Subscribe to receive monthly newsletters and the latest legal updates.
Privacy policy
A. Introduction
Eris Law Advokatbyrå AB ("Eris Law", "we", "our" or "us") is committed to protecting and respecting your privacy. We strive to be transparent and clear about how we process personal data and how we ensure that our processing is in accordance with applicable legislation. This Privacy Policy ("Policy") informs you about how we collect and process personal data relating to contacts of clients, potential clients and other business contacts, such as counterpart agents, job applicants and service providers. If you have any questions about this Policy, or about our processing of personal data in general, you are always welcome to contact us at info@erislaw.se.
B. Who is the controller of the personal data we process?
The controller is the organization that, alone or together with others, determines the purposes for which personal data is to be processed and how the processing is to be carried out. For the processing of personal data described in this Policy, Eris Law Advokatbyrå AB, 556769-8476 with address Regeringsgatan 82, 111 39 Stockholm, is the data controller.
C. What personal data do we process and why?
1. Purpose/Performance and administration of client assignments
Legal basis
i) Legal obligation
The processing is necessary for compliance with a legal obligation.
Types of treatments
- Where applicable, implementation of a money laundering control in accordance with the Act (2017:630) on measures against money laundering and terrorist financing
(ii) Legitimate interest
The processing is necessary for our legitimate interest in managing and administering our relationships with clients, as well as the implementation of a conflict of interest check in accordance with our obligation to avoid conflicts of interest.
Types of treatments
- Conducting conflict of interest checks
- Processing, administration and documentation of missions
- Communication with stakeholders in the context of client engagements, such as clients, counterparty representatives and authorities
- Management and administration of invoicing
Categories of personal data
Identity information, such as name and social security number, contact information, such as address, email and phone number, work-related informationsuch as job title and employer, and other information that you provide to us in connection with client engagements.
Storage time
In accordance with the rules of the Swedish Bar Association, we are obliged to archive documents related to client assignments for ten (10) years from the date of completion of the assignment, or for such longer period as the nature of the assignment requires.
2. Purpose/Marketing and business development
Legal basis
Legitimate interest
The processing is necessary for our legitimate interest of marketing our services and/or maintaining a business relationship with clients and other organizations.
Types of treatments
- Sending information on legal news, invitations to events and seminars, and other information related to Eris Law by e-mail
- Publishing and analyzing posts on LinkedIn and on the Eris Law website
- Establishment and management of contact list
Categories of personal data
Identity information, such as name, contact information, such as address, email and phone number, work-related information, such as job title and employer, information related to your LinkedIn accountsuch as profile picture, and any other information that you provide to us.
Storage time
For processing based on Eris Law's legitimate interest, we process your personal data for fifteen (15) months from your last contact with Eris Law, or for as long as your employer or client has a business relationship with us. For processing based on your consent, we process personal data until you withdraw your consent.
3. purposes/registration and participation in events and seminars
Legal basis
Legitimate interest
The processing is necessary for our legitimate interest to provide, administer and follow up our events and seminars, to educate and inform about our activities and services.
Types of treatments
- Pre- and post-participation communication, such as confirmation of registration or handling of incoming questions
- Establishment and administration of the list of participants
- Evaluation and analysis of participation
Explicit consent
- We rely on explicit consent for the processing of personal data on allergies and special diets.
Categories of personal data
Identity information, such as name, contact information, such as address, email and phone number, work-related informationsuch as job title and employer, and any other information that you provide to us.
Special categories of personal data
In connection with the organization of events and seminars involving catering, we may process personal data relating to allergies and special diets.
Storage time
For processing based on Eris Law's legitimate interest, we process your personal data for fifteen (15) months from your last contact with Eris Law, or for as long as your employer or client has a business relationship with us. For processing based on your explicit consent, we process personal data until you withdraw your consent.
4. purposes/handling of enquiries and other communications
Legal basis
Legitimate interest
The processing is necessary for our legitimate interest to provide, administer and follow up our events and seminars, to educate and inform about our activities and services.
