Global Data and Cyber Handbook

Sweden

Select a Topic
Start Comparison
Key Definitions
Jump to
Key Definitions Start Comparison
Personal data

Last review date: 27 December 2024

"Personal data" means any information relating to an identified or identifiable natural person. An identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Sensitive/special personal data (including personal data subject to additional protections/ restrictions/breach notification obligations)

Last review date: 27 December 2024

Sensitive data includes:

☒   personal data revealing racial or ethnic origin

☒   personal data revealing political opinions

☒   personal data revealing religious or philosophical belief

☒   personal data revealing trade / professional union or association membership

☒   genetic data

☒   biometric data for the purpose of uniquely identifying a natural person or biometric templates

☒   data concerning health/medical information

☒   data concerning a natural person's sex life or sexual orientation

☒   financial information

☒   government identity card or number information

☒   personal data regarding an individual's criminal convictions or record

☒   other

Processing of national personal identity numbers is subject to additional requirements for processing. Where there is no consent, the processing needs to be clearly justified by its purpose, the importance of positive identification, or another noteworthy reason.

Note that there are other categories of personal data that are particularly worthy of protection, which may require the same security measures as sensitive personal data. Such personal data may include:

  • financial information
  • information about a person having committed a crime
  • valuating data such as information from performance reviews, results of personality tests or profiles
  • information relating to a person's private sphere
  • information about social conditions
Controller vs Processor

Last review date: 27 December 2024

Do the privacy laws distinguish between controllers/owners and processors/agents? Whereby:

  • the controller/owner is a natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data
  • the processor/agent is natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller

Answer: Yes.

The concepts of controller and processor are defined in the GDPR.

{{ $store.state.loadingScreen.message }} ...