Personal Data Responsibility
The National Institute of Economic Research (NIER) (org.no: 202100-0845) is personal data controller for the processing of personal data within the framework of the agency’s activities and is responsible for ensuring that personal data is processed in accordance with current data protection rules.
Personal data is any kind of information that can be directly or indirectly linked to a physical and living person. Examples of personal data include name, personal ID number, postal address and e-mail address.
The conditions for our processing of personal data may be found in the General Data Protection Regulation (EU 2016/679) and in the Data Protection Act (2018:218).
Principle of public access to public documents
NIER is a public agency, which means that e-mails, letters and other documents that are created within the agency or that come to us are public documents. This means that they are to be given out on request if they are not subject to confidentiality.
Collection and processing of personal data
NIER collects and processes personal data within the framework of our activities and only to the extent that is necessary in order to perform our tasks.
In order to process personal data, this must be supported by the data protection rules, i.e. there must be legal grounds. For processing to be legal requires, for example, that it is necessary to comply with an agreement or legal obligation or to perform a task in the public interest. Personal data can also be processed if there is consent.
All information that has been given to NIER by the parliament or the government in order to perform an assignment is in the public interest. The processing of personal data that NIER performs is thereby also mainly in the public interest, which represents the legal grounds for processing.
Processing of personal data about employees
As an employer, NIER may legally process personal data about employees and contractors to the extent that is necessary to comply with the contract of employment or assignment agreement.
Processing of personal data about job applicants
The information that you provide in your application will only be used within NIER for recruitment purposes. The information is only accessible to persons who work in recruitment. Your information in connection with the application, CV, personal letter and other information that you submit will be kept at the agency for two years after the recruitment is concluded, according to NIER’s sorting regulations.
The personal data of those who are employed is kept.
Processing personal data when ordering reports, subscriptions and notifications of press meetings, seminars etc.
Personal data that is given when subscribing to newsletters or ordering publications is only kept as long as you are a subscriber or as long as needed to perform the despatch or administer your order. Where we receive payment for material, the invoice data is kept according to current bookkeeping rules. You consent to the processing of personal data and you can cancel your subscription at any time.
Personal data that is sent when registering for seminars or conferences is kept only as long as it is needed for the administration of these events.
In some cases, NIER uses what is known as a personal data processor.
Personal data is regularly cleaned, sorted out or anonymised. The personal data that NIER collects is processed for various purposes and is thus kept for different lengths of time, depending on what it is to be used for and legal obligations. However personal data is never kept for longer than is necessary for the purpose for which it is processed.
Employees’ personal data is deleted shortly after the employment ceases. This refers for example to the employee’s e-mail account or information about employees on websites. It may be necessary to keep other personal data longer, for example information that is necessary for payment of pensions.
Is personal data released to other recipients?
Official documents may be given out, according to the principle of public access to official documents, to journalists and individuals who ask to receive them. NIER is obliged by laws, regulations and central agreements to provide personal data to the Swedish Agency for Government Employers, the Swedish Tax Agency, the social insurance agency Försäkringskassan, the Government Employees Pensions Board, Statistics Sweden and NIER’s contracted bank. Personal data may also be given to our agreement partners and IT suppliers.
NIER’s activities make use of a number of different IT services and IT systems. Some systems are installed locally in our offices and only NIER personnel have access to the personal data in them. In such cases there is no transfer to any third party. Some systems are installed at suppliers’ premises or are cloud based and with these personal data is transferred to the supplier. In these cases, the suppler acts as personal data processor and processes personal data on NIER’s behalf and according to our instructions.
NIER undertakes technical and organisational measures to ensure that all information that NIER processes is protected from unauthorised access, modification and destruction.
All development of our systems, services and other activities is done with respect for personal integrity and in observance of data protection legislation.
NIER is responsible for ensuring that your personal data is processed in accordance with applicable legislation.
At your request or on its own initiative, NIER will correct or supplement personal data that is found to be incorrect, incomplete or misleading. You are entitled to have your personal data deleted, depending on what legal grounds the processing is based on. This means that you are entitled to request the removal of your personal data if it is no longer needed for the purpose for which is was collected. There may however be legal requirements that mean that NIER cannot delete your personal data immediately. In such a case, NIER will stop any processing that is done for purposes other than what follows from the legislation.
You are entitled to data portability, depending on the legal grounds on which the processing is based. This means the right, under certain circumstances, to remove and transfer your personal data, in a structured and machine-readable format, to another data controller.
You have the right to submit any complaint regarding the processing of your personal data to the Swedish Data Protection Authority.
If you wish to contact our data protection officer, send an e-mail to firstname.lastname@example.org or contact us by telephone or letter. See the information under the heading Contact us at the top of the page.
Cookies at konj.se
Cookies are small text files that enable us to obtain visitor statistics for the website. We use the visitor statistics to improve the website’s structure and content. The cookies that we use cannot destroy or in any way damage your computer.
These are the cookies that we use
We use two types of cookies. These are session cookies, which are temporarily saved while you are visiting the website and then disappear when you close your browser, and persistent cookies, which are saved on your computer for longer. We use these:
- JSESSIONID: used to identify logged-in users and give the correct authorisations.
- sv-uts: used to connect visitors with previous visits; stored for 1 year.
- Cookies from Google Analytics: used to obtain visitor statistics.
We use Google Analytics to collect visitor statistics from konj.se. Primarily, we use this information:
- Number of visitors and page visits
- How long visitors remain on our website, on average
- Number of pages visited per visit
- Common web browsers and what kind of device (mobile phone, computer or tablet) is used
- How our visitors navigate through konj.se
In this context, information is relayed to and saved by Google on servers in the USA. The information that we send is anonymised by removing the last figures from the users’ IP numbers before being sent.
How can I see which cookies are saved?
Your web browser normally saves all cookies in a catalogue on your computer. One way of finding out what cookies have been saved is to go through the catalogue and check the contents. Session cookies do not need to be saved on your computer, however.
Do you not wish cookies to be used?
If you do not wish cookies to be saved, you can close this function in your browser settings. You can also set your browser to ask you a question every time a website attempts to place a cookie in your computer. The browser settings also allow you to delete saved cookies.