Types of treatments
- Handle inquiries and other communications via email, phone or social media not related to clients or client engagements
- Communication with employees of service providers
Categories of personal data
Identity information, such as name, contact information, such as address, email and phone number, work-related informationsuch as job title and employer and any other information provided to us in such communications
Storage time
For processing based on Eris Law's legitimate interest, we process your personal data for fifteen (15) months from your last contact with Eris Law, or for as long as your employer or client has a business relationship with us.
5. Purpose/Recruitment procedures
Legal basis
Legitimate interest
The processing is necessary for our legitimate interest to administer and evaluate applications for employment.
Types of treatments
- Administration and evaluation of candidates and applications received
- Communication with applicants
- Communication with references
Legal obligation
The processing is necessary for compliance with legal obligations. If application documents include special categories of personal data, we process them on the basis of obligations under labor law.
Types of treatments
- Archiving of application documents to meet the requirements of discrimination legislation
Explicit consent
- Where unsolicited applications contain special categories of personal data, we only process them after explicit consent
Types of treatments
- Administration of spontaneous applications received
Categories of personal data
Identity informationsuch as name and social security number, contact information, such as address, email and phone number, work and education-related informationsuch as educational qualifications, employment certificates and previous jobs, and any other information that you provide to us, such as a portrait.
Special categories of personal data
We never ask for special categories of personal data in the context of recruitment procedures, but may receive such data where appropriate.
Storage time
For processing based on the legitimate interest of Eris Law, we will keep your application documents for one (12) month from the date of application. When you apply for an advertised position, we will keep your application documents for two (2) years from the date of filling the position, in accordance with the discrimination legislation.
6. purposes/compliance with legal obligations
Legal basis
Legal obligation
The processing is necessary for compliance with a legal obligation..
Types of treatments
- Compliance with accounting, auditing and tax obligations
Categories of personal data
Identity informationsuch as name and social security number, contact information, such as address, email and phone number, work-related informationsuch as job title and employer.
Storage time
In accordance with the Swedish Accounting Act (1999:1078), we are obliged to store accounting documents for seven (7) years from the end of the calendar year in which the financial year ended.
D. Where do we get your personal data from?
Eris Law continuously collects, and receives, personal data related to our business. In general, we process personal data that we receive directly from you or the organization you represent, for example when you send us an email, register for an event that we conduct or submit an application for employment. We may also collect and receive your personal data from other sources, such as clients, counterparties, counterparty representatives, and other actors related to a client matter, such as courts or other authorities. We may also collect personal data from various websites and service providers, such as recruitment companies, as well as private or public registers, such as the Swedish Companies Registration Office.
E. Who may we share your personal data with?
Eris Law may share your personal data with third parties under certain circumstances. We may do so in cases where (i) it has been specifically agreed between you and Eris Law, (ii) it is necessary within the framework of an assignment to safeguard your or your employer's or client's interests and rights, (iii) it is necessary for us to fulfill a statutory obligation or comply with a decision by a public authority or court or (iv) in the event that we engage external service providers who perform assignments on our behalf. We only share your personal data with trusted third parties, with whom we have entered into agreements that ensure that your personal data is processed in accordance with this applicable data protection legislation.
We may share your personal data with the following categories of recipients:
- Clients, counterparties and counterparty representatives
- Courts, arbitration tribunals, government agencies, banks, insurance companies and any other public organizations
- The Bar Association
- Service providers
- Social media
F. When might we transfer your personal data to countries outside the EU/EEA?
We aim to process your personal data only within the EU/EEA. However, in specific cases, we may transfer your personal data to countries outside the EU/EEA, for example when using a service provider based outside the EU/EEA. Whether it is us or a subcontractor of ours that transfers your personal data to countries outside the EU/EEA, we ensure that your personal data is subject to an adequate level of protection by taking appropriate safeguards.
