Privacy policy at the Swedish Gender Equality Agency

The General Data Protection Regulation, (GDPR) becomes effective in the European Union on 25 May 2018, replacing the Swedish Personal Data Act (1998:204). The GDPR imposes stricter requirements on how we collect, process and retain your personal data. Your rights are strengthened with requirements concerning matters as the provision of information, transparency and the correction of inaccuracies.

The Swedish Gender Equality Agency safeguards your privacy and personal integrity, and it ensures that your personal data is processed in a proper and correct manner in accordance with the law. In this privacy policy, we explain in greater detail what implementation of the GDPR entails. Some sections contain references to the relevant Article in the GDPR, in case you would like to find out more. You can of course contact us with your questions at any time.

What is an item of personal data?

Personal data is all information that can be directly or indirectly attributed to a living person. This concerns your name, civil registration number, telephone number, email address, and similar information. There is also other information that can be linked to you, such as a coordination number, cadastral designation/land registry reference, membership or employment in an organisation. If you are identifiable in a picture, this is also regarded as an item of personal data (Article 4, item 1).

How does the Swedish Gender Equality Agency obtain personal data?

Usually it is because you provided us with your personal data. This happens for instance when you visit our website, send us an e-mail or subscribe to our newsletter. In such cases, you provide your personal data about yourself. The same occurs if you send us post or give us documents when you come to visit us.

The Swedish Government determines the Gender Equality Agency’s mission and responsibilities. Sometimes, therefore, we may need to collect personal data about you for some purpose determined by our mission and responsibilities. This is usually done entirely voluntarily, and we will of course tell you why the information is being collected.

Public documents

All documents received by the Agency – whether or not they contain personal data – are usually regarded as public documents, and copies of them can therefore be requested by anyone. This is governed by the principle of public access that is fundamental in public administration. It applies irrespective of whether documents are digital or physical. Public documents must be retained and selectively deleted (removed) in accordance with the rules contained in the Swedish legislation concerning archiving.

Do you want to be anonymous?

If you want to contact us and remain anonymous, we recommend that you contact us via telephone. The reason for this is that all email, documents and other correspondence that you send in/submit or otherwise provide to the Agency generally become public documents.

Data controller

When the Swedish Gender Equality Agency processes your personal data, the Agency is the data controller. This means that we determine the purpose of the processing and are responsible for ensuring that the processing of your personal data occurs in a proper manner according to the law. We must be able to provide evidence to the Swedish Data Protection Authority that the GDPR is being complied with (Article 4, item 7).

Processing personal data. What is it?

Processing an item of personal data involves doing something with the data. It is a broad concept that may apply to an action or combination of actions, such as collecting and registering, storing, adapting or reorganising, deleting, or archiving. (Article 4, paragraph 2). The Agency may not collect and process your personal data unless there is a regulation, in the GDPR or in some other legislation, describing the purpose which makes this permissible.

For what purpose?

The Swedish Gender Equality Agency may only process your personal data if there is a purpose as specified in the GDPR or other legislation. This means that we must have a legal basis for processing your data. You will usually provide your personal data voluntarily. Some examples include when you want to subscribe to our newsletter or sign up to attend a conference. In such cases, the legal basis is provided by consent.

Another purpose is if you are a party to an agreement/contract and provide your personal data in connection with this. An application for a government grant entails a processing procedure that concludes with a decision. In these cases, we have a task as an exercise of public authority which is the purpose of the processing. The GDPR also lists purposes (Article 6).

For how long is your personal data retained?

The Swedish Gender Equality Agency retains and processes your personal data for as long as necessary with respect to the purpose of such processing. After this, the personal data will be deleted or retained in accordance with the rules in the Swedish legislation concerning archiving.

Your rights

One important objective of the GDPR is to allow you to know what personal data concerning you has been collected and/or processed, and whether it contains any inaccuracies. If there are any inaccuracies, it allows you to have the information corrected or deleted. You also have other rights.

Articles 15-19 of the GDPR entitle you to:

• request access to your personal data
• request a correction, deletion or restriction concerning the processing of your personal data
• object to the processing of your personal data
• request data portability (to obtain copies and transfer it to another data controller)
• revoke (withdraw) your consent, at any time
• file a complaint with the Swedish Data Protection Authority about our processing of your personal data.

If you have any questions you are welcome to contact us at info@jamstalldhetsmyndigheten.se.