Processing of personal data
SGU is responsible for ensuring that personal data processed by the Authority is handled in accordance with applicable data protection legislation.
The Geological Survey of Sweden (SGU) is a government authority. Notices sent to us become public documents and may be disclosed according to the principle of public access.
If you have any questions about how we process your personal data, please contact our Data Protection Officer. You can contact the SGU Data Protection Officer at firstname.lastname@example.org, enter "Data Protection Officer" in the subject line.
What is personal data and what does the processing of personal data entail?
Personal data is any information that can directly or indirectly identify a natural living person. Personal data can include: Name, email address, phone number, photo, audio recording and IP number.
The processing of personal data is a collective term covering, for example, the collection, registration, storage, processing and dissemination of various types of personal data.
Why SGU processes your personal data
SGU processes personal data to fulfil our mission as a government authority. SGU is the administrative authority for issues relating to the geology and management of mineral resources of Sweden. Our mission is to provide geological information to meet society's needs in the short and long term. All processing of personal data by the Authority is carried out to promote these goals in some way.
The most common reasons we process personal data are that you
- subscribe to our newsletters
- order information material
- ask questions via email or internet form
- apply for vacant positions
- sign up for a seminar/webinar
- are an employee
- contact or cooperate with us for any other reason
The legal bases for SGU's processing of personal data
All data processing must have a legal basis laid down in the General Data Protection Regulation.
SGU's main basis for the processing of personal data is for public interest purposes and to exercise the duties of a public authority, since SGU's personal data processing is based on a public service mission laid down in various legislative acts. The basis of legal obligation is also relevant when SGU processes personal data pursuant to specific legislation, such as the Swedish Archives Act or the Swedish Accounting Act. In addition, an agreement, for example, may form the basis for SGU's processing of personal data.
You can obtain more information about the legal bases in the General Data Protection Regulation and from the Swedish Authority for Privacy Protection Authority (IMY).
Personal data processed by SGU
SGU will only process the personal data necessary to fulfil our mission. For example:
- name, address, telephone number and email address to contact you or to answer any questions you may have
- bank and account details for paying money or invoicing
- the personal data required if you are applying for a vacant position
- personal identity number, when this is needed to establish your identity
This will protect your personal data and limit its dissemination
SGU is responsible for protecting the processing of personal data and limiting access to personal data. This is most frequently ensured by controlling access to the IT systems where the data is recorded and stored. Only authorised persons have access to the data. Sometimes the data is stored in specially protected areas.
Most of the information available to the Authority is public documents. If your personal data is contained in a public document, anyone requesting that document may obtain your personal data, unless confidentiality under the Swedish Public Access to Information and Secrecy Act (2009:400) prevents it.
Your personal data is saved for a specified period of time
SGU retains your personal data for as long as it is necessary to fulfil the purpose of the processing or as long as is required by law. For example, if you subscribe to our newsletter, we will save your email address as long as you choose to be a subscriber. If you no longer wish to receive the newsletter, your information is deleted.
Personal data in public documents are processed in accordance with the rules of the Swedish Freedom of the Press Act (1949:105), the Swedish Archives Act (1990:782) and the provisions of the Swedish National Archives.
The General Data Protection Regulation gives you, as an individual, a number of rights.
- Right of access:
You have the right to know what personal data SGU is processing.
- Right of rectification:
You have the right to request that your personal data is corrected if it is incorrect.
- Right of deletion:
You have the right to have your personal data deleted if the information is no longer needed to fulfil the purpose for which it was collected.
- Right to limit your personal data:
You have the right to request that the processing of your personal data is restricted.
- Right to object to processing:
You have the right to object to the processing of your personal data.
You also have the right to apply to the Swedish Authority for Privacy Protection (IMY), which is the supervisory authority for the processing of personal data, if you have any feedback on SGU's processing of your personal data.
There may be provisions in other legislation that apply ahead of data protection legislation, which mean that certain rights relating to the processing of personal data are not fully applied. For example, there is no way to delete your data if it is subject to SGU's obligation to archive public documents.
Last reviewed 2021-12-28