If the European Commission decides that a non-EU/EEA country to which we transfer personal data (for example, due to the fact that a service provider to us is established there) achieves an adequate level of protection equivalent to the level of protection ensured by the GDPR, we base the transfer of personal data on that transfer mechanism. You can read more about the transfer mechanism and the countries covered by such a decision here. In case the recipient country is not subject to an adequacy decision, and even if it is, we always take other appropriate safeguards, such as entering into European Commission standard contractual clauses with the recipient of your personal data. The conclusion of standard contractual clauses means that the recipient guarantees that the protection of personal data under the GDPR also applies to the recipient. You can read more about the European Commission's standard contractual clauses here.
We always assess on a case-by-case basis whether a transfer of personal data outside the EU/EEA can be carried out, and on what grounds. Where appropriate, we take additional safeguards in relation to your personal data, such as organizational and technical security measures. For more information on the safeguards taken in each individual case, please contact us at info@erislaw.se.
In connection with client assignments, we may exceptionally transfer personal data to countries outside the EU/EEA, for example if our client or counterparty is domiciled in a country outside the EU/EEA. We may also transfer personal data to countries outside the EU/EEA via our service providers, but only in exceptional cases. Your interaction with Eris Law on LinkedIn also involves the transfer of personal data to the United States.
G. Your rights in relation to your personal data?
As a data controller, we are responsible for ensuring that your personal data is processed in accordance with applicable data protection law, and that you can exercise your rights under the GDPR. Below is a description of the rights you are granted under the GDPR. If you wish to exercise any of your rights, please contact us at info@erislaw.se. More information about your rights can be accessed from time to time via the website of the Data Protection Authority ("DPA") website.
Right to information: You have the right to be informed about how we process your personal data. We will inform you primarily through this Policy, but also by answering your questions.
Right of access: You have the right to know, upon request, whether we are processing your personal data and, if so, to obtain access to the personal data in the form of a free extract from the register and information on how we process your personal data. Requests for an extract from the register can be sent to info@erislaw.se. Please note that we may charge a reasonable fee for administering the request for an extract from the register if such a request is sent repeatedly. We reserve the right to take reasonable steps to verify the identity of the person requesting the records.
Right to rectification: You have the right to obtain without delay the rectification of inaccurate personal data that we process about you, as well as the right to obtain the completion of incomplete personal data that we process about you.
Right to erasure ("right to be forgotten"): You have the right, under certain conditions, to have the personal data we process about you erased. This applies to
- if the personal data are no longer necessary for the purposes for which they were collected or otherwise processed,
- if the processing is based on your consent and you withdraw it, while there is no other legal basis for the processing,
- if you object to the processing of your personal data on the basis of our legitimate interest, and there are no legitimate grounds for the processing that override your interests,
- if we process your personal data for direct marketing purposes and you object to such processing
- if we have processed your personal data unlawfully
- if erasure is necessary for compliance with a legal obligation to which we are subject; or
- if the personal data relates to a child for whom you have parental responsibility and the data was collected in the context of offering information society services (for example, social media).
To the extent that our processing of your personal data is necessary for a specific reason, for example to defend a legal claim, we are not obliged to delete your personal data and may refuse your request.
Right to restriction of processing: You have the right to request that our processing of your personal data be restricted under certain conditions. This applies to
- if you contest the accuracy of the personal data, during the time we are verifying the accuracy of the personal data,
- if our processing of your personal data is unlawful, but you object to us erasing the data and instead request a restriction of our processing in relation to the data,
- if we no longer need the personal data for the purposes of the processing, but you need it to establish, exercise or defend legal claims; or
- if you have objected to our processing of your personal data on the basis of our legitimate interest, during the time we are checking whether our legitimate grounds outweigh yours.
Right to data portability: You have the right to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format. You also have the right to transfer this personal data to another person without hindrance from us. Where technically feasible, you have the right to request that we make such a transfer directly to another party. Your right to data portability requires that the processing is based on your consent or on a contract and is carried out automatically.
