top of page

Privacy Policy (GDPR Compliance)

1. Background​​

Astrada AB processes personal data in its daily operations. The privacy policy generally applies to the personal data processing within Astrada and exists to explain what kind of data Astrada processes, why and how. The privacy policy applies to employees, suppliers and customers.


2. Personal data and personal data processing

Personal data is all information that can be directly or indirectly linked to other information, linked to a living natural person. Names, phone numbers, images and IP addresses may be personal data. Measures taken with personal data are personal data processing, such as storage, collection, modification, deletion and dissemination.


3. Personal Data Responsible

The personal data responsible is the person responsible for the personal data processing and determines why and how personal data is processed.


4. Personal Data Counselors

To be able to deliver their services, Astrada uses personal information assistants. This means that Astrada is personally responsible and determines which personal data are processed and why, but that we outsource parts of the treatment. These include IT solutions such as storage, payroll and accounting systems. Astrada then decides over the treatment and is responsible for it but takes the help of other suppliers to deliver their services. Astrada always includes personal data agreement with personal data counselors to ensure a high level of protection for all data.


5. Astrada's personal data processing

Astrada and our personal information assistants always have a legal basis for processing personal data. Usually it is necessary to fulfill agreements, but it may also be by consent, if required to make legal claims or due to legal requirements. Astrada can also process personal data if there is a legitimate interest. The legitimate interest then weighs heavier than the registrant's interest in the fact that Astrada does not process his personal data. However, as registered, it is always possible to oppose such personal data processing in an easy way.

Below is an overview of Astrada's personal data processing. Astrada strives to process as little personal data as possible.

5.1. Communication and Administration

Astrada processes personal information for administration and communication with employees, customers and suppliers. The purpose is to manage jobs and administer the business.

5.2. employment conditions

To handle the administration and payment of salaries and contact with employees, Astrada must treat employee personal data.

5.3. payments

To handle payments, Astrada processes personal data.


6. Recipients that Astrada can share information with

6.1. Service providers

In order to provide its services, Astrada takes advantage of various providers for, among other things, IT solutions such as networking, storage services and email services. Suppliers may process personal data only in accordance with Astrada's express instructions and may not process the data for their own purposes. Everyone is also bound by law and agreement to protect personal data.

6.2. Payment recipients and billing providers

In the case of payments and invoicing, personal data may be shared with the payment service provider, the payee and the banks of both parties.

6.3. Other recipients

In certain cases, Astrada may also share data with other recipients, primarily authorities due to legal requirements or in connection with legal proceedings.


7. Technical and organizational measures

Astrada is concerned with the integrity of the customer and employee and takes appropriate technical and organizational security measures to protect personal data from unauthorized access, modification, dissemination or destruction. Among other things, there are routines and restrictions of authority that prevent unauthorized access.


8. How long are personal data stored?

Astrada is processing personal information as long as there is a relationship with the registered person and a time thereafter, as long as there is a legal basis. If there is no reason for processing personal data, they are deleted.


9. Rights

Astrada wants to remind you of the rights that GDPR provides to persons who receive their personal data.

9.1. Access to personal data

As a registered person, you are entitled to request confirmation if we process personal information about you or not. If we do, you have the right to see what information we are processing about you through a registry extract.

9.2. Amendment

If a job is incorrect or incomplete, you are entitled to request that it be corrected.

9.3. Revoke consent

If we treat your personal information with the consent of the legal basis for your treatment, you are entitled to withdraw the consent at any time with future effect.

9.4. Right to complain to the supervisory authority

The registrant is also entitled to contact the supervisory authority directly to complain. The supervisory authority shall then investigate what has happened.

9.5. Oppose treatment that relies on Astrada's legitimate interest

As a registered person, you are entitled to oppose any treatment that supports a legitimate interest if there are reasons for your specific case against the treatment. If you oppose the treatment and there are compelling legitimate reasons that weigh heavier, we may continue the treatment.

9.6. Deletion

Registered persons have the right to request and in certain circumstances have their personal data deleted. An exception is if we are required by law to keep the data.

9.7. Limitation of treatment

Registered persons are entitled to request that the processing of their personal data be limited.


To take advantage of your rights or questions, contact Astrada AB.

Personal Data Responsible: Astrada AB, 556624-3514

Postal address: Skeppsbron 20, 111 30, Stockholm


Phone: 08-601 25 70

bottom of page