Personal data processing
At Nordiska, we attach great importance to protecting the privacy of our customers. All personal data is processed in accordance with the data protection legislation in force at any given time. Here, we briefly describe how we collect, process and share personal data. If you want to know more, our data protection policy is at the bottom of this page!
In general, regardless of which customer or person you are, we may need to process personal data in order to be able to enter into and administer agreements and fulfil the obligations contained therein in the event of a contract. In addition, we process data to meet the requirements imposed on us by laws and regulations, as well as to further develop our business.
Personal data is processed for the purposes of:
- processing and administration of the service applied for (e.g. credit information or other credit assessments)
- confirmation of identity
- fulfilment of concluded agreements (e.g. invoicing, credit register)
- to prevent and counter money laundering and terrorist financing and fraud
- to fulfil other such obligations arising from laws, ordinances and government regulations.
When applying for a private loan, our personal data processing may include a certain type of automated decision-making based on the financial information provided by the customer and information we collect from UC. Such an automated decision can, for example, mean that the application for a loan is denied if the applicant's income is below our minimum requirements.
Automated decision making
We can, in some cases, use automated decision-making processes. "Automated decision-making" means that certain decisions are based on automatic decisions (e.g. granting credit). It can, for example, decide to reject a credit application via the internet based on, among other things, information about you collected from a credit information company. You can always give us your opinion, request a decision be reviewed by a person or contest decisions based solely on automated processing, including profiling. We will always inform you when we use automated decision-making.
Nordiska may also use your data to communicate relevant information regarding services you have used or similar services and to carry out customer satisfaction surveys regarding our services (e.g. after you have contacted Nordiska's customer service) via electronic communication channels and by telephone. If you do not wish to receive such communication, you are welcome to send an e-mail to email@example.com.
Who can we share your information with?
We may transfer to or share your information with selected third parties. Which recipients we share your information with, and for what purposes, depends on which of Nordiska's services you use. We take all reasonable legal, technical and organizational measures to ensure that your data is handled securely and with an adequate level of protection when transferring to or sharing with such selected third parties.
Your personal information may be shared with credit reporting companies and similar service providers for the purpose of assessing your creditworthiness when you apply to one of Nordiska's payment methods, and to confirm your identity and address. We may also disclose information about any potential non-payment to credit institutions. The credit reporting companies we work with are UC and Creditsafe.
Your personal information may be shared with anti-fraud agencies and companies that provide services to verify your identity, the accuracy of the information you provide and to combat criminal activity.
Nordiska may share your personal information with other companies within the Nordiska Group, based on our legitimate interest in conducting our business.
Nordiska may share your personal information with a person who has the right under a power of attorney to take part in these, based on your consent.
Nordiska may provide necessary information to authorities such as the police, tax authorities, or other authorities if we are obliged to do so by law, if you have agreed that we do so or if it is required to administer tax deductions. An example of a legal obligation to provide information is as a measure against money laundering and terrorist financing. In Sweden, Nordiska also shares information about interest rates with the Swedish Tax Agency to calculate your tax.
Nordiska may also share your personal information if we sell, or give orders to collect, unpaid debts to third parties as debt collection companies. We share yours based on our legitimate interest in collecting and selling debts.
Nordiska may share your information with other third parties. This can happen if Nordiska sells or buys operations or assets. In such a case, Nordiska may provide your personal information to a potential seller or buyer of such business or such assets. Furthermore, if Nordiska, or a significant part of Nordiska's assets, is acquired by a third party, personal information about Nordiska's customers may be shared.
We will not sell your personal information to third parties if we do not have your permission to do so.
Where do we process your personal data?
We always strive to process your data within the EU / EEA. Notwithstanding this, in some cases, your personal data may be transferred to, and processed in, countries outside the EU / EEA by another supplier or subcontractor. In such a case, Nordiska will take all reasonable legal, technical and organizational measures to ensure that your data is handled securely and with an adequate level of protection comparable to and at the same level as the protection offered within the EU / EEA. Your protection and rights should not be affected by such a decision.
How long do we store your personal information?
We save your data only for as long as it is necessary to carry out our contractual obligations to you or otherwise fulfil the our processing purposes, which are described in this Data Protection Policy. When we save your data for purposes other than our contractual obligations, for example to meet legal requirements against money laundering, accounting and regulatory capital requirements, we save the data only for as long as it is necessary and / or statutory for these respective purposes.
Below you will find a summary of your rights, i.e. what you are entitled to vis-à-vis Nordiska.
· Right to access your data. You can request a copy of the information we hold on you free of charge. The information can, in some cases, be transferred in a machine-readable format (so-called "data portability"), which makes it easier for you to move your personal data.
· Right to correction. You have the right to correct incorrect or incomplete information we have about you.
· Right to be deleted ("the right to be forgotten"). You have the right to request the deletion of your personal data in cases in which the data is, for example, no longer necessary for the purpose for which it was collected. However, we would like to draw your attention to the fact that there may be legal obligations for Nordiska as a credit institution which prevent us from immediately deleting parts of your data. These obligations come from accounting and tax legislation, banking and money laundering legislation, but also from consumer law legislation. If you submit such a request, we will block the data that we are obliged to save so that it cannot be used for purposes other than fulfiling such legal obligations or for the fulfilment of agreements. We will inform you of this when you submit a request for deletion.
· Right to request limitation of treatment or object to Nordiska's treatment. If you object to the accuracy of the information we have registered about you or the legality of the data processing, you have the right to ask us to stop processing. You can also object to our processing if you believe that there are circumstances that prevent the data processing from taking place in accordance with applicable laws and regulations.
Withdrawal of consent
In cases where Nordiska processes your personal data based on your consent (e.g. when you have given us power of attorney for a third party to access your data), you can revoke this consent at any time by contacting us. Contact information is provided below.
In addition to this, a cookie is also set for visitors with an older version of the browser they have chosen to visit the site with, despite a warning that the website does not support their browser version.
Contact Nordiska or Swedish Authority for Privacy Protection (IMY)
Kreditmarknadsaktiebolaget (publ) is registered with the Swedish Companies Registration Office with organization number 556760-6032 and is based at Humlegårdsgatan 14, 101 23 Stockholm.
Nordiska has a data protection representative. Our customer service is an important part of our business and is happy to receive your questions about data protection and personal data. You can always reach Nordiska's customer service at firstname.lastname@example.org. You can also send an e-mail to our Data Protection Officer at their email: email@example.com.
Kreditmarknadsaktiebolaget (publ) is responsible for the processing of your personal data as described above. Nordiska Kreditmarknadsaktiebolaget (publ) complies with Swedish data protection legislation.
You can also submit a complaint or contact the Swedish Privacy Protection Agency (IMY), contact information can be found on their website imy.se.