Right to object: You have the right to object to our processing of your personal data under certain conditions. This applies when we process personal data for the performance of a task carried out in the public interest, in the exercise of official authority or following a balancing of interests. We may then only continue to process your personal data if we have compelling legitimate grounds that outweigh your interests. You always have the right to object to the processing of your personal data that involves direct marketing. Following such an objection, we are obliged to cease processing for such purposes.
Right to withdraw consent: You have the right to withdraw consent on which we base our processing of your personal data at any time. We will then cease processing your personal data. Requests for withdrawal of consent can be sent to info@erislaw.se.
Right to lodge a complaint: If you have a complaint about our processing of personal data, you have the right to lodge a complaint with IMY, which is the Swedish supervisory authority. You can find IMY's contact details Contact us | IMY.
H. Cookies
We use cookies on our website www.erislaw.se. A cookie is a small text file containing information that a website you visit requests to be saved locally on your computer, tablet or mobile phone via your browser. The cookie is stored on your device and the next time you visit the website, the cookie is sent back to the website, recognizing your device and your preferences. There are different types of cookies, and many different uses. More information on cookies can be found at the Swedish Post and Telecom Authority's Information on cookies | PTS.. Cookies used on www.erislaw.se.
| Name | Domain | Storage time | Description of the project | Category |
| cookieyes-consent | Erislaw.se | 1 year | Used to remember website visitors' consent settings | Necessary |
| pll_language | Erislaw.se | 1 year | Used to remember website visitors' language preferences | Functional |
We use essential cookies to enable the website to perform its basic functions. We do not need to obtain your consent for the use of essential cookies. We use functional cookies to improve the user-friendliness of our website. For the use of functional cookies, we need to obtain your prior consent. You give your consent by selecting "Accept" when you visit our website for the first time or by adjusting your cookie settings and agreeing to the use of functional cookies. The consequence of not giving your consent is that your language settings will not be saved until the next time you visit our website.
Through the use of cookies, we may collect personal data about you, such as your IP address. With regard to the collection of personal data by means of necessary cookies, your personal data is processed on the basis of Eris Law's legitimate interest in providing a good user experience to our website visitors. For the collection of personal data through functional cookies, your personal data is processed on the basis of your consent.
You can change your cookie settings at any time by clicking on "Cookie Settings" in the website footer. You always have the right to withdraw your consent.
You can also manage your cookie settings in your browser. You can choose to block all cookies (including essential cookies), regardless of the issuer. You can also review and delete cookies from different issuers that you have previously agreed to. You can find more information on how to manage cookies in your browser below:
- Google Chrome, https://support.google.com/chrome/answer/95647?hl=sv.
- Safari (iPhone and iPad), https://support.apple.com/sv-se/HT201265.
- Safari (Mac), https://support.apple.com/sv-se/guide/safari/sfri11471/mac.
- Mozilla Firefox, https://support.mozilla.org/sv/products/firefox/protect-your-privacy/cookies.
- Microsoft Edge, https://support.microsoft.com/sv-se/windows/microsoft-edge-webbdata....
- Internet Explorer, https://support.microsoft.com/sv-se/windows/ta-bort-och-hantera-cookies....
- Opera, https://help.opera.com/en/latest/web-preferences/#cookies.
I. Automated decision-making, including profiling
Eris Law does not use automated decision-making processes, including profiling.
J. Updates and contact details
We reserve the right to update this Policy. The current version was published on August 1, 2023. Please do not hesitate to contact us if you have any questions about this Policy, our processing of your personal data or if you wish to exercise any of your rights.
Eris Law Advokatbyrå AB, reg. no. 556769-8476
Regeringsgatan 82, 111 39 Stockholm
Tel. no: +46(0) 70 646 6768
E-post:info@erislaw.se
"Eris is the goddess of discord and dispute in Greek mythology and also the name of a planet discovered in 2005. The planet Eris kicked Pluto out of the list of planets and metaphorically for our law firm, Eris is the planet, the new player, stepping in, and out, to take the field.