Privacy Policy

Introduction and who we are

This privacy policy will help you understand how we may collect and use your personal information. This policy also describes your rights and how you can use your rights. You can easily contact Medius if you have any questions related to this policy.

References to "Medius" on this site should be considered as references to Medius AB and all of its subsidiaries and affiliates.

Medius AB is considered Data Controller of your personal data. Medius AB is a Swedish limited company with registration number 556616-3654, registered office and address at Platensgatan 8, 582 20 Linköping and email

What personal data do we process and from whom is such data collected?

On Medius’ websites you can register to access educational content, subscribe to our newsletters, sign up to our events and fill in a contact request. The type of personal data that Medius processes about you may be:

  • Your contact details such as name, address, telephone number and email address
  • Your job title, position including preferences and interests in a professional context
  • Website traffic information as provided by your web browser such as browser type, language and the address of the referring website and other traffic information such as IP address
  • Website visitor behavior such as which links you click and when  

In general, Medius collects personal data directly from you when you register on our sites or fill out a form. We may also, with your consent, use cookies and other tracking technology when you use our websites in order to optimize your experience of these. Please see our cookie policy for more information:

We may also collect information about you from other sources, including publicly available databases or third parties from whom we have purchased data or to whom you have provided your data, and combine this data with information we already have about you. We may also receive information from other affiliated companies that are a part of our corporate group. This helps us to update, expand and analyze our records, identify new prospects for marketing, and provide information about our products and services that may be of interest to you.

How we use the information we collect and receive

Your personal data may be saved and processed by Medius for the following purposes:

  • In order to answer a contact request or to send you educational content, newsletters or invitations for seminars and similar events to you. Accordingly, if you do not provide the requested personal information, Medius will not be able to respond to a contact request or to send you any newsletters or invitations and information.
  • For marketing and market research, as well as basis for Medius’ market and customer analyses, business and product development, and statistics
  • To personalize your experience (your information helps us to better respond to your individual needs)
  • To improve our websites (we continually strive to improve our websites offerings based on the information and feedback we receive from you)

Purpose and lawful basis for the processing

In accordance with Medius’ assessment, the processing is necessary for the purposes of Medius' legitimate interest in answering a contact request, and administering newsletters, information and invitations to you in accordance with your wishes to be contacted or to receive requested information, respectively.

In addition, Medius’ processing of your personal data for marketing purposes, for market research, for market and customer analysis, business and product development and statistics, is based on a legitimate interest. According to Medius’ assessment, the processing is necessary for Medius' legitimate interest to market its products and services, and to analyze and develop its business and operations.

How long do we store your personal data?

In general, Medius will only retain your personal data for as long as necessary for the stated purpose, while also taking into account our need to answer queries or resolve problems and to comply with legal requirements under applicable law. This means that we may retain your personal data for a reasonable period after your last interaction with us (normally for a period of three calendar years from your last interaction with us). When the personal data that we collect is no longer required in this way, we destroy or delete it in a secure manner.

Personal data provided in connection with newsletter subscriptions, event registrations or information requests are stored by Medius until you unsubscribe from the applicable service. However, if you unsubscribe, Medius will continue to process your personal data to the extent necessary to ensure by technical means that no further posting of newsletters, event invitations, educational information and similar are sent to you. If Medius does not save your personal data in this respect, Medius will not be able to ensure that no further newsletters, invitations or information will be sent to you. The continued processing of your personal data is, according to Medius' assessment, necessary for the purposes of Medius’ legitimate interest in preventing sending of newsletters, information and invitations to you in accordance with your expressed desire.

Your rights

You have the right to request a confirmation from Medius as to whether or not personal data concerning you are being processed and, where that is the case, obtain access to your personal data. You also have the right to request that Medius corrects any inaccuracies in your personal data and that Medius shall erase your personal data or restrict the processing of your personal data. You further have the right, at any time, to object to Medius’ processing of your personal data if you believe that Medius has no legitimate interest in processing the personal data or to the use of your personal data for the purposes of direct marketing. You are finally entitled to lodge a complaint regarding Medius’ processing of your personal data with a supervisory authority. You can contact Medius for more information about these rights.

How do we share your personal data?

Ensuring your privacy is important to Medius. We do not share your personal data with third parties except as described in this privacy policy. We may share your personal data with:

  • Third party service providers (for example to partners that are administrating webinars or websites on behalf of Medius);
  • Business partners;
  • Affiliated companies within our corporate structure; and
  • As needed for legal purposes (for example to authorities in accordance with applicable laws and regulations).

Medius may also share your personal data in connection with mergers, acquisitions or divestiture of all or parts of Medius’ business, where the acquiring entity as well as its consultants and Medius’ own consultants may obtain access to data managed by Medius. When sharing your personal data with third parties we take appropriate technical, organizational and legal measures in accordance with applicable data protection legislation. When required by applicable law, Medius has established Data Processing Addendums with any third party with which your personal data is shared.

Export of personal data

For personal data collected within EES, the personal data collected is generally processed within EEA. In cases where Medius exports your personal data outside the EEA, such export is based either on a decision by the EU Commission that the third country in question ensures an adequate level of protection, or on appropriate safeguards to ensure that your rights are protected. Examples of appropriate protection measures are approved code of conduct in the recipient country, standard contract clauses, binding company internal rules or Privacy Shield.

Specifics about e-mails

In cases where an e-mail sent to or from Medius contains personal data, Medius’ receipt/dispatch and further processing of such e-mail means that we process personal data. E-mails almost always contain personal data because the e-mail address itself is usually considered as personal data. The e-mail may also contain other information that is considered as personal data. When Medius sends e-mails, we either do so to communicate with the recipient (e.g. to reply to an e-mail from him/her or to ask a question), or to inform the recipient of something.  

The content of incoming e-mail is usually unknown when the email is received by Medius. When that is the case, the personal data contained in the e-mail is processed by Medius for the purpose of receiving and reading the e-mail to assess if the e-mail shall be deleted or if Medius shall take action. For e-mails sent from Medius, similar considerations are made in connection with dispatch of the e-mails. 

If Medius, after receipt of an incoming e-mail, or in connection with sending an outgoing e-mail, considers that the e-mail should not be deleted, and that further processing is necessary, Medius will on a case-by-case basis decide the legal basis, means and period for the processing. The legal basis for the processing of e-mails depends among other things on the content of the e-mail and whether Medius has any relationship with the recipient/sender. If an email received by Medius contains personal data about a third-party individual, Medius will inform such individual that Medius processes personal data about him/her, provided (i) the identity of the individual is clear and (ii) the provision of such information proves impossible or would involve a disproportionate effort for Medius. 

If Medius upon receipt/dispatch of an e-mail, determines that the e-mail shall be deleted, deletion will be made within a reasonable time after receipt/dispatch.  If Medius determines that further actions will be taken, it depends on the content of the e-mail, as well as the continued processing and purpose of the same, how long the e-mail, including the personal data, will be kept by Medius


Medius takes security seriously. We take various steps to protect information you provide to us from loss, misuse, and unauthorized access or disclosure. These steps take into account the sensitivity of the information we collect, process and store, and the current state of technology.

Changes to this privacy policy

This policy was last updated on 13 April 2018. We may change this policy from time to time and if we do we will post any changes on this page. If you continue to interact with us after those changes are in effect, you are agreeing to the revised policy. You can see previous versions of our privacy policy here.