Skip to content Skip to sub menu Skip to sub menu
Menu

Privacy Policy

This Privacy Policy was last revised on 22 October 2025.

Skogssällskapet AB (hereinafter “Skogssällskapet”, “us” and “we”) undertakes to protect and respect your integrity in the execution of our services, in contacts with you, and in all our processing of your personal data. Skogssällskapet is the data controller in the processing of your personal data in accordance with prevailing legislation.

You can find our contact information below, under Contact details.

Skogssällskapet processes the personal data needed to complete our undertaking in relation to you. Skogssällskapet may also need to process your personal data in accordance with requirements in law or regulation. Personal data means all information that can be attributed to an identifiable natural person. Further information about our data processing is given below.

Your Rights

Under the GDPR, you have the right to control your personal data and to receive information from us about how we process your data.

You have the following rights:

Right to erasure (the right to be forgotten)
In certain cases, you may have your personal data deleted. This may apply, for example, to data that is no longer necessary for the purposes for which it was collected, or to data processed on the basis of your consent if you choose to withdraw that consent. In some circumstances, we may not be able to delete your personal data, such as when the data is required to fulfill a legal obligation, is still necessary for the original purpose, or when our legitimate interest in continuing to process the data outweighs your interest in having it deleted.

Right to rectification
If your personal data is inaccurate or incomplete, you may request that it be corrected or supplemented.

Right of access
You have the right to obtain confirmation as to whether we process personal data about you and, if so, to access that data and receive information about the processing by requesting a data extract.

Right to information
You have the right to be informed about how we process your personal data. We do this through this policy and by answering any questions you may have.

Right to restriction of processing
If you believe that the data we hold about you is inaccurate, that our processing is unlawful, or that we no longer need the data for a specific purpose, you have the right to request that we restrict the processing of your data. You may also request that we do not process your data while we verify its accuracy or assess your right to object to certain processing.

Right to object
You have the right to object to the processing of your personal data that is based on a balancing of interests. If we cannot demonstrate compelling legitimate grounds for the processing, we must cease such processing. If you object to receiving direct marketing from us, we will stop sending such communications.

Rights related to automated decision-making
You have the right to object to automated decisions that produce legal effects or similarly significantly affect you.

Right to data portability
If we process your personal data in order to fulfill a contract or on the basis of your consent, you may in certain cases receive your personal data in a machine-readable format and transfer it to another data controller.

Withdrawal of consent
If you have given your consent for us to process your personal data, you have the right to withdraw your consent at any time by contacting us using the contact details provided under the “Contact Information” section below.

If you would like to learn more about what these rights mean or wish to exercise your rights, you may contact us (see the “Contact Information” section below).

Information security

We consider the protection of your personal data to be very important. We therefore take all appropriate technical and organizational security measures required to protect your personal data against unauthorized access, alteration, or destruction. To safeguard your personal data, we ensure that our physical servers are secure, that our systems are protected electronically through firewalls, that our electronic equipment is protected against intrusion, and that our staff who have access to your personal data are knowledgeable about data protection and confidentiality matters.

However, there is always a risk associated with sharing personal data through digital channels, as it is not possible to fully protect technical systems from unauthorized access.

Personal data that is collected about you or that you share with us

We may collect the following types of personal data about you, for example when we provide our services to you, when you communicate with us, or to comply with legal obligations:

  • Name
  • Email address
  • Postal address
  • Phone number
  • Personal identity number and passport number
  • Credit information
  • IP address
  • Bank details
  • Property information
  • Financial information relating to forestry activities and our services

Financial Services

For financial services – such as tax returns – the following types of data may also be collected:

  • Income information
  • Membership in a registered religious community
  • Travel logs / travel information

Property Services

For property-related services, such as the management of lease or usage agreements, the following data may also be collected:

  • Personal data relating to rights holders or tenants
  • Credit information relating to rights holders or tenants
  • Personal data linked to holders of rights, easements, etc.

Recruitment

For recruitment purposes and for job applicants, the following data may also be collected:

  • Cover letters and curriculum vitae (CV)
  • Test results and analyses related to recruitment
  • Diplomas and other certificates of competence
  • References

Grants

If you create an account, apply for a grant, or are mentioned in a grant application, the following data may also be collected:

  • Information in the application, such as gender, project plan, budget, education, academic title, CV, etc., depending on what information is provided
  • Information about co-applicants, department heads, or other involved persons

Purpose of data processing

We may process your personal data for the following purposes:

  • To enable communication between you and us
  • To enter into and fulfill agreements with you
  • To establish and maintain your service orders
  • To perform and improve the delivery of our services
  • To review and analyze the use of our services
  • To compile statistics on the use of our services and visits to our digital channels
  • To administer payments for our services
  • To manage your cases and matters with us
  • To protect our rights and our business
  • To comply with legal, regulatory, or governmental requirements
  • To receive, investigate, and respond to whistleblower reports
  • To investigate misuse of our services
  • To conduct market research
  • To send you information and offers

Mobile app: “My Forest – Skogssällskapet”

User data is required for logging into the app and for the app to identify the type of user (the user’s role). To avoid requiring you to log in every time you use the app, your user data is stored in an encrypted and secure area on your mobile device.

Within the app, you can create and save your own settings to improve and personalize your user experience. For example, you can choose which map layers are displayed when the app starts.

In the app, you can draw areas, lines, and points on the map, either manually or using location data from your mobile device. Your location data may be obtained via your IP address, WiFi, Bluetooth, mobile network, or GPS available on your device. This location data can be used to mark your position on the map or to log your movement and thereby “draw” on the map.

Location data is only stored when you actively choose to use your device’s location services for drawing or logging. If you enable logging and drawing using location data—such as the “GPS Logging (Line)” or “GPS Logging (Area)” features—logging will continue even when the app is running in the background. “Background” means the app is not actively in use or visible on your device’s display. Location data will continue to be collected and logged until you turn off the feature.

