Privacy Policy

1. Introduction

At Åström Lawfirm (“we,” “our,” “us”), we value your privacy and are committed to protecting your personal data.
This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website [insert website URL], contact us, or engage our legal services.
We process personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and applicable Swedish data protection laws.

2. Data We Collect

We may collect and process the following categories of personal data:
a. Information you provide to us directly

• Name, email address, phone number, and other contact details

• Information submitted through our contact forms or email communications

• Details necessary for establishing and maintaining a client relationship

• Billing and payment information (if applicable)

b. Information collected automatically
When you visit our website, certain data may be collected automatically, such as:

• IP address

• Browser type and version

• Device type and operating system

• Pages visited and time spent on the site

• Cookies and similar tracking technologies (see Section 8)
   

3. How We Use Your Information

We process personal data only for legitimate purposes, including to:

• Respond to your inquiries or requests

• Provide legal advice or services upon engagement

• Administer our client relationships

• Comply with legal and regulatory obligations

• Improve our website and communications

• Protect our legal rights and interests

We will not use your information for any purpose incompatible with those stated above.

4. Legal Basis for Processing

Åström Lawfirm processes personal data based on one or more of the following legal grounds:

• Performance of a contract (e.g., providing legal services);

• Compliance with legal obligations (e.g., anti-money laundering, recordkeeping);

• Legitimate interests (e.g., improving our services or ensuring website security);

• Consent, where required (e.g., for newsletter subscriptions or marketing communications).
   

5. Data Sharing and Disclosure

We respect the confidentiality of all client and visitor information.
We may share personal data only when necessary with:

• Service providers who assist us in operating our website or business (e.g., IT support, secure email providers);

• Authorities, regulators, or courts where required by law;

• Other professional advisers, but only with your consent and when necessary for providing legal services.

We do not sell or rent personal data to third parties.

6. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including to:

• Maintain client records as required by professional conduct rules;

• Comply with legal, accounting, or reporting obligations;

• Resolve disputes and enforce our agreements.

When data is no longer needed, it will be securely deleted or anonymized.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, misuse, or alteration.
Access to personal data is restricted to authorized personnel who are bound by professional confidentiality obligations.

8. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to improve functionality and user experience.
You can manage or disable cookies through your browser settings.
For more detailed information, please see our [Cookie Policy] (if applicable).

9. Your Rights

Under the GDPR, you have the following rights regarding your personal data:

• Access – to request a copy of your data;

• Rectification – to correct inaccurate or incomplete information;

• Erasure – to request deletion of your data (“right to be forgotten”);

• Restriction – to limit how we process your data;

• Data portability – to request transfer of your data to another controller;

• Objection – to object to certain processing activities;

• Withdrawal of consent – where processing is based on consent.

To exercise any of these rights, please contact us at [insert email address].
We may need to verify your identity before fulfilling your request.

10. International Data Transfers

As a Swedish law firm, we primarily process data within the European Economic Area (EEA).
If personal data is transferred outside the EEA, we ensure that appropriate safeguards are in place in accordance with GDPR requirements.

11. Updates to This Policy

We may update this Privacy Policy from time to time. Any updates will be posted on this page with a revised “Last Updated” date.
We encourage you to review this Policy periodically to stay informed about how we protect your data.