We process your data at the request of the Bank for the purpose described as follows in this paragraph 4. Your data will not be used in a manner that is not in keeping with the purpose for which the data was gathered.
4.1 Supply of services
4.1.1 You can choose to use BankID for electronic identification or signature with most suppliers of e-services such as companies, banks, organizations and authorities. Your personal data can be used to guarantee that the right person used the e-identification BankID for such a supplier of e-services and the supplier can learn your personal data in the form of name, identification number and the name of your bank. This handling is done to complete the agreement about the supply of the Services between the Bank and yourself.
4.1.2 When you use BankID the name of the supplier of the e-service you are identifying yourself with, or electronically signing with, is also processed. The name of the supplier of the e-service saved is the name shown to you in the BankID app. No data about why you have identified yourself or signature is saved. Depending on where you choose to use your BankID, your name can therefore reveal so-called sensitive data about you, such as for example ethnic origin, political, religious or philosophical activity or membership in a union or data about your health or sexuality. It is entirely up to you where you choose to identify yourself or to sign documents. This handling is made for the bank in the BankID cooperation that has entered into an agreement to connect to the BankID service with the party you choose to identify against or sign documents at, to be able to determine, claim or defend legal claims relating to the agreement.
4.2 Improve the services
4.2.1 At the request of the Bank we will use your data to produce for example aggregated/anonymous data to improve the Services, make the Services more user-friendly by for example improving bugs, to produce invoicing material for the Bank, for changing the interface and so on, as well as other improvement measures. This use is necessary for the Bank’s and our own ongoing interest in improving the Services. Statistics of BankID usage are published regularly on our website www.bankid.com/om-oss/statistik.
4.2. To improve the Service and better understand how the BankID app is used, we also gather anonymous information relating to the use of the BankID-app, for example choice of language and the functions used in the app. This information does not constitute personal information and cannot be connected to you. You have the option to refuse the gathering of this information by choosing this option under Settings in the BankID-app.
4.3 Prevent misuse and take safety precautions
4.3.2 For some new releases of BankID, we undertake an additional safety measure to prevent misuse or other illegal use of the Services. When a new issue of BankID is requested, you will therefore be asked to scan your passport or national ID card. We process and read the MRZ code on the ID document to (i) ensure we issue BankID to the right person, (ii) ensure that you are not blocked from obtaining BankID and iii) check that you have a valid ID purpose.
4.3.3 We may also process data based on your use of the Services to prevent, deter or investigate crime. This is done on behalf of the respective Bank when such action is necessary for the Bank’s or other’s lawful interest in avoiding and preventing you from being exposed to ID theft, or that the Services may be otherwise misused, as well as to safeguard legal claims or fulfill the Bank's legal obligations.
4.4 Register maintenance
4.4.1 Your data will also be used for maintenance of the register as described in paragraph 1.5. The purpose of this is to block and prevent BankID being used in any case where a BankID has been issued to persons who have been removed from the population register primarily because the person is deceased. The personal data we handle for this purpose is the personal data provided by the Swedish Population Register (SPAR) which consists primarily of your name, personal identification number and address. This action occurs every time your data in the population register is changed. As soon as we have carried out the registration, all personal data is deleted, which means that in practice your personal data is handled for this purpose for a very limited period of time.