MTG Corporate Website Privacy Policy

Modern Times Group MTG AB, 556309-9158, Skeppsbron 18, Box 2094, 111 30 Stockholm, Sweden (MTG, we, us or our) is the data controller in respect to your personal data and is committed to protecting and respecting your privacy and personal integrity when you use mtg.com (our Service). This Privacy Policy will help you understand what personal data we collect through this Service, why it is collected and how we use it. It will also clarify how you can exercise your rights when you trust us to handle your personal data.

Modern Times Group MTG AB, 556309-9158, Skeppsbron 18, Box 2094, 111 30 Stockholm, Sweden (“MTG” or “we”) is the controller in respect to your personal data and is committed to protecting and respecting your privacy and personal integrity when you use mtg.com (our “Service”). This Privacy Policy will help you understand what personal data we collect through this Service, why it is collected and how we use it. It will also clarify how you can exercise your rights when you trust us to handle your personal data.
We ask that you take a moment to read this Privacy Policy carefully and familiarise yourself with its contents. If you have any questions, you are welcome to contact us using the contact information provided at the end of this Privacy Policy.
Please note that this Service may contain links to and from websites held by our affiliated brands and products. If you follow a link to any of these websites or use third party services, you should be aware that they have their own privacy policies and that we do not assume any liability for their processing of your personal data. Please read their privacy policies before providing your personal data to them.

What can the legal bases for the use of your data be?

As a controller we need a legal basis to process your data lawfully, according to Art. 6 para. 1 General Data Protection Regulation (“GDPR”). If:

  • you have given your consent to the processing of your personal data for one or more specific purposes, this forms a legal basis according to Art. 6 para. 1 let. a) GDPR;
  • the processing is necessary for the performance of a contract between you and us or in order to take steps at your request prior to entering into a contract, the legal basis for this is Art. 6 para. 1 let. b) GDPR;
  • the processing is necessary for compliance with a legal obligation to which we are subject, the legal basis for this is Art. 6 para. 1 let. c) GDPR;

the processing is necessary to protect our legitimate interests or legitimate interests of a third party and such legitimate interests are not outweighed by your interests or fundamental rights and freedoms, the legal basis for this is Art. 6 para. 1 let. f) GDPR.

Is it mandatory to provide personal data?

When you visit our website, we collect certain data of yours that is required to display the website in your browser, especially your IP address. We process this data based on our legitimate interest to offer you a functioning website (legal basis: Art. 6 para. 1 let. f) GDPR).

When you subscribe to MTG’s press releases and reports using our Service, we collect personal data about you, based on your consent, to facilitate the automatic delivery of regulatory and general press releases to your email inbox once they are published on our Service (legal basis: Art. 6 para. 1 let. a) GDPR). The personal data that you actively provide to us in this case is your e-mail address. You can unsubscribe from our Service’s communications at any time by using the unsubscribe link at the bottom of the email you received from us when subscribing, or by contacting communications@mtg.com.

If we communicate with you via email or mail, we process all personal data you disclose to us during our conversation (e.g., you name, email address, the reason why you are contacting us etc.). Depending on the specific conversation with you, the personal data can either be processed in order to take steps at your request prior to entering into a contract with us or to perform a contract you have concluded with us (legal basis: Art. 6 para. 1 let. b) GDPR). Also, the processing can be necessary for us to comply with legal documentation obligations (legal basis: Art. 6 para. 1 let. c) GDPR). Also, the processing can be necessary for the purposes of our legitimate interest to respond to mails of yours when you contact us and are not our contractual partner as well as to have proof regarding substantial content of our conversation, including but not limited to cases of potential legal claims on our or your side (legal basis: Art. 6 para. 1 let. f) GDPR).

When you contact us to make use of your data subject rights (see above), we process certain personal data of yours (e.g., your name, email address and any additional information you provide us in your request). The personal data of your request is processed for the purpose of answering your request as well as the purpose of proving our compliance with the GDPR by helping you as data subject exercise your rights set out in the GDPR (legal basis: Art. 6 para. 1 let. c) in connection with Art. 12 GDPR). This is also a legitimate interest of ours (legal basis: Art. 6 para 1 let. f) GDPR).

We may also collect other information regarding your use of our Services through cookies and similar technologies. You can find out more about this in our COOKIE POLICY.

We do not process your data with means of automated decision-making (e.g., profiling).

With whom might we share personal data?

Third parties for security or other legitimate reasons:
We may also disclose your personal data to third parties if we reasonably believe that disclosure of such personal data is necessary:

• to comply with valid legal obligations including subpoenas, court orders, governmental requests or search warrants, and as otherwise authorized by law (legal basis: Art. 6 para. 1 let. c) GDPR);

• to protect our rights or property, or the safety of our customers or employees (legal basis: Art. 6 para. 1 let. f) GDPR);

• to protect against fraudulent, malicious, abusive, unauthorized or unlawful use of or subscription to our Services and to protect our network, Services, devices and users from such use (legal basis: Art. 6 para. 1 let. f) GDPR);

• to advance or defend against complaints or legal claims in court, administrative proceedings and elsewhere (legal basis: Art. 6 para. 1 let. f) GDPR);

• as part of mergers & acquisitions, provided that the prospective buyer or seller agree to respect your personal data in a manner consistent with our Privacy Policy (legal basis: Art. 6 para. 1 let. f) GDPR);

• to outside auditors and regulators (legal basis: Art. 6 para. 1 let. f) GDPR).

