Processing of personal data for external contact persons

Last updated: November 28, 2025

Scope

Below is a description of how Solid Försäkringsaktiebolag, corporate registration number 516401–8482, with the address Box 22068, 250 22 Helsingborg (“Solid Insurance”, “us” or “we”), processes personal data in relation to you as a contact person at one of our external business relations such as our partners, intermediaries, and suppliers.

Privacy protection is an issue we prioritise. It is therefore important for us to protect your personal data and to ensure that our processing of it is carried out correctly and lawfully.

In this document, we explain what types of personal data we may process and for what purposes we do so. We also describe our processing of personal data as well as the choices and rights you have in relation to that processing. We ask you to read the document carefully and familiarise yourself with its contents.

Please note that this document concerns personal data for which Solid Insurance is the data controller. This means that we are responsible for the management and processing of your personal data. It also means that you should contact us with any questions or comments, or if you want to exercise any of the rights you have in relation to our handling of your personal data.

Collection of personal data

We may collect personal data about you from various sources, including directly from you, or from your employer or principal, for example in connection with a contract where you are listed as a contact person or an invoice where you are listed as an invoice reference. We may also collect other personal data about you from public sources such as databases and websites. If you contact our customer service, we may also record the telephone call.

Types of personal data processed

We process the following types of data:

Purpose and legal basis

Solid Insurance processes personal data to administer our contractual relationships, fulfil obligations under law (such as the Accounting Act, the Insurance Distribution Act, and the Insurance Contracts Act), maintain ongoing contact with our external business relations, prevent fraud, and for marketing our goods and services. We do this based on the legal grounds of contract preparation and administration (performance of a contract), legal obligation, and our legitimate interest.

Sharing of personal data within the Company is conducted for the purpose of streamlining and centralising Solid Insurance’s operations. The processing is based on our legitimate interest in being able to streamline administration and management within the Company and improve operational efficiency.

In exceptional cases, we may request your consent to process your personal data for a specific purpose. In such cases, processing is based on your prior consent.

Retention period

Solid Insurance retains personal data for as long as necessary to fulfil the purpose of the processing and provided that we have a legal basis for storing the data. For example, we may retain your data even if your position as a relevant contact person for our external business relation ceases, for the purpose of administering agreements with your employer (or former employer). It may also be necessary to retain data for accounting purposes (7 years).

Telephone calls recorded in connection with customer service contact are stored for three months.

Recipients

We may share your personal data with the following categories of recipients and for the purposes stated above:

Where your personal data is shared with companies that the Company cooperates with — e.g., companies working with invoice administration or IT and cloud services—we enter into data processing agreements that ensure your personal data is processed in accordance with this document.

Transfer of personal data to third countries

The Company aims to always process your personal data within the European Union (“EU”) / European Economic Area (“EEA”). In certain limited cases, the Company may transfer or share personal data with other parties such as suppliers or subcontractors where processing takes place outside the EU/EEA. In such cases, the Company is obliged to ensure that the transfer is made in accordance with applicable data protection legislation before the data is transferred, for example by ensuring that the country to which the data is transferred has been deemed to provide an adequate level of protection by the European Commission, or by ensuring that the transfer is covered by appropriate safeguards, such as standard contractual clauses adopted by the European Commission, which ensure that appropriate measures are taken to protect your rights and freedoms.

Via the following link, you can find information about countries outside the EU/EEA that the European Commission has deemed to offer an adequate level of data protection for the permissible transfer of personal data.

Your rights

You have the right to receive confirmation as to whether we process personal data concerning you, and if so, to access such personal data and information about the data and how we process it.

You have the right to have incorrect personal data concerning you corrected by us without undue delay. Taking into account the purpose of the processing, you also have the right in certain cases to have incomplete personal data completed.

You have the right in certain circumstances to have your personal data erased, e.g., if the personal data is no longer necessary for the purposes for which it was collected, or if the personal data has been processed unlawfully.

You have the right to request that we restrict the processing of your personal data in certain cases. For example, if you contest the accuracy of the data, you can request that we restrict processing while we verify the accuracy of the data.

You have the right to object to the processing of your personal data carried out based on Solid Insurance’s legitimate interest. If you do so, we must demonstrate compelling legitimate grounds that outweigh your interests, rights, and freedoms in order to continue the processing.

If we process your personal data based on your consent, you always have the right to withdraw that consent. If consent is withdrawn, Solid Insurance will cease all processing that is based on your consent.

You have the right in certain circumstances to obtain the personal data that you have provided to us and that relates to you in an electronic format that is commonly used. You also have the right to transfer such data to another data controller (data portability).

If you have concerns about how we process your personal data, you are welcome to contact us via the email address provided below. You also have the right to lodge a complaint with the Swedish Authority for Privacy Protection (IMY). Read more about complaints to IMY here.

Additions and amendments

We may make additions or amendments to this document. If we do, we will publish the updated version on our website. If that occurs, we ask that you carefully read the updated version.

How to exercise your rights and our contact details

To update, correct, or delete data we hold about you, or to exercise any of the rights described above, you are welcome to contact us in the following ways:

Phone: +46 (0)42-38 21 00
Email: dpo@solidab.se
Address: Solid Insurance, Box 22068, SE-250 22 Helsingborg

You can read more about the General Data Protection Regulation (GDPR) on the website of the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten, IMY) where you will also find IMY’s contact details: https://www.imy.se/.

Postal address: Solid Insurance, Box 22068, SE-250 22 Helsingborg
Visiting address: Landskronavägen 23, 252 32 Helsingborg
Switchboard: +46 (0)771–113 113
Email: kunder@solidab.se
Website: www.solidab.se
Corporate registration number: 516401–8482