Privacy policy
Chez STHLM Catering AB
Effective Date:01.01.26
Chez STHLM respects your privacy and processes personal data in accordance with the EU General Data Protection Regulation (GDPR).
1. Data Controller
Chez STHLM Catering AB
Org.nr: 559529-0239
Email: info@chezsthlm.se
2. What Data We Collect
We may collect:
-
Name
-
Email address
-
Phone number
-
Billing address
-
Company details
-
Dietary requirements
-
Event details
-
Payment information
-
Website usage data
3. Why We Process Data
We process personal data to:
-
Provide catering and event services
-
Manage bookings and contracts
-
Issue invoices
-
Communicate regarding events
-
Comply with legal and accounting obligations
-
Improve our services
-
Send marketing communications (if consented)
4. Legal Basis for Processing
We process data based on:
-
Contractual necessity
-
Legal obligation
-
Legitimate interest
-
Consent (for marketing)
5. Data Retention
We retain data only as long as necessary:
-
Accounting data: 7 years (Swedish law)
-
Marketing consent: Until withdrawn
-
Event records: As long as commercially relevant
6. Data Sharing
We may share data with:
-
Accounting providers
-
Payment processors
-
Event partners and suppliers
-
IT and hosting providers
All third parties process data under GDPR-compliant agreements.
We do not sell personal data.
7. Your Rights
Under GDPR, you have the right to:
-
Access your data
-
Correct inaccurate data
-
Request deletion
-
Restrict processing
-
Object to processing
-
Data portability
-
Withdraw consent
Requests may be sent to info@chezsthlm.se.
8. Data Security
We implement technical and organisational safeguards to protect personal data.
9. Complaints
You have the right to lodge a complaint with the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten).
-
ng.