MH Innovation & Research

Privacy Policy

At MH Innovation & Research AB, your privacy matters. This Privacy Policy explains how we collect, use, and protect your personal data, in full compliance with the EU General Data Protection Regulation (EU) 2016/679 (“GDPR”) and Swedish Data Protection Act (2018:218) (Dataskyddslagen).

Data Controller +

MH Innovation & Research AB, based in Mariestad, Sweden.

Email:

What Data We Collect +

We may collect and process the following personal data:

  • Contact details (name, email address, phone number)
  • Company and professional information (billing details)
Legal Basis for Processing +

We process your personal data based on:

  • Consent (using the contact form)
  • Contractual necessity (entering into or performing a contract)
  • Legitimate interests (e.g., recieve/read/respond/store emails)
  • Compliance with legal obligations
How We Use Your Data +

Your personal data may be used for:

  • Communicating with clients and partners
  • Managing contracts and agreements
  • Legal compliance and regulatory reporting
Data Sharing +
  • We do not sell personal data.
  • Data may be shared with trusted service providers (e.g., billing/accounting platforms, email providers, IT providers) under GDPR‑compliant data processing agreements.
  • If data is transferred outside the EU/EEA, we ensure appropriate safeguards (e.g., Standard Contractual Clauses).
Data Retention +
  • Personal data is retained only as long as necessary for the purposes stated.
  • Customer and contractual data may be stored up to 7 years to comply with accounting rules.
Your Rights +

Under GDPR and the Swedish Data Protection Act, you have the following rights:

  • Right to information – to be informed when your personal data is collected or processed, including details about the controller, lawful basis, and purpose.
  • Right of access – to know whether your personal data is being processed and to receive a copy of that data.
  • Right to rectification – to correct inaccurate or incomplete personal data.
  • Right to erasure (“right to be forgotten”) – to request deletion of personal data under certain conditions.
  • Right to restriction of processing – to limit how your personal data is used, for example while accuracy is being verified.
  • Right to data portability – to receive your personal data in a structured, machine‑readable format and transfer it to another controller.
  • Right to object – to object to processing based on legitimate interests, public tasks, or direct marketing.
  • Rights related to automated decision‑making and profiling – to not be subject to decisions based solely on automated processing that have legal or similarly significant effects.

Note: Some of these rights may not apply in practice (for example, we do not use automated decision‑making), but they are listed here in full to ensure transparency.

You can exercise your rights by contacting us via email at or using the contact form. You are also welcome to use the same means of contact for questions specifically related to data protection.

Supervisory Authority +

The Swedish Authority for Privacy Protection (IMY) is the supervisory authority where you can submit complaints.

About Cloudflare Turnstile +

This website is protected by Cloudflare Turnstile and is subject to Cloudflare's privacy policy and terms of service.

Updates to This Policy +

We may update this Privacy Policy from time to time.
Changes will be published on our website with a revised effective date.