2023 - Privacy Policy Hedin Mobility Group 1
We may share your personal data with the parties
detailed below for the purposes outlined in the tables set out at “Detailed description of personal data processing” above. • Other companies in the Hedin Mobility Group [acting as joint controllers or processors] and who are based in Sweden and provide [IT and system administration services]. • Service providers [acting as processors] based in Sweden who provide [IT and system administration] services. • Professional advisers acting as processors or joint controllers including lawyers, bankers, auditors and insurers based in [the UK and EU/EEA] who provide [consultancy, banking, legal, insurance and accounting services]. • HM Revenue & Customs, regulators and other authorities [acting as processors or joint controllers] based [in the UK] [who require reporting of processing activities in certain circumstances]. • Specific third parties such as Google, Hotjar and Meta. • Third parties to whom we may choose to sell, transfer or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy policy. We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions. How long will you use my personal data for? We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you. To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements. Details of retention periods for different aspects of your personal data are outlined in the tables set out at “Detailed description of personal data processing” above. 22 / 26