Finansiell ID-teknik BID AB (”Finansiell ID-teknik”/”We”), 556630-4928, located at Kungsgatan 33, 111 56 Stockholm, owns, manages and develops the service of electronic identities (”BankID”/”The Service”) as well as the BankID security application program. This Service gives Finansiell ID-teknik access to and the right to use your personal data. Finansiell ID-teknik respects your personal privacy and strives to protect your personal data as far as possible. Finansiell ID-teknik aims to follow current law and regulations for personal data protection at all times. This policy helps you to understand the types of information Finansiell ID-teknik may handle when you use BankID, and how this information is used. The use of the Service may involve several parties. This policy relates only to the handling of information that Finansiell ID-teknik is instructed to carry out relating to personal data processing or personal data control. We recommend that you also read the privacy policies of the other parties that may be involved in your use of BankID, for example the bank providing your BankID and the party providing the e-service for which you choose to use your BankID.
BankID is issued by any of the banks participating in the BankID network (www.bankid.com). To use BankID you must first give your approval to the issuing bank (”The Issuer”) to allow handling of your personal data. This is normally carried out via The Issuer’s website. Your approval means that The Issuer can handle your personal data within the framework of The Service and is able to transfer your personal data for this purpose to third parties (for example Finansiell ID-teknik). The Issuer is the primary data controller of your personal data and decides the purpose for handling it. Finansiell ID-teknik is therefore only handling your personal data at the request of The Issuer and in accordance with The Issuer’s instructions. With the exception of the extremely limited handling referred to as follows, Finansiell ID-teknik acts as a Data Information Processor and will only handle your personal data at the request of the Issuer.
Finansiell ID-teknik acts as Personal Data Controller when handling personal data for carrying out a limited form of register maintenance from a security perspective in registers managed at the request of the Issuer, to block or correct a blacklist of users who can no longer use the Service, for example a deceased person, and to prevent others using the Service in the name of the user. This gives the Issuer the means to block such a user’s BankID and to prevent BankID being issued to such a user. The personal information handled by Finansiell ID-teknik for this purpose is the personal information available in the State Register, consisting primarily of name, identity number and address. As soon as Finansiell ID-teknik has carried out the registration above, all personal information is deleted. In practice this means that no personal data will be handled for longer than an extremely limited period.
The protection of your personal information is important to us. To keep the personal information that we handle secure, we have therefore taken comprehensive technical and organizational security measures. Our employees have strict instructions to handle all personal data according to current laws and regulations for personal data protection. We further guarantee an adequate level of protection of your personal data, in that we handle your personal data only within Sweden.
We may transfer your personal data if it should be required by law or order, or to protect or defend Finansiell ID-teknik, our partners or the rights of users.
You have, according to current law relating to personal data, the right to request information once a year, gratis, about any personal information relating to you and held by us, regardless of how this information is gathered. Requests for such information must be made in writing. The request must be sent to Finansiell ID-teknik BID AB, Kungsgatan 33, 111 56 Stockholm.
If your personal data is handled in opposition to current laws relating to personal data you have the right to ask that the personal data is corrected, blocked or deleted. You also have the right at any time to recall an approval regards the handling of your personal data. You do this by contacting your issuing bank and requesting that they block your BankID. Note however that a recall of this type will mean that you can no longer use your BankID.
Observe that we only transfer information about the personal data we handle when we are personal data controller, i.e. for the limited period described above. In all other cases you must turn to the Issuer or other party who is personal data controller, for information about the handling of your personal data within the framework of the Service.
Latest update 10 January 2017.