Musso MUSSODetektivbyrå
EN
Call us Contact us
How we work
About
Knowledge
Contact
Call us Contact us Svenska
All investigation services
Infidelity Custody disputes Surveillance Personal profiling Corporate investigations Background checks Sick-leave investigations Undercover operations OSINT Counter-surveillance

For individuals

Infidelity, custody disputes and personal profiling – discreet and legally sound.

View services

For businesses

Corporate investigations, due diligence, sick-leave cases and OSINT.

View services
GDPR · Data Processing Agreement

Data processing agreement

This data processing agreement governs how Musso Detektivbyrå processes personal data on behalf of the client in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and Swedish data protection law. Last updated: June 2026.

The agreement is entered into between the client (the data controller) and SNI Scandinavian National Intelligence AB, reg. no. 559264-4859, operating under the Musso Detektivbyrå brand (the data processor). It forms an integral part of the service agreement between the parties and applies for as long as the processor handles personal data on the controller's behalf.

1. Purpose and scope

The processor handles personal data solely for the purpose of carrying out the investigation or security assignment agreed between the parties. Processing takes place in accordance with the controller's documented instructions, unless required by Union or Swedish law.

2. Categories of data and data subjects

Depending on the assignment, processing may include identity details, contact details, movement patterns, photographic documentation, financial information and, where applicable, special categories of personal data. Data subjects may include the individual under investigation, the client, and third parties appearing in the documentation. Special categories are processed only where necessary to establish, exercise or defend legal claims.

3. Processor obligations

The processor shall treat data confidentially, ensure that personnel with access are bound by confidentiality, and assist the controller with appropriate technical and organisational measures. Upon request, the processor shall make available the information needed to demonstrate compliance with the GDPR and allow for, and contribute to, audits.

4. Security measures

The processor implements appropriate technical and organisational security measures under Article 32 GDPR, including access control, encryption of stored and transmitted information where appropriate, secure storage of physical documentation, and routines for regularly assessing the effectiveness of the measures.

5. Sub-processors

The processor may engage sub-processors only with the controller's general or specific written authorisation. Any sub-processor is bound by the same data protection obligations through a contract, and the processor remains fully liable to the controller for the sub-processor's performance.

6. Data subject rights

The processor shall assist the controller with appropriate measures so that the controller can fulfil its obligation to respond to requests from data subjects exercising their rights, including the rights of access, rectification, erasure, restriction and objection under Chapter III GDPR.

7. Personal data breaches

In the event of a confirmed personal data breach, the processor shall notify the controller without undue delay and no later than 48 hours after becoming aware of it, providing the information needed for the controller's possible notification to the Swedish Authority for Privacy Protection (IMY).

8. Term, deletion and return

The agreement applies for as long as the processor handles personal data on the controller's behalf. On completion of the assignment, the processor shall, at the controller's choice, delete or return all personal data and delete existing copies, unless storage is required by Union or Swedish law.

9. Governing law and disputes

This agreement is governed by Swedish law. Any dispute arising from it shall be settled by the Swedish general courts, with Stockholm District Court as the court of first instance.

This is a standardised contract document that is adapted to each individual assignment. A signed copy is prepared when the service agreement is concluded. For questions, contact us at info@sni.nu.

Musso MUSSODetektivbyrå
Svenska / English
Services
Infidelity Custody disputes Surveillance Personal profiling Corporate investigations
The firm
About us How we work Law & regulation Partners FAQ
Contact
010-183 98 32 info@sni.nu Stockholm, Sweden Mon–Fri 07:00–17:00
Legal
Privacy policy Terms Cookies Service agreement Data processing agreement (GDPR)
© Musso Detektivbyrå — SNI Scandinavian National Intelligence AB, 2026