Shareholder’s personal data

Processing of shareholders’ personal data

As a shareholder in INVISIO AB (publ), we process personal data related to you. INVISIO AB is a part of the INVISIO Group, which consists of INVISIO AB, INVISIO A/S, INVISIO Inc., INVISIO SAS, INVISIO Communications Ltd., and INVISIO Srl, collectively referred to as the 'INVISIO Group'. INVISIO Group acts as a Joint Data Controller when processing your personal data.

As the INVISIO Group is subject to the General Data Protection Regulation (EU) 2016/679 ("EU GDPR") & the UK General Data Protection Regulation (“UK GDPR”) and Data Protection Act 2018, you are entitled to be informed about the personal data that the INVISIO Group processes regarding you and your rights under the regulation.

 

Contact Information

For general, EU & U.S. data protection matters:

INVISIO Group, c/o INVISIO A/S
Stamholmen 157
2650 Hvidovre
Denmark
Phone +45 7240 5500

Email: privacy@invisio.com

For UK-specific matters:

INVISIO Communications Ltd.
Unit 3/4 Waverley Industrial Park
Hailsham Drive
Harrow HA1 4TR
United Kingdom

Phone +44(0)20 8515 6200
Email: uk@invisio.com
 

Share register
Euroclear Sweden AB (”Euroclear”) is responsible for keeping the share register of INVISIO AB and is the controller of the processing of personal data that occur in connection with such assignment. If you would like to know more about how Euroclear processes your personal data, we kindly ask you to contact Euroclear.

 

What personal data is processed and for what purposes?
The personal data relating to you as a shareholder that are processed by INVISIO Group include:

Name, personal identity number and contact details.

Information regarding your shareholding (number of shares and any notes/information to be linked to that shareholding according to law).

Data from any communication between you and INVISIO Group, including data in minutes of board meetings and general meetings.

In connection with general meetings the personal data are used for registration, drawing up of voting lists and, where applicable, minutes of the general meeting.

On what legal basis do we process your personal data?
The personal data are processed by INVISIO Group to fulfill its obligations under law, including company, securities, and tax legislation and INVISIO Group’s legitimate interest of convening general meetings and administrating other matters relating to the shareholders of the company.

Our processing of your personal data is in accordance with the General Data Protection Regulation (GDPR) and UK GDPR, Article 6.1.f (legitimate interests).

We only process your personal data for the purpose for which we collected such data. Should we need to process your personal data for any other purpose or a purpose which requires your consent under data protection legislation, we will inform you of such purpose respectively obtain your consent in advance.

 

How long do we store your personal data?
Personal data is only stored for as long as it is necessary to fulfill the purpose of the processing or if the INVISIO Group is required to store such data by law. The data is deleted when you cease to be a shareholder in INVISIO AB. However, as mentioned, certain data is stored for a longer period when required by law, including company, securities, and tax legislation.

 

To whom do we disclose your personal data?
The personal data you provide may be shared with entities within the INVISIO Group as well as with our data processors based on data processor agreements, such as suppliers, business partners, and vendors with whom we collaborate to support our business operations.

Your personal data may also be shared with a third party if required by law, regulations, or an official decision by a relevant authority.

Personal data, such as names and other information included in minutes of board meetings and general meetings, may be published on INVISIO’s website.

 

Transfer of data 
Your personal data may be shared within the INVISIO Group and with trusted third-party service providers under binding data processing agreements.

Transfers may occur:

• Between the EU and the UK (covered by an EU adequacy decision).
• With third countries such as the United States.
• Where no adequacy decision applies, we implement appropriate safeguards such as:
• Standard Contractual Clauses (SCCs) or the UK International Data Transfer Agreement (IDTA).
• Supplementary technical and contractual measures.
• Where applicable, reliance on the EU-U.S. Data Privacy Framework and UK Extension.

 

Your Rights

As an EU data subject, you have fundamental rights regarding your personal data. INVISIO Group is committed to facilitating the exercise of these rights and assisting you when you make inquiries. These rights include (but are not limited to):

• Right to Access: You have the right to request and receive a copy of your personal data held by INVISIO Group.
• Right to Rectification: You can request corrections to inaccurate or incomplete personal data.
• Right to Erasure (Right to Be Forgotten): You have the right to request the deletion of your personal data under certain circumstances.
• Right to Restriction of Processing: You can request the temporary restriction of your data's processing in specific situations.
• Right to Object: You can object to the processing of your personal data for direct marketing or legitimate interests.
• Right to Withdraw Consent: If processing is based on your consent, you have the right to withdraw it at any time.
• Right to File a Complaint: You can file a complaint with a supervisory authority if you believe your data rights have been violated.
   

Exercising Your Rights
If you want to exercise your rights as a data subject, you can contact INVISIO Group at tel. +45 7240 5500 / privacy@invisio.com or INVISIO Communications Ltd. at tel. +44 (0) 20 8515 6200 / uk@invisio.com

Filing a Complaint
If you are not satisfied with how INVISIO Group uses your personal data, you have the right to report this to the Danish Data Protection Agency, which is the supervisory authority responsible for overseeing INVISIO Group's processing of personal data. You can submit your complaint to:

EU/EEA Residents:

Danish Data Protection Agency
Carl Jacobsens Vej 35
2500 Valby
Denmark

Tel.:  +45 3319 3200
Email: dt@datatilsynet.dk

Web: www.datatilsynet.dk

 

UK Residents:

Information Access Team
Information Commissioner’s Office (ICO)
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Phone: +44 (0)303 123 1113
United Kingdom

Web: www.ico.org.uk

You may also file complaints to:

Swedish Authority for Privacy Protection (IMY)
Box 8114
104 20 Stockholm
Sweden

Tel.: +46 (0)8 657 61 00
Email: imy@imy.se

Web: www.imy.se

 

Data Security
At INVISIO Group, we take your personal data seriously. We work hard to keep it safe by making sure it stays confidential, stays accurate, and is always available when needed. We use strong security measures and follow industry standards to protect your information from unauthorized access, interference, and any disruptions.

 

Changes in the Privacy Policy
INVISIO's Privacy Policy may be amended periodically. This policy was last updated in August 2025.