Kammarkollegiet’s personal data processing

Kammarkollegiet processes personal data in order to fulfil its duties as a state administrative authority.

Its personal data processing is regulated in the EU’s General Data Protection Regulation, in some cases with the support of Swedish data protection legislation.

What is personal data?

Personal data is all kinds of information about a living, natural person, such as their name, address, personal identity number, or e-mail address, or a photo of said person.

Personal data processing

In principle, “personal data processing” entails everything that can be done with personal data. For example, this includes reading, collecting, registering, storing, combining or printing the data.

Kammarkollegiet’s Data Protection Officer

Since Kammarkollegiet is a government authority, we have also appointed a data protection officer , in accordance with Article 37 of the EU’s General Data Protection Regulation. Contact details can be found at the bottom of this document.

How Kammarkollegiet processes your personal data

Kammarkollegiet conducts a broad range of operations. We are tasked with over 35 different assignments from the Riksdag and the Swedish Government, and we therefore need to process personal data in several different areas, in several different IT systems and for different purposes. You can read more about what assignments we have and which department is responsible for them.

In order for us to be able to process personal data, legal support is required. Examples of purposes and legal bases:

  • Case management and decision-making is mainly based on the legal bases of public interest, legal obligation, or the exercise of public authority.
  • The management of contracts/agreements is conducted with the support of the legal basis of agreement.
  • The management of subscriptions to newsletters is conducted with the legal basis of consent.
  • The publication of information on our website may, inter alia, take place on the legal basis of legal obligation, public interest, or agreement.

By contacting one of our individual departments, you can receive further, specific information about how your personal data is collected and processed.

How we save personal data

Personal data is processed during the time required to fulfil the purpose of the processing and in accordance with applicable legislation, e.g., the Archives Act and the Accounting Act. Personal data in public documents is retained and deleted in accordance with the Archives Act, the regulations of the National Archives and the authority’s decisions on the application of these regulations.

The principle of public access to official records

Because Kammarkollegiet is a state authority, we are obliged to preserve public documents. these can only be culled if special decisions or regulations on culling exist. Public documents containing personal data may be disclosed, provided that they are not confidential.

The processing carried out accordingly is deemed necessary for an important public interest.

Who can access personal data

Employees at Kammarkollegiet can access personal data that is necessary for them to be able to perform their duties. In some cases, we use personal data processors. These may only process personal data in accordance with the purposes and instructions with which we provide them. The processors and those acting on their behalf may never access more data than is required to perform the service regarding which we have an agreement with them. To ensure this, a special personal data processing agreement is signed with the processor.

Security

We take technical and organisational measures to ensure that all information we process is protected from unauthorised access, alteration and destruction.

Your rights as a data subject with Kammarkollegiet

As a data subject you have different rights.

The right to register extracts

You have the right to receive (free of charge) information about what personal data we process relating to you and to obtain a transcript of the data containing information about the processing, commonly referred to as a “register extract”.

The right to rectification

The personal data we process must be correct and accurate. If we process your personal data incorrectly, you have the right to request that the data be rectified and incomplete data supplemented.

The right to deletion, limitation and objection

In certain cases, you have the right to request deletion of your personal data, to object to their processing, and to request that their processing be limited.

Data portability

In some cases, those who have provided their personal data have the right to obtain and use their personal data elsewhere, for example in another social media service (the right to data portability). The recipient of the personal data is obliged, under certain conditions, to facilitate such a transfer of personal data.

Information about limited possibilities

We wish to preemptively inform you that in practice, our ability to accommodate you with regard to certain rights such as deletion and rectification may be limited, due to the fact that as an authority we are legally obliged to preserve public documents.

How to submit a request

If you wish to exercise any of your rights under the General Data Protection Regulation, we have special forms for this that we would like you to use - one for register extracts and one for other rights. This is to ensure that the subject of your request is clear to us and that we can be confident we are in contact with the right person. You can get the forms by contacting Kammarkollegiet’s Data Protection Officer.

Once we receive your request, we will handle your it as a special case. We will also verify that it was you who submitted the request. We do this by sending you a confirmation that you need to return. Once we have completed our processing, we will send our decision to your registered address.

Complaints

Anyone who believes that someone is processing personal data in violation of the General Data Protection Regulation can file a complaint with the Swedish Authority for Privacy Protection (formerly the Data Inspectorate).

Contact Kammarkollegiet’s Data Protection Officer

Send email
GDPR@kammarkollegiet.se

Phone
08-700 07 24

Send post
Kammarkollegiet
GDPR
Box 2218
103 15 Stockholm

Page last updated: 2022-12-08