Search results

The Swedish Authority for Privacy Protection (IMY) has fined Aktiebolaget Storstockholms Lokaltrafik (SL) and Waxholms Ångfartygs AB (WÅAB) for processing personal data relating to sobriety tests conducted by employees in breach fo the GDPR. IMY issues an administrative fine of SEK 75, 000 against each companies.

Read about the data subject's rights according to the GDPR.

A personal data breach is a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.

All businesses that handle personal data must comply with the General Data Protection Regulation (GDPR). This means, among other things, that you need to follow the fundamental principles, ensure that the processing has a lawful ground and inform the data subjects about how you handle their personal data.

The Patient Data Act supplements the General Data Protection Regulation (GDPR) and contains rules for the processing of personal data in healthcare. The Patient Data Act must be applied by all healthcare providers, both public and private.

Personal data within law enforcement is governed by special laws.

If you think that someone is processing your personal data incorrectly you can file a complaint to the Swedish Authority for Privacy Protection (IMY) using our e-service.