMS, or similar, or when you call us.
Why do we process your personal data?
We process your personal data in order to provide and administer the services and products we offer. We also process your personal data to market our products and services.
To be able to follow up and improve our products and services, we may also process your personal data in the form of statistics on the use of our services.
What legal basis do we have for processing your personal data?
In order to process your personal data, we need a legal basis. We process your personal data on the following grounds:
To fulfill, administer, or enter into an agreement with you or your employer
When we have a legitimate interest in processing your personal data, for example in marketing our products and services or compiling statistics on your use of our services
When there is a legal obligation for us to process your personal data, for example for accounting purposes
Who might we share your personal data with?
Data processors
In some cases, it is necessary for us to engage other parties to perform our work. For example, we may use IT service providers. They are considered data processors on our behalf, and we have entered into data processing agreements in such cases. The data controller responsibility remains with us, and the processor only processes your data according to our instructions.
We review all data processors to ensure that they can provide sufficient guarantees regarding the security and confidentiality of personal data. Data processors are only engaged for purposes that are consistent with our own purposes of processing, as we remain the data controller.
We may also disclose personal data to third parties, such as the police or other authorities, if it concerns a criminal investigation or if we are otherwise legally obliged to disclose such information by law, authority decision, or to protect our own legal rights.
Where do we process your personal data?
Your personal data is processed only within the EU/EEA.
How long do we store your personal data?
We never store your personal data longer than necessary for the respective purpose. We have established deletion routines to ensure that personal data is not stored longer than needed. If and when you wish to close your account with us, we delete your data connected to the service within 3 months.
The length of storage depends on the purpose of the processing and how long the data is necessary for that purpose. After that, we will securely delete or anonymize your data so it can no longer be linked to you. Some accounting data, due to legal requirements, must be stored for at least seven (7) years.
Personal data collected for marketing purposes is deleted no later than 2 years after collection.
Cookies
Our website uses cookies. More information about our use of cookies can be found on our website.
What rights do you have as a data subject?
As a data subject, you have several rights under applicable law. Below we list these rights:
Right of access (data subject access request)
If you want to know what personal data we process about you, you may request access to that information. When you make such a request, we may ask questions to ensure efficient handling and to confirm your identity.
Right to rectification
If you discover that some information is incorrect, you have the right to request that your personal data be corrected. You may also supplement incomplete data. In some cases, you may be able to make corrections yourself, which we will inform you about.
Right to erasure (“right to be forgotten”)
You may request that we delete personal data we process about you if, for example:
The data is no longer necessary for the purposes it was collected for
You object to a balance of interests we have carried out, and your grounds outweigh our legitimate interest
The data has been processed unlawfully
The data was collected about a child (under 13 years old) for whom you are the guardian
The processing is based on your consent and you withdraw your consent
We may have the right to deny your request if there are legal obligations preventing us from immediately deleting certain data, or if processing is necessary for us to establish, exercise, or defend legal claims.
Right to restriction of processing
You have the right to request that we restrict the processing of your personal data. For example, if you request correction of incorrect data, you may request limited processing during the time we verify the accuracy.
If we no longer need your data for the purposes specified, our routine is to delete it. However, if you need the data to establish, exercise, or defend legal claims, you can request limited processing instead of deletion.
If you have objected to processing based on legitimate interest, you may request limited processing while we assess whether our interests outweigh yours.
Right to object to certain processing
You always have the right to object to processing based on legitimate interest. You also have the unconditional right to opt out of direct marketing.
Right to data portability
You have the right to data portability if our processing is based on consent or the performance of a contract with you. A prerequisite is that the transfer is technically possible and can be done automatically.
Exercising your rights
Requests to access, rectify, erase, or exercise any of your other rights must be submitted in writing and signed by the individual concerned. We will respond without undue delay and at the latest within 30 days. Please send requests to our email address below, preferably from the email address you are registered with.
Supervisory Authority
The Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten, IMY) is the supervisory authority overseeing the application of data protection legislation. If you believe we are acting incorrectly, you can contact IMY at https://www.imy.se.
Contact Information
Please contact us with any questions regarding how we process personal data. If you have questions or wish to exercise your rights, you are always welcome to contact us at:
[Hassel Hub]
Changes to this Privacy Policy
We reserve the right to make changes to this Privacy Policy. You will always find the latest version on our website. If changes are of material importance to how we process personal data, we will specifically communicate this to you.
© 2025 HASSEL HUB