Privacy Policy

Privacy Policy

Gehrmans Musikförlag AB values your privacy. This policy describes how we collect and process personal data when you use www.gehrmans.se, make purchases through our Shopify-based online store, contact us, enter into agreements, or engage with us as a customer, composer, or business partner. We comply with applicable data protection legislation, including the EU General Data Protection Regulation (GDPR).`

1. Data Controller

Gehrmans Musikförlag AB
Company registration number: 556597-3103
PO Box 42026
SE-126 12 Stockholm
Sweden

E-mail: info@gehrmans.se
Telephone: +46 (0)8 610 06 00

Gehrmans Musikförlag AB is the data controller responsible for the processing of personal data under this policy.

2. What personal data we process

We process personal data that you provide directly to us, data that is collected automatically when you use our services, and information received from our partners and service providers.

2.1 Personal data you provide directly

We may process personal data when you, for example:

  • Make a purchase
  • Create a customer account
  • Contact us via e-mail, telephone, or contact forms
  • Enter into agreements (for example, licence or copyright agreements)
  • Subscribe to newsletters
  • Participate in events or training courses


Depending on the context, we may process the following categories of personal data:

  • Name
  • Address
  • E-mail address
  • Telephone number
  • Delivery and billing address
  • Payment information (processed by our payment providers)
  • Order and transaction information
  • Personal identification number (only where required by law, for example for invoicing)
  • Data relating to agreements and collaborations
  • Correspondence and customer service records

2.2 Automatically collected data

When you visit and use our website and services, certain data may be collected automatically through Shopify and technical tools, including:

  • IP address
  • Device type and browser
  • Pages visited
  • Time and date of your visit
  • Cookies and similar technologies

This data is used to ensure the technical functionality of the website, improve user experience, analyse usage patterns, and prevent fraud.

2.3 Data from third parties

Through integrated services and partners, we may receive personal data such as:

  • Payment information
  • Logistics and delivery data
  • Analytics and statistical data
  • Support and communication data

All third-party services process personal data in accordance with data processing agreements and applicable data protection legislation.

3. Why we process personal data

3.1 To fulfill agreements

We process personal data in order to fulfil agreements entered into with you, for example to:

  • Handle orders and deliveries
  • Process payments
  • Provide customer service
  • Handle complaints
  • Administer copyright and licence agreements
  • Manage collaborations with composers, schools, and partners

3.2 To comply with legal requirements

We process personal data where required to comply with legal obligations, including:

  • Accounting
  • Tax legislation
  • Consumer protection legislation
  • Contract documentation and record keeping

3.3 For marketing and communication purposes

We may process personal data for communication and marketing purposes, for example to:

  • Send newsletters
  • Inform about new releases
  • Invite you to events, concerts, or educational activities

You may unsubscribe from marketing communications at any time.

3.4 To improve our services

We also process personal data in order to develop and improve our website and services, for example through:

  • Analysis of visitor behavior
  • Troubleshooting and error handling
  • Development of functionality and content
4. How long we store personal data

We store personal data only for as long as it is necessary for the purposes for which it was collected:

  • Order and transaction data: At least seven (7) years, in accordance with the Swedish Accounting Act
  • Customer accounts: Until you choose to close your account
  • Newsletter subscribers: Until you unsubscribe
  • Agreements and copyright-related collaborations: For as long as the agreement or collaboration remains in effect
  • Customer service cases: For as long as the matter requires

Personal data is continuously deleted or anonymised when it is no longer necessary for the relevant purposes.

5. How we protect your data

We use technical and organizational security measures, such as:

  • Encrypted communication (HTTPS/SSL)
  • Secure storage via Shopify
  • Restricted access
  • Agreements with personal data processors
  • Regular system updates
6. When we share personal data

We only share data when necessary.

6.1 Processors and service providers

We may share personal data with trusted processors and service providers who process data on our behalf, for example:

  • Shopify (e‑commerce platform)
  • Payment providers (such as Klarna, Swish)
  • Logistics and distribution partners
  • Publishing and administration systems
  • Newsletter and communication services
  • Analytics and statistics tools

All processors act in accordance with data processing agreements and may only process personal data in accordance with our instructions and applicable law.

6.2 Authorities

We may disclose personal data to public authorities when required by law, for example to:

  • The Police
  • Courts
  • The Swedish Tax Agency

Such disclosures are made only when legally required.

6.3 We do not sell personal data

Personal data is never sold, transferred, or disclosed to external parties for marketing or commercial purposes.

7. Transfer of personal data outside the EU/EEA

Shopify may process and transfer personal data to countries outside the EU/EEA, including Canada and the United States.

Such transfers are carried out in accordance with applicable data protection legislation and are safeguarded through appropriate measures, including:

  • Standard Contractual Clauses (SCC) approved by the European Commissio
  • GDPR-compliant data processing agreements

These safeguards ensure that personal data is protected to a level equivalent to that required within the EU/EEA.

8. Your rights under GDPR

Under the General Data Protection Regulation (GDPR), you have the right to:

  • Request access to your personal data (register extract)
  • Request rectification of inaccurate or incomplete data
  • Request erasure of personal data (“right to be forgotten”), where permitted by law
  • Object to the processing of your personal data
  • Request restriction of processing
  • Request data portability
  • Withdraw consent, where processing is based on consent

You will receive a response within 30 days.
To exercise your rights, please contact us at: info@gehrmans.se

9. Cookies

Cookies are used for functionality, analysis and an improved experience. More information can be found in our Cookie Policy.

10. Changes to this policy

The policy may be updated when:

  • Legislation changes
  • We make changes to our services
  • Platform or integrations are updated

The latest version is always available at www.gehrmans.se.

11. Contact

For questions regarding personal data and privacy:
Gehrmans Musikförlag AB
E-mail: info@gehrmans.se


If you have concerns about how we process your personal data, you also have the right to lodge a complaint with the relevant supervisory authority. In Sweden, this is the Swedish Authority for Privacy Protection (IMY).