This is our policy for the processing and storage of personal data according to the European Union’s General Data Protection Regulation (GDPR). By using our services, you consent to the content of this policy.

YOUR PERSONAL INFORMATION AND DATA PROTECTION RESPONSIBILITY

Gällöfsta Perlan Ledarskap (“GP,” “we,” “us”) understands the importance of privacy for our customers and website visitors, and our goal with this policy is to clearly and transparently describe how we collect, use, display, transfer, and store your information so that you feel confident that your personal data is securely handled. GP is the data controller responsible for the processing of collected personal data and conducts all personal data handling in accordance with GDPR.

COLLECTION OF PERSONAL INFORMATION

What constitutes personal information?

Personal information includes all types of information that can be directly or indirectly attributed to a living individual. This includes, for example, name, personal identification number, address, email address, and telephone number. It also encompasses items like booking numbers and various electronic identities, such as IP numbers, if they can be linked to physical persons.

REGISTERED INFORMATION
When a private individual enrolls in a course and registers, we record their name, address, telephone number, and email address.

When a representative of a company enrolls in a course and registers, we record their name, their position, department affiliation, as well as their address, telephone number, and workplace email address. In some cases, their birth year may also be recorded (for participation in UGL, with the purpose of creating diverse groups). If enrollments and registrations are made by a representative of a company on behalf of another employee, the same information is recorded for the employee, and in these cases, we assume that the representative has obtained consent to provide this personal information.

For employment at GP, we also need information such as personal identification number, contact details for emergency contacts, and account information for salary payments. We may also need to process sensitive personal information about you, such as information on your health. Health information, for example, may need to be processed so that GP can fulfill its obligations as an employer.

In other situations, we record the information that you choose to provide. If you voluntarily disclose sensitive information, such as stating before a seminar or conference that you have allergies and require specific dietary considerations, we assume that you want this information to be registered with us.

PURPOSE OF PERSONAL DATA PROCESSING
When you sign up for courses and seminars through our website, by phone, or by mail, subscribe to our newsletter, or collaborate with us on our course offerings, coaching, and consulting services, you become part of our client community. The personal information you provide is recorded in our customer database and is used for the administration of ordered products and services. This information is essential for us to fulfill our mission, ensuring top-notch service and quality.

Moreover, this data serves as a basis for assessing eligibility for advanced courses and diploma programs. Additionally, we may use this information for marketing purposes and to continually enhance and tailor our services at GP to better meet your needs.

When you apply for job positions, send inquiries about employment, participate in surveys, provide information for benchmarking, or express interest in being contacted by us, rest assured that we will utilize your personal information solely for the specific purpose you submitted it.

DISCLOSURE OF PERSONAL DATA
In the case of enrollment and registration, the information stored in our customer database may be disclosed to external entities, i.e., individuals or companies outside GP, to the extent required to administer participation in a course or seminar or to fulfill the order. This also applies when you apply for available positions, submit inquiries regarding employment at GP, participate in surveys, or express a desire to be contacted by us.

In all the above-mentioned situations, GP is the data controller, and the providers used by GP, known as data processors, are obligated to follow GP’s instructions. Data processers are not permitted to disclose your personal data to anyone else or to use it for purposes other than those covered by GP’s instructions. Data processors are also required to implement specific technical and organizational measures to protect your personal data.

Finally, personal data may also be disclosed if required by law, regulation, or decision by authorities.

HOW LONG IS THE INFORMATION RETAINED?
We retain your personal information for as long as necessary to fulfill our commitment, which includes providing the service, product, or course, conducting qualification processes for participation in courses, invoicing, handling complaints or claims, etc., and as long as required by legally mandated retention periods.

If you have participated in our open courses and/or coaching, we retain your personal information for 10 years.

If you subscribe to our newsletter, receive offers, and other digital communication from us, we keep your information until you opt out of your subscription.

For other collaborations with GP, we retain the data for 3 years after the last delivery and invoicing of the service or product, unless otherwise specifically agreed upon.

Contact
If you have questions about how GP handles your personal information, please contact us using the methods below:

YOUR RIGHTS
Essential processing of personal data and processing with consent

The processing of personal data necessary for fulfilling a contract with you or complying with a legal obligation is allowed without the need for consent. However, obtaining your consent is required for collecting and processing your personal data for any other purpose. Your consent is obtained when you use the services on our website or engage with us directly.

Withdrawal of consent

You can choose to withdraw your consent at any time by contacting us. Should you withdraw your consent, we will delete the personal data and cease any processing covered by the consent.

It is possible that the same personal data may be processed based on consent or due to necessity or other applicable rules. This means that even if you withdraw your consent and the processing based on that consent ceases, the personal data may still be retained by us for other purposes.

Right to access, rectification, and deletion

Once a year, you have the right to request, free of charge, information about the personal data concerning you that is processed by GP. Requests should be submitted in writing (not via email, as they need to be signed) to the address provided under “contact” above.

If you believe that any information about you is incorrect or misleading, you can request in writing for it to be corrected, as stated above.

You have the right to request the deletion of your personal data if the data is no longer required for the purpose for which it was collected. However, legal obligations may prevent us from immediately deleting parts of your data. These obligations arise due to accounting and tax legislation as well as consumer rights legislation. In such cases, we block the data that we are required to retain from being used for purposes other than fulfilling these legal obligations.

VISITOR IDENTIFICATION – COOKIES AND LOGS
Our website employs “cookies,” small text files stored on visitors’ computers. Cookies serve various functions, preserving personal settings and tracking visitor activities. There are two types: “Session cookies” are temporary, stored during the visit and automatically deleted when the browser is closed, while “Permanent cookies” inform visitors of changes since their last visit and recognize returning users, retaining previously submitted information.

Most web browsers are configured to enable cookie acceptance. However, if you do not wish to store cookies on your computer, you can configure your browser to notify you when it receives a cookie. This way, you can decide whether to accept it or not. However, be aware that blocking cookies may limit your website experience.

GP compiles statistics on the number of visits, the frequency of individual page views, the source web addresses of visitors, and the search engines and keywords used to access our website. The purpose is to provide us with insights on how we can enhance our website. Information collected includes domain names, browsers, operating systems, visit times, and referring sources. This data remains confidential and is not disclosed to external parties.

LINKS TO OTHER WEBSITES
On GP’s website, there are links to other websites, both within the GP network and externally. This policy does not extend to these external websites. Before disclosing any personal information, it is advisable to review the privacy policies of these websites.

SECURITY
Disclosing personal information online always carries a risk, as no technological systems are entirely immune to intrusion. Nevertheless, we have implemented robust technical security measures to protect personal information from unauthorized access, alteration, and destruction.
Responsible publisher
Jenny Sima, CEO Gällöfsta Perlan Ledarskap