Privacy policy
Introduction
Omeo Financial Consulting AB (Omeo) is one of Sweden's leading management consulting firms within the financial sector. We are an independent operator with deep operational expertise in banking, asset management, funds and securities as well as treasury.
As part of our operations, we process personal data. This mainly occurs as a result of entering into consulting service agreements and needing information about contact persons at our clients. We are also interested in establishing and maintaining business relationships with representatives of both existing and potential customers and partners. Personal data is also processed in connection with recruitment processes.
At Omeo, we care about your personal privacy and always strive for a high level of data protection. We have always processed personal data in a reliable and lawful manner, fully respecting our clients, employees and contacts.
In this privacy policy, we explain which categories of personal data we process, for what purposes we process them, and what legal grounds the processing is based on. We also outline who may have access to and process the data, the principles for data retention as well as your rights as a data subject and how you can exercise them.
It is important that you feel secure in our processing of your personal data. You are always welcome to contact us with any questions.
What is personal data and what is the processing of personal data?
Personal data is any information that can be linked, directly or indirectly, to a living individual. Encrypted data and various types of electronic identities (e.g. IP addresses) are considered personal data if they can be linked to individuals.
Processing of personal data refers to everything we do with personal data. Every action taken with personal data is referred to as processing, regardless of whether it is performed automatically or not. Examples of common processing activities include collection, registration, storage, transfer and deletion.
Who is responsible for the personal data we collect?
Omeo Financial Consulting AB, reg. no. 556631-2327 with address Kungsgatan 44, 111 35 STOCKHOLM, is the data controller for the company's processing of personal data.
What personal data do we collect and why?
Fulfilment of contracts with clients and partners
We process your personal data to the extent necessary to fulfil our contract with your employer, e.g. regarding the delivery of our services. This means that we process your personal data for our administration and invoicing of services.
The data we collect about you has been provided by you or your employer. This data may include:
- First and last name
- Contact details such as email address, phone number, job title and workplace address
- Correspondence between you and Omeo
Data retention
Omeo never retains personal data longer than necessary. We have established data retention procedures to regularly delete personal data that no longer serves its purpose.
- Data we have due to a legal obligation, e.g. for accounting purposes, is retained for as long as required by applicable law
- Data we hold for the administration of a contract between your employer and Omeo is retained for twelve (12) months after the contractual relationship has ended
Invitations to marketing activities based on a legitimate interest assessment
Establishing and maintaining business relationships with individuals to offer and deliver services is a crucial part of our core operations. To be able to invite you to our marketing activities in the form of e.g. seminars and networking events, we process personal data. The legal basis for our processing of your personal data in this regard is legitimate interest; we have a legitimate interest in providing limited information about and offering various marketing activities and assess the risk of privacy infringement as minimal.
The data we collect about you has been provided by you or your employer. We also collect data via internal networks or from third parties, such as mutual contacts or social media. The data is stored in Omeo's internal CRM system with the goal of establishing a business relationship with you. The data we process may include:
- First and last name
- Contact details such as email address, phone number, job title and workplace address
- Correspondence between you and Omeo
Data retention
Omeo never retains personal data longer than necessary. We have established data retention procedures to regularly, or at least every two years, delete personal data that no longer serves its purpose.
As a registered individual, you have the right to object to invitations to our marketing activities at any time.
Implementation of marketing activities
If you have registered for any activities organised by Omeo, Omeo will process personal data to the extent required to conduct the activity. This means that Omeo processes names and contact details to establish participant lists and practically prepare and execute the activities. In the event that meals are served during the activity, dietary requirements may also be processed.
The legal basis for this processing is that it is necessary to fulfil Omeo's commitments upon registration for the activity (a contract made between the participant and Omeo). Furthermore, Omeo may follow up on who participated in the activity to direct marketing efforts towards these individuals, after the activity has been conducted. The legal basis for this follow-up is a legitimate interest assessment to satisfy Omeo's legitimate interest in directing offers of Omeo's service offerings to the participants.
