Privacy Policy

Rosti privacy statement

All companies within Rosti are committed to protect the privacy and security of the personal data of all our stakeholders – employees, board members and business partners. We treat personal data as a valuable asset that should be collected and used in a respectfully and lawful manner.

Rosti is made up of different legal entities, details of which can be found in our Website Privacy Statement. This privacy statement is issued on behalf of the Rosti group so when we mention “Rosti”, “we”, “us” or “our” in this privacy statement, we are referring to the relevant company in the Rosti group responsible for processing your data. Rosti Group AB is the controller and responsible legal entity for the Rosti website.

In the course of our normal business operations, we collect, process and/or transfer personal data only to the extent we have a lawful, specific, definable business need for the information and in compliance with all relevant laws and rules applicable in the markets in which Rosti conducts business.

We dedicate resources throughout Rosti and set adequate technical and organizational measures in place to safeguard personal data and ensure lawfulness, fairness and transparency throughout the processing cycle. We are transparent with you about what information we collect, why and how we use it, with whom we share it and who you should contact if you have any concerns.

We have adopted a Rosti Personal Data Protection Policy and a governance structure to assist employees, board members and business partners to comply with the applicable data protection laws.

Further information on how we process personal data is found in our Rosti Personal Data Protection Policy and in the Privacy Notices available on this site.

Please read this statement together with our web site privacy notice and terms of use and any other documents referred to therein carefully to understand our views and practices regarding your personal data and how we will treat it. By visiting you are accepting the practices described in this notice.

Your data protection rights

We will always observe the data protection rights your carry as an individual according to the applicable legislations. If the General Data Protection Regulation (GDPR) (EU) 2016/679 applies, you have the right to request information about the personal data processed about you and access to such personal data. You also have a right to request rectification of your personal data if this is incorrect and request erasure of your personal data. Further, you have a right to request Rosti to limit its processing of your personal data under certain circumstances. There is also a right for you to object to the processing based on legitimate interest or processing for direct marketing. Additionally, you have the right to data portability (transfer of your personal data to another controller) if we process your personal data based on consent or contractual obligation and is automated. Additional information provided by the European Commission is available on

If you believe that Rosti is in breach of applicable data protection laws, please contact our Data Protection Team in order for us to assess and possibly clarify any misunderstanding or rectify any mistake.

The Swedish Authority for Privacy Protection (Sw. Integritetsskyddsmyndigheten, is the supervisory authority monitoring the processing of personal data in Sweden. You may lodge a complaint with the Swedish Authority for Data Protection or with the data protection authority of your EU country of residence if you believe that Rosti is in breach of applicable data protection laws.

How to contact us

If you have any questions about how we process your personal data, please feel free to contact our Data Protection Team by sending an email to

Rosti Group AB, company no. 556308-9456, a company organised and existing under the laws of Sweden with registered office at Rosti Group AB, Västra Varvsgatan 19, 211 77 Malmö., is responsible for the processing of personal data that relate to you under applicable data protection laws and regulation when visiting this website.