When GPS is activated in the map, the app retrieves your device’s location data in order to display your position on the map. All app features that use location data can be enabled or disabled by you. Data drawn using location information cannot be distinguished from data drawn manually.

All data you provide may be stored locally in the app and on our servers. “Provided data” includes text, images, files, location data, or any other information that you enter into the app or allow it to retrieve. This data may be stored as long as necessary for the service to function or until you choose to delete it.

All data processing is carried out using reasonable security measures and industry standards to prevent unauthorized access and ensure good data security. All internet communication with our servers is encrypted. However, no data processing system can be completely secure.

Access to Device Functions and Sensors

In some cases, the app uses built-in device functions and sensors to provide content and services. This requires that you grant the app specific permissions. For example, your location data may be collected via your IP address, WiFi, Bluetooth, mobile network, or GPS available on your device.

Anonymous User Data for Troubleshooting

If problems occur in the app, anonymous user data (such as the app version, device type, and operating system version) and error logs (what went wrong, where in the code it happened, and why) are sent to a third-party server dedicated to app analysis and troubleshooting.

This data is completely anonymous and not linked to you as an individual. We do this to improve troubleshooting and, over time, enhance the app’s quality and functionality.

Lawful grounds

In this section, we summarize the legal bases on which we rely when processing your personal data. The legal basis used depends on the purpose of the processing.

1. Contract
We process your personal data on the basis of a contract when this is necessary to perform an agreement with you or to take steps prior to entering into a contract, including:

  • Ordering our services
  • Administration of your orders or other matters, payments for the services we provide, and any reimbursements
  • Customer and HR administrative systems, such as invoicing and payroll processing
  • Employment and other types of recruitment

2. Legitimate Interests
We process your personal data based on legitimate interests when we have assessed that we have a justified interest in doing so. Our legitimate interests include:

  • Performing and improving our services
  • Reviewing and analyzing the use of our services
  • Compiling statistics on the use of our services and visits to our digital channels
  • Protecting our rights and our business
  • Investigating misuse of our services
  • Conducting market research
  • Sending you information and offers

3. Legal Obligations
We process your personal data when this is necessary to comply with legal, regulatory, or governmental requirements applicable to our business or the services we provide.

4. Consent
We process your personal data based on your consent when this is necessary for the following purposes:

  • Sending you information and offers

Sharing your personal data

We may disclose your personal data to service providers, such as payment processors, contracted service providers, business partners, and data storage providers, in order to provide our services to you. We may also disclose your personal data to authorities, such as the Swedish Tax Agency, the Police, courts, or other law enforcement authorities, if we are required to do so by law or in order to protect our rights or the rights of third parties.

We may also disclose your personal data to Swedish or foreign group companies, distributors, agents, business partners, and other related parties, or to a subsequent owner, co-owner, and their advisors in connection with a corporate merger, consolidation, restructuring, or the sale of substantially all shares and/or assets, or other reorganization.

Transfer to a third country

If Skogssällskapet’s processing of your personal data involves the transfer of personal data to countries outside the EU/EEA, such transfers are either covered by a decision from the European Commission confirming that the country ensures an adequate level of protection, or by appropriate safeguards that ensure your rights are protected, such as the use of standard contractual clauses adopted by the European Commission. External link, opens in new window.

Cookies

For information on how we use cookies see our Information about cookies on the Skogssällskapet website.

Changes in the Personal Data Policy

If we need to make changes in the processing of your personal data, we will inform you of the content of the new conditions. If you are a client, we will inform you of any changes when you have logged in to My Pages. For other groups, we will inform you of any changes in our digital channels.

Data retention and deletion of personal data

Your personal data will not be saved for longer than is necessary in relation to the purpose of the processing, and we will otherwise delete personal data in ways that comply with applicable legislation.

  • If you have registered for an event arranged by Skogssällskapet, the personal data is deleted after the event has been held, providing consent to save the data has not been given.
  • If you have registered for newsletters or other information, the data is saved, providing no request for deregistration has been received. If you have deregistered, the personal data is deleted as soon as possible, but no later than before the next newsletter is sent out, or one month after deregistration has been received.
  • If you terminate your use of our services or, in some other way, terminate your client relationship with us, your personal data will be stored until it is no longer relevant, unless special legislative requirements apply, such as the Swedish Book-keeping Act. If it can be suspected that fraud or some other unauthorised use of the service has occurred, we reserve the right to store this data for a longer period until the suspicions have been investigated.
  • If you have applied for funding from Stiftelsen Skogssällskapet or other foundations administered by Stiftelsen Skogssällskapet, the personal data is saved for different periods, depending on whether funding is awarded or not. Data regarding your account will be processed for as long as you have an account. If your account is inactive, you will receive two reminders before we automatically delete your account. Where applications have not been awarded funding, the personal data is deleted no later than 5 years after the year’s application process is completed. Where applications have been awarded funding, the personal data in the application is deleted no later than 5 years after completion of the project.

Right to submit complaints to a regulatory authority

You are entitled to submit complaints to the Swedish Authority for Private Protection (IMY), which is the authority in Sweden that regulates how we as a company comply with GDPR legislation. Here is the IMY website: https://www.imy.se/en. External link.

Contact details

If you have any questions regarding our Personal Data Policy, or any other question regarding our processing of your personal data, you are welcome to contact us.

Skogssällskapet AB

Registration No. 556333 - 7855

Visitor address: Kilsgatan 4, 411 04 Göteborg

Postal address: Box 11374, 404 28 Göteborg

Telephone: 0771 22 00 44

Email: personuppgiftsansvarig@skogssallskapet.se