Data retention
The participant list is kept for administration and follow-up for a period of no longer than six (6) months.
The participant list may also serve as a basis for Omeo's accounting in the context of any representation, where applicable.
Potential employment candidates
Omeo currently collects personal data about you as a potential employment candidate to contact you when a recruitment need arises. This occurs partly through candidates reaching out to us but also through internal networks and external searches from third parties. The processing of personal data collected through third-party searches serves the potential candidate's interest as they get the opportunity to access job offers that match their skills. The legal basis for processing this personal data is a legitimate interest assessment, i.e. Omeo's legitimate interest in finding you as a potential employee for our business.
The personal data we may collect and process for the above-mentioned purposes includes:
- CV and cover letter
- Correspondence between you and Omeo
- Results from any knowledge and personality tests
- A summary of the information provided during reference checks
We store the above information in a locked folder on Omeo's internal server. Only certain members of Omeo's designated recruitment team have access to this material.
Data retention
We have established a procedure which means we always ask the candidate for permission to retain their data. If you express that you are not interested in further dialogue with Omeo during contact with one of our employees, Omeo will no longer process your personal data and the information will be deleted after two (2) months.
How are your personal data protected?
Omeo has implemented several security measures to protect your personal data against unauthorised access, use or disclosure. For example, the data is only accessible to employees and service providers who need to access it in the course of their work. These individuals are also informed about the importance of maintaining the security of personal data and that the data is handled in accordance with applicable laws and regulations for data protection.
Who might we share your personal data with?
In cases where it is necessary for us to provide our services, we share your personal data with companies that are so-called data processors for us. A data processor is a company that processes the information on our behalf and according to our instructions.
We currently have a data processor that assists us with IT services, i.e. handling necessary operations, technical support and maintenance of our IT solutions. We have established a written agreement with the data processor through which they guarantee the security of the personal data processed and commit to complying with our security requirements as well as restrictions and requirements concerning the international transfer of personal data.
How long do we keep your personal data?
We never keep your personal data longer than necessary for each purpose. You can read more about each purpose above in the section "What personal data do we collect and why?".
What rights do you have as a registered individual?
Right to access (i.e. extract from the register)
If you want to know what personal data we process about you, you can request access to the information. Requests for such an extract must be made in writing and signed by you. If we are unable to meet your request for any reason, we will provide you with an explanation. Please note that we only disclose data that we are aware belongs to you.
Right to rectification
You can request that your personal data be corrected if the information is inaccurate. Within the scope of the specified purpose, you also have the right to complete incomplete personal data.
Right to erasure
Under certain conditions, you have the right to request the restriction or erasure of your personal data or the right to object to the processing.
Right to object
You have the right to object to the processing of your personal data that we undertake based on a balancing of interests. In that case, you need to specify which processing you are objecting to. In such cases, we may only continue with the processing if we can demonstrate that there are compelling legitimate grounds for the processing that override your interests.
Right to object to processing for direct marketing purposes
If it concerns the processing of personal data for direct marketing purposes, you have the right to object at any time and request to be unsubscribed from further mailings and invitations.
What are cookies and how do we use them?
Cookies are small text files that are stored on the visitor's computer and can be used to, for example, track what the visitor does on the website or store information about personal settings.
Complaints
If you have any complaints regarding our handling of your personal data, you have the right to submit these to the supervisory authority, in this case the Swedish Authority for Privacy Protection (tel: 08-657 61 00, imy.se)
Contact details for queries regarding data protection
If you wish to know more about how we handle your personal data or if you would like to exercise any of your rights, please feel free to contact us at info@omeo.se or by post sent to the address below:
Omeo Financial Consulting AB
Kungsgatan 44
111 35 STOCKHOLM
Omeo may make changes to this privacy policy in the future. The latest version of the privacy policy is always available on our website.
Last updated: 2024-11-27