Last updated: 12 August 2025
Mattsson Metal AB respects your privacy and always complies with applicable laws, including the EU General Data Protection Regulation (GDPR). This Privacy Policy explains how we collect, use, store, and protect your personal data.
1. Data Controller
Mattsson Metal AB (VAT. No. [SE556049035001) is the data controller for the processing of personal data described in this policy.
Address: Norvägen 6, 792 32 Mora (Box 415, 792 27 Mora)
Email: info@mmetal.se
Phone: +46 250 394 00
2. Personal Data We Collect
We may collect personal data in the following situations:
a) When you use our contact form on the website
- Name
- Email address
- Phone number
- Optional message
b) In business relationships with customers, suppliers, and employees
- Name, address, personal ID number, bank details, email address, phone number
- Contract, payment, and communication information
- For employees: trade union membership, sick leave, medical records, rehabilitation activities, next of kin details, etc. (processed internally only and not shared with unauthorized parties)
c) Technical data when visiting our website
- IP address
- Browser and device information
- Language preference (via GTranslate)
- Cookies and tracking technologies from third parties (e.g., Google reCAPTCHA) to protect the site from spam.
3. Purposes and Legal Basis
We process personal data for the following purposes:
- To respond to inquiries and provide our services (contract performance)
- To maintain business relationships with customers, suppliers, and partners (contract performance and legitimate interest)
- To fulfil legal obligations, such as accounting requirements (legal obligation)
- To protect the website against abuse (legitimate interest, security)
4. How We Collect and Store Data
- Contact form: Data is sent to our company email and also stored in Elementor Submissions on our web server.
- Email communication: Data sent by email is stored in our email systems.
- Internal storage: Personal data is stored in our internal systems for as long as necessary to fulfil the purpose and in accordance with statutory retention periods.
- Security: We take technical and organisational measures, including encryption, firewalls, and access controls.
5. Sharing of Data
We may share personal data with:
- Service providers delivering technical services (e.g., web hosting, email services, IT support)
- Authorities when required by law
- External services such as Google reCAPTCHA (to protect forms from spam)
6. Transfers Outside the EU/EEA
Some service providers (e.g., Google) may process data in countries outside the EU/EEA. In such cases, we ensure an adequate level of protection through standard contractual clauses or equivalent safeguards.
7. Data Retention
- Contact form submissions: retained for a maximum of 12 months unless further contact requires longer storage.
- Business documentation: retained for 7 years in accordance with accounting law.
- Employment-related information: retained according to labour law requirements.
8. Your Rights
You have the right to:
- Access your personal data (data subject access request)
- Request rectification of inaccurate information
- Request erasure (“right to be forgotten”) where legally possible
- Object to processing based on legitimate interest
- Request restriction of processing
- File a complaint with the Swedish Authority for Privacy Protection (IMY) or your local supervisory authority
9. Cookies and Third-Party Services
We use cookies and similar technologies to ensure the website works properly, improve performance, and protect it from spam and abuse. In the EU/EEA, non-essential cookies require your consent. At present, we only use essential and functionality cookies.
Types of cookies we use
- Strictly necessary cookies – Required for basic site functionality, such as page loading, form submission, and security.
- Functionality cookies – Used to remember your language preference and other settings to improve usability.
Services that may set cookies
- Google reCAPTCHA (Security & Anti-spam): Used in our contact form to protect against spam and abuse. Google may set cookies on
.google.comand/or.gstatic.com(e.g.,_GRECAPTCHA) and process technical data such as IP address, browser details, and usage patterns. Processing is subject to Google’s Privacy Policy and Terms of Service. - LiteSpeed Cache (Performance): May set technical cookies to optimise page delivery and maintain cache integrity. These do not track users across sites.
- Core WordPress & Elementor (Operation): May set essential cookies necessary for rendering and session handling (no advertising or cross-site tracking).
- GTranslate (Functionality): May store your chosen language (e.g., a cookie such as
googtrans) to improve usability.
Typical cookies used
| Cookie / Provider | Purpose | Type | Typical Expiry |
|---|---|---|---|
_GRECAPTCHA (google.com) | Spam/abuse protection for forms | Strictly necessary | Up to 6 months |
| Other reCAPTCHA cookies (google.com / gstatic.com) | Bot detection and security | Strictly necessary | Session to several months |
| LiteSpeed Cache cookies | Performance: caching and site delivery | Strictly necessary | Session to a few days |
googtrans (GTranslate) | Stores selected language | Functionality | Up to 1 year |
No analytics or marketing cookies
We do not currently use analytics, advertising, or tracking cookies for marketing purposes. If this changes, we will update this Privacy Policy and obtain consent where required.
Managing cookies
You can manage or delete cookies in your browser settings. Please note that blocking strictly necessary cookies may affect site functionality (e.g., form submission, page loading).
10. Contact
For questions about this Privacy Policy or our processing of personal data:
Email: info@mmetal.se
Phone: +46 250 394 00
Address: Norvägen 6, 792 32 Mora