Rosti privacy statement
All companies within Rosti are committed to protect the privacy and security of the personal data of all our stakeholders – employees, board members and business partners. We treat personal data as a valuable asset that should be collected and used in a respectfully and lawful manner.
Rosti is made up of different legal entities, details of which can be found in our Website Privacy Statement. This privacy statement is issued on behalf of the Rosti group so when we mention “Rosti”, “we”, “us” or “our” in this privacy statement, we are referring to the relevant company in the Rosti group responsible for processing your data. Rosti Group AB is the controller and responsible legal entity for the Rosti website.
In the course of our normal business operations, we collect, process and/or transfer personal data only to the extent we have a lawful, specific, definable business need for the information and in compliance with all relevant laws and rules applicable in the markets in which Rosti conducts business.
We dedicate resources throughout Rosti and set adequate technical and organizational measures in place to safeguard personal data and ensure lawfulness, fairness and transparency throughout the processing cycle. We are transparent with you about what information we collect, why and how we use it, with whom we share it and who you should contact if you have any concerns.
We have adopted a Rosti Personal Data Protection Policy and a governance structure to assist employees, board members and business partners to comply with the applicable data protection laws.
Further information on how we process personal data is found in our Rosti Personal Data Protection Policy and in the Privacy Notices available on this site.
Your data protection rights
We will always observe the data protection rights your carry as an individual according the applicable legislations.
If the General Data Protection Regulation (GDPR) (EU) 2016/679 applies, you have the right to request information about the personal data processed about you and access to such personal data. You also have a right to request rectification of your personal data if this is incorrect and request erasure of your personal data. Further, you have a right to request Rosti to limit its processing of your personal data under certain circumstances. There is also a right for you to object to the processing based on legitimate interest or processing for direct marketing. Additionally, you have the right to data portability (transfer of your personal data to another controller) if we process your personal data based on consent or contractual obligation and is automated. Additional information provided by the European Commission is available on https://ec.europa.eu/info/law/law-topic/data-protection/reform/rights-citizens_en).
If you believe that Rosti is in breach of applicable data protection laws, please contact our Data Protection Officer in order for us to assess and possibly clarify any misunderstanding or rectify any mistake.
The Swedish Data Protection Authority (Sw. Datainspektionen, www.datainspektionen.se) is the supervisory authority monitoring the processing of personal data in Sweden. You may lodge a complaint with the Swedish Data Protection Authority or with the data protection authority of your EU country of residence if you believe that Rosti is in breach of applicable data protection laws.
Data Protection Officer
We have appointed a Data Protection Officer (DPO) and we have dedicated Personal Data Protection Team to oversee compliance with General Data Protection Regulation (GDPR) and applicable data protection laws.
How to contact us
If you have any questions about how we process your personal data, please feel free to contact our Data Protection Officer by sending an email to firstname.lastname@example.org.
Rosti Group AB, company no. 556308-9456, a company organised and existing under the laws of Sweden with registered office at Anna Lindhs plats 4, 211 19 Malmö, Sweden, telephone: +46 40 204 701, is responsible for the processing of personal data that relate to you under applicable data protection laws and regulation when visiting this website.