Third party suppliers:
We may use third party suppliers to perform services for us, such as infrastructure and IT services (including but not limited to data storage), customer services, customer inquiry processing and other statistical analyses. In the performance of these services, third party suppliers may have access to your personal data but are only authorized to process it strictly on our behalf and in accordance with our instructions.

Where do we process personal data?

We will only keep your personal data we have received for your subscription until you withdraw your consent, after which we will securely delete or in some cases anonymise your personal data. Data required to provide a functioning website is stored for as long as it is necessary to deliver the website successfully and help us effectively determine malfunctions of it.

The data we receive from you when communicating via email or mail with you is stored at least for the time until our contract with you is fully performed. If the data has been stored in order to take steps at your request prior to entering into a contract with us, we will store the data for as long as reasons objectively exist to believe that the respective conversation will be continued within the foreseeable future. Apart from this, your data can be stored according to statutory storage periods, should such laws apply to the respective data as well as the applicable limitation period, so that we can sufficiently defend ourselves against claims.

The data of your data subject request is stored for the statutory limitation period plus one month starting with the end of the year in which you made your request.

How long do we keep personal data?

We will only keep your personal data we have received for your subscription until you withdraw your consent, after which we will securely delete or in some cases anonymise your personal data. Data required to provide a functioning website is stored in log files for 7-14 days so we can deliver the website successfully and effectively determine and react to malfunctions of it.

The data we receive from you when communicating via email or mail with you is stored at least for the time until our contract with you is fully performed. If the data has been stored in order to take steps at your request prior to entering into a contract with us, we will store the data for as long as reasons objectively exist to believe that the respective conversation will be continued within the foreseeable future. Apart from this, your data can be stored according to statutory storage periods, should such laws apply to the respective data as well as the applicable limitation period, so that we can sufficiently defend ourselves against claims.

The data of your data subject request is stored for the statutory limitation period plus one month starting with the end of the year in which you made your request.

How do we protect personal data?

Safeguarding your personal data is a priority for us. Any personal data that you provide to us is stored on secure servers, and we use rigorous procedures to protect against loss, misuse, unauthorized access, alteration, disclosure or destruction of your personal data.

Although we work hard to protect your personal data, we cannot guarantee that our safeguards will prevent every unauthorized attempt to access, use or disclose personal data. However, in the event of a physical or technical incident, we maintain security and incident response plans to handle such incidents in a timely manner and limit any negative effect of such incidents.

What rights do you have?

Under the GDPR you have certain rights concerning the processing of personal data by us. According to the GDPR you have the following rights:

  • Right of information: You have the right to be provided information regarding the processing of your personal data by us, in accordance with Art. 13 and 14 GDPR.
  • Right of access: You have the right to obtain confirmation as to whether or not we are processing your personal data and, if this should be the case, access to the personal data, in accordance with Art. 15 GDPR.
  • Right to rectification: You have the right to obtain rectification of inaccurate or incomplete personal data concerning you, in accordance with Art. 16 GDPR.
  • Right to erasure (“right to be forgotten”): Under certain circumstances you have the right to obtain the erasure of personal data concerning you, in accordance with Art. 17 GDPR.
  • Right to restriction: Under certain circumstances you have the right to obtain the restriction of processing, in accordance with Art. 18 GDPR.
  • Right to data portability: Under certain circumstances you have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and the right to transmit this data to another controller, in accordance with Art. 20 GDPR.
  • Right to object: Under certain circumstances you have the right to object to the processing of personal data concerning you, in accordance with Art. 21 GDPR. This includes but is not limited to the right to object in cases in which we process your personal data on the legal basis of Art. 6 para. 1 let. f) GDPR.
  • Right to lodge a complaint: You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of the EU of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR, as set out in Art. 77 GDPR.
  • Right to withdraw consent: If a processing of your personal data is based on your consent as set out in Art. 6 para. 1 let. a) GDPR or Art. 9 para. 2 let. a) GDPR, you have the right to withdraw your consent at any time, in accordance with Art. 7 para. 3 GDPR. Such withdrawal does not affect the lawfulness of processing based on consent before its withdrawal.
  • Right to not be subject to a decision based solely on automated processing: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, as set out in Art. 22 para 1 GDPR.

Please contact us using the contact details provided below to make a request in respect of your rights. We will use commercially reasonable efforts to respond to your request within 30 days of receiving such a request. If we cannot answer your request within the 30-day period, we will let you know the reasons why and when we expect to be able to fulfil your request.

Contact

As a subscriber to press releases and reports from MTG, you can unsubscribe at any time by using the Unsubscribe link at the bottom of the email you received when subscribing, or by contacting communications@mtg.com.

If you have any questions regarding this Privacy Policy, data protection or if you want to exercise your rights mentioned above, you can at any time contact us at privacy@mtg.com.

Last Updated: January 22, 2021