Privacy Policy

1. Personal data controller

1.1       RPM Risk & Portfolio Management AB (”the Company”), Reg. No. 556254-9039, Linnégatan 6, SE-114 47 Stockholm, SWEDEN, is the controller of personal data processing. The Company processes personal data in accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council (“EU GDPR”).

2. Personal data processing

2.1          The Company collects personal information, first name, last name, e-mail address, social security number, address, contact details and bank account number information, IP numbers from customers and potential customers.

2.2          The information is used by the Company mainly to conclude and complete agreements with customers as well as to fulfill legal obligations arising from eg. accounting legislation, fund law, tax legislation and the rules on the prevention, detection and investigation of money laundering. The data is also used for marketing and as a basis for statistics and product development, and may serve as a basis for the Company, and, where appropriate, the Company's partners, to adapt content, ads and offers.

2.3          The data is analyzed and grouped for selection, prioritization and planning of contacts with the customer / user. To the data, one or more markers are linked to what type of web service and marketing communication targeted to the user, so-called profiling.

2.4          The Company's customers and registered users agree that marketing can be via mail, phone, or e-mail and text and other digital channels. Marketing via e-mail and sms is regulated by the the Swedish Marketing Act (SFS 2008:486).

2.5          Personal data may be disclosed to the Company's partners. Personal data are disclosed to the authorities only where required by law or by authority decision.

3. Storage of personal data

3.1          Personal data is stored during the ongoing contractual relationship and a period thereafter, or in accordance with the prior consent. The consent is valid until the user himself declares it, and does not end if the service is not used and the consent is also not dependent on any purchase of products.

3.2        The company keeps the personal data of users for accounting purposes in accordance with the requirements of the Swedish Accounting Act (SFS 1999:1078).

4. deletion and anoNymization of personal data

4.1          Personal data is either deleted or anonymized when the data no longer needs to be retained.

4.2          The use of personal data during the retention period is restricted with regard to the purposes of the processing. The deletion is irrevocable and when the anonymization has been completed, no person can be associated with the data.

5. IT-security

5.1        The Company takes appropriate technical and organizational measures to protect the personal data being processed. The Company has established an internal information security policy.

6. Cookies

6.1          The Company’s website contains so called cookies. Anyone who visits a website that uses cookies is to be given information according to the Swedish Electronic Communications Act (SFS 2003:389) concerning:

- that the website contains cookies;
- what these cookies are used for;
- how cookies can be avoided;

6.2          The purpose of the Company’s use of cookies is to gather statistics on page visits, to see how many individuals visit the website, what pages they visit and when.

6.3          By using this website you consent to our use of cookies according to the description above. If you do not accept the use of cookies your browser can be configured to automatically decline, or give you information, whenever a website asks to store cookies on your computer. Previously stored cookies can also be erased through your browser. Accessibility of this website may then become limited. Visit your browsers help pages for more information. The Swedish Post and Telecom Authority offers further information about cookies on its website:

7. rights as a data subject

7.1          The data subject has the right to access the personal data the Company has about the data subject. Access may, however, be limited by legislation, the protection of other people's privacy, and protection of the Company's business concepts and business practices.

7.2          The data subject may request correction of incorrect or incomplete personal data, subject to the restrictions laid down by law and regulations.

7.3          The data subject may request the deletion of personal data, for example upon withdrawal of consent when there is no other legal basis for the treatment or upon objection to direct marketing.

7.4          The data subject may also request a limitation of personal data processing, for example in conjunction with corrections, to request that the processing is limited to storage, until the correction has been completed.

7.5          The data subject may request that personal data provided by the data subject and processed automatically with the consent of the data subject or to fulfill an agreement, to be transferred to another data controller. Such a request can be accepted if it is safe and technically feasible.

7.6          To request a registry extract, revoke a consent, correct or delete a personal data entry etc. please contact the Company at:

           RPM Risk & Portfolio Management AB: Att: Personuppgift, Linnégatan 6, 114 47 Stockholm, Sweden.

This policy was created in May 2018

RPM Risk & Portfolio Management AB