Search results

The Swedish Authority for Privacy Protection is responsible for the processing of personal data for which the authority determines the purpose and means. The authority processes, for example, personal data in the handling of the authority's business, in the handling of questions and in the administration of courses and subscriptions.

Companies often have operations in several countries and personal data does not always stay in one country. An instance of personal data processing that has a connection to more than one member state of the EU is called cross-border processing.

Swedish Authority for Privacy Protection (IMY) supervises law enforcement authorities.

The primary purpose of the Credit Information Act is to protect data subjects' personal privacy but the law is also to contribute to efficient provision of credit information.

On this page you will find answers to the most frequently asked questions that IMY receives about payment default records.

Information security first and foremost involves preventing information from being leaked, distorted and destroyed. It also involves ensuring that information is to be available to the right people and at the right time. Information is not to be able to fall into the wrong hands and be misused. The data subjects are to know who is using their personal data and why.

Below follows a description of what you should bear in mind when you process personal data in e-mail. The description is intended only as a guide and is not exhaustive. It is every organisation's resp

Codes of conduct are meant to help ensure proper application of the General Data Protection Regulation's provisions by specifying how personal data may be processed in specific cases.