Personal Data Policy

You should always be able to feel safe when you give us your personal data. With this personal data policy, we want to show how we ensure your personal data is processed in accordance with current personal data legislation.

Personal data officer and data protection officer
Cirkör Ltd, business identity code 556557-4349 and Cirkus Cirkör Non-Profit organisation, 802401-3248, Rotemannavägen 10, 145 57 Norsborg, Sweden, +46 8- 531 998 30,
email: Data protection officer: Ernesto León Mondragón.


What is personal data?
Personal data is all manner of information that can be directly or indirectly connected to a living person. Examples of personal data are photographs, names, personal identity numbers, postal addresses and email addresses.

What personal data does Cirkus Cirkör process?
The personal data we process depends on your relationship with us. Below, we describe the most common categories of personal data that we proces.

  • Employees/self-employed contractors
    First and last names, personal identity number, postal address, telephone number, email address, bank details, CV, whether the person holds a driving license.
  • Contractors for Cirkör Ltd
    Name of contact, telephone number, email address.
  • Course participants and drop-in attendees
    First and last names, personal identity number, postal address, telephone number, email address, details about diet/allergies, which courses the person has attended.
  • Newsletter subscribers
    First and last names, email address.
  • Organisers/clients
    Name of contact, position held, telephone number, email address.
  • Collaborators
    Name of contact, positions held, telephone number, email address.
  • Suppliers
    Name of contact, position held, telephone number, email address.
  • Donors
    Name of contact, position held, telephone number, email address.
  • Journalists/bloggers/influencers/media representatives
    Name of contact, position held, email address.
  • Photo permit
    Special written consent (photo permit).

Legal grounds and goals for processing
Cirkus Cirkör process personal data for several different purposes. The main objectives are that we want to be able to:

  • Manage course bookings and communicate with course participants, organisers and clients.
  • Plan, sell and put on performances, workshops, events and other functions.
  • Document, evaluate, develop and promote our activities.
  • Fulfil our obligations in our roles as collaborators and societal stakeholders.


Fulfilling a legal duty
For example: For employees and contractors, we must process certain personal data to comply with tax legislation and accounting laws.

Fulfilling contracts
For example: For organisers and clients, we need to process personal data in order to communicate, deliver and issue invoices for what has been ordered. For course participants, we need to process personal data to give information, check attendance, keep statistical records and to take out insurance.

Legitimate interest/specific interest, weighing up of interests/academic interest
For example: We analyse statistics from training to manage, plan and develop our course activities. For research purposes regarding the development of Cirkus Cirkör, we also process certain personal data. We send offers to our members as we deem our interest to inform and promote our activities outweighs our members’ interest to not be subjected to marketing.

For example: When you sign up to receive one of our newsletters, you consent to us processing your personal data. Regarding photography with the aim of marketing or documenting Cirkör’s activities, we ask for written consent. This occurs in conjunction with the taking of photos. For children under the age of 16, their legal guardian should sign the consent form.

Storage periods
To protect your personal data, Cirkus Cirkör continuously work to maintain and improve a number of security measures. This regards the protection of documents and records (on paper) which contain personal data, protection of information against breaches of IT-systems and organisational protection (for instance, that only the people who need the personal data in their work have access to it.) We store personal data as long as it is necessary to fulfil the aims described above.

  • Newsletter subscribers
    Receive an email every three years with information about how to deregister, request extracts from the register, change their information and delete it. All of this can of course be done at any time.
  • Members and course participants
    Personal data is stored for 18 months after the completion of a course. It is also possible to get in touch prior to this and have your child’s or your own personal data removed from the booking system, provided the participant has completed the course.
  • Employees and contractors
    For people who have been or are employed by us, personal data is stored for as long as is legally required.
  • People who have expressed an interest in working at Cirkus Cirkör
    Receive an email every three years, asking whether they are still interested in remaining in the Cirkus Cirkör personal data registry. The email contains information about how to deregister, ask for an extract from the register, change one’s information or delete it. All of this can of course be done at any time.
  • Website visitors
    You have to approve installation of cookies on your computer. You can always delete cookies. Read more here: cookie info

Cirkus Cirkör never sell personal data to third parties. Cirkus Cirkör can however give your personal data to the following categories of recipients:

  • Authorities
    Cirkus Cirkör give necessary personal data to authorities in the event that we are legally obliged to do so.
  • Organisations with collective agreements
    Cirkus Cirkör is a place of work with collective agreements and gives personal data to the insurance companies that manage the agreed workplace and pension insurances.
  • Payroll administrator
    An external contractor delivers Cirkus Cirkör’s payroll processing programme, and the contractor and Cirkus Cirkör have entered into an agreement about personal data assistance.
  • Member and course booking system
    An external contractor delivers Cirkus Cirkör’s member and course booking system, and the contractor and Cirkus Cirkör have entered into an agreement about personal data assistance.
  • Insurance companies for training insurance
    Cirkus Cirkör takes out individual training insurance for some of our courses, at present the Parkour, Acrobatics and Cirkör courses. The personal data of the participants in these courses is given to the insurance company Pensum.
  • Employers/collaborators/the media
    After consent has been given from performers/teachers, Cirkus Cirkör may give their names and phone numbers to employers/collaborators/the media for information, marketing and media contacts.

In accordance with the data protection regulation, you have, as someone in our register, a number of rights vis-à-vis Cirkus Cirkör.

The right to access your personal data
You have the right to receive confirmation whether Cirkus Cirkör is processing your personal data, and in that case, the right to receive an extract of the relevant information.

The right to rectification
Cirkus Cirkör’s aim is that all the information we process should be correct. If you discover that there are errors in your data, you can request that we correct them. We will then rectify any mistakes.

The right of data portability
If you would like your personal data from Cirkus Cirkör in order to use it elsewhere, you are entitled to receive it in a structured, commonly used and computer readable format and transfer it to another personal data officer. This requires that the transfer is technically feasible and can be undertaken with reasonable efforts on Cirkus Cirkör’s part. In almost every case, it will be easier for you to furnish the other party with your personal data yourself. This right is limited to information processed with your consent or to fulfil an agreement with you and only regards the data you yourself have provided.

The right to restricted processing
If you would like Cirkus Cirkör to process your personal data only in restricted ways, you can request that the processing be limited. We will then mark the data to ensure it does not become subject to further processing and that it cannot be altered.

The right of deletion
If you would like us to stop processing your personal data, you can – in some cases – request its deletion. We will then delete all information that can be linked to you personally. When the deletion is complete, you will receive confirmation via email and after this, we will also delete the email we sent you.

If you believe we are at fault
If you feel that Cirkus Cirkör is processing your personal data in breach of current legislation or that we have handled a request from you in an erroneous way when you attempted to exercise the rights detailed above, you can report this to The Data Inspection Board.