Personal data

What is personal data?

Personal data is all kinds of information that directly or indirectly can be linked to a physical person who is alive. That is, any information that can be used to identify, contact, or locate an individual. Examples include name, social security number, gender, address, IP address or account information.

What is possession of personal data?

Everything that is done with personal data is considered personal data processing operations. It includes, collection, recording, distribution, deletion, or disclosure of personal information.

Who is the data processor?

Praktikertjänst AB ("Praktikertjänst") org. No. 556077-2419 is a data controller for the processing of your personal data unless otherwise indicated.  Note that Praktikertjänst AB has a number of subsidiaries which are themselves the controllers of the information they handle which may differ in some details from this text.

How do Praktikertjänst process your personal data?

We only collect personal information that have an explicit purpose and try to minimize the amount of personal information we collect about you. We never save personal information longer than necessary for their respective purposes or for longer than the law permit. Find out more about the specific storage time under each area of concern.

Where do we process data?

Where we store your information, in our systems or with suppliers’ systems, we require a high level of security and privacy. We may share your personal information within our group of companies (affiliates, our ultimate parent company and its subsidiaries, as defined in Chapter 1, section 11 of the "aktiebolagslagen ", 2005:551).  We always strive to treat your personal data in Sweden and the EU/EEA area. In those cases, your personal information is transferred to third parties or outside EU/EEA we ensure that appropriate measures are in place to maintain the integrity of the personal data and to ensure that they are treated in accordance with applicable laws.

Sharing of your personal data.

Data processor. A data processor is a party that treats your personal information on our behalf (Data controller) and under our instructions. Your personal information may occasionally be shared with processors to meet the commitments we made to you, for example, your health information is stored in a journal system operated by an external supplier.

Your personal information is shared only with processors aligned with explicit purpose of collection and processing of personal data. We control all of the processors to ensure they can provide sufficient guarantees regarding the security and confidentiality of personal data. We have written contracts with all processors to ensure the safety of the personal data processed and undertakes to comply with the safety requirements and restrictions as well as requirements relating to the international transfer of personal data.

Shared controller. We sometimes share your personal data with certain parties with whom we share personal data responsibility. When your personal information is shared with a company/organization that we have shared personal data responsibility with, that company´s privacy policy and personal data management regulate how your data is managed within their organization.

Examples of such parties are:

1) the State authorities (tax office or any other authority) if we are required to do so by law. 

2) company that offers payment solutions (banks and other payment service providers). 

3) certain health care services, laboratory, or insurance companies.

What are your rights as a registered customer?

The right to get a extract of your registered Personal information. We are always open and transparent in how we process your personal data and if you want to get a deeper insight in which personal data we process about you, you may request an extract from the register. Keep in mind that if we receive a request for access, we may ask for additional information in order to ensure the effective management of your request and that the information is provided to the right person. If you as a health care patient is interested in which personal data exists about you, you should contact the institutions you have previously visited.

The right to rectification. You can request to have your personal data corrected if the data are incorrect. In the context of the stated purpose, you also have the right to complete any incomplete personal data.  The right to erasure. You can request deletion of personal data we process about you if:

* the data is no longer necessary for the purposes of which they were collected or processed.   

* You object to the balancing of interests we have made based on interest and your reasons for objection weighs heavier than our legitimate interests.   

* You object to the processing of direct marketing purposes.

Please be aware that we may have the right to refuse your request if there are legal obligations that prevent us from immediately deleting certain personal information, such as the obligation to store records in 10 years according to patient data law (PDL).

How do we protect your personal information? 

We focus on protecting the confidentiality, integrity and availability of personal data and take high security measures to protect your personal data against unlawful or unauthorized processing (such as illegal access, loss, destruction or damage) to our It systems. Only those people who actually need to treat your personal information in order to fulfil our stated purposes have access to them.

How do you contact us if you have any questions about data protection? 

We take data protection very seriously and has dedicated staff that handles these matters, you can reach them at gdpr@ptj.se