Processing of personal data

Processing of personal data

We Care about Your Privacy

We care about your privacy and are therefore very careful when processing your personal data. On this page, you can read about how we collect, share, and use your personal data and about your rights. It is important that you read this information. Please feel free to contact us should you have any further questions about our processing of your personal data.

What is Personal Data?

Personal data is any information, which directly or indirectly identifies or can identify a living natural person. Pictures (photos) and sound recordings of individuals that are processed by automated means can also be personal data, even if no names are mentioned. Encrypted data and other means of electronic identifiers, such as IP-addresses, constitute personal data if they can be linked to natural persons.

General Data Protection Regulation, GDPR

GDPR (General Data Protection Regulation) is a new EU regulation which applies as from the 25th of May, replacing the Swedish Personal Data Act. Even though there are many similarities between the regulations, there are now further requirements on how organisations collect and process your personal data.

How We Process Your Personal Data


We collect your personal data when you enter into a contract with a company within the Länsförsäkringar Alliance or through other means of contact between you and Länsförsäkringar, e.g. through online forms on our website, chat, paper applications or recorded telephone calls. We may also obtain personal data from other companies within the Länsförsäkringar Alliance, your employer or from our other business partners. In some cases, we may also obtain health data from health care providers; however, in such cases we will first obtain a power of attorney from you. In addition, we regularly collect personal data from publically available sources, such as private and public records.

Personal data can also be collected from a third party, for example in case of group insurances, from the organisation that enters into the group insurance contract with us or, in case of claim adjustment, from an injured third party or another insurance company whose client also is involved in the same injury.

Länsförsäkringar processes your personal data e.g. if you are a policyholder, a bank customer, insured, co-insured, payer, beneficiary, injured, pledgee, legal guardian, administrator, proxy holder, contact person or representative of a legal person, beneficial owner or website visitor.

The personal data that we process may include name, civil status, contact information, social security number and, in some cases, information about your profession, citizenship, economic circumstances as well as health data. We also process online identifiers such as IP addresses, MAC addresses or equivalent.

In order for Länsförsäkringar to be able to provide you with the relevant service or product, or take other measures that you request during the contract period such as in connection with claim adjustments, you will have to provide the personal data that Länsförsäkringar requests. Such personal data is necessary for entering into or the performance of a contract with Länsförsäkringar.

We may also process personal data in order to fulfil legal obligations, such as the Swedish Money Laundering Act or the Swedish Financial Supervisory Authority's general guidelines and regulations.

If Länsförsäkringar transfers your personal data to a recipient outside of the EU/EEA, Länsförsäkringar will take appropriate safeguards, to ensure your rights and freedoms, such as entering into standard data protection contracts.

Personal data will be stored for the duration of our contract with or other commitments to you or as long as legal claims can be exercised and thereafter up to 10 years in addition to the current year with regard to statutory limitation. In some cases, personal data may be stored for a longer period of time due to other legislation, such as the Swedish Insurance Contract Act (Sw: Försäkringsavtalslagen) or regulations on capital adequacy requirements which Länsförsäkringar must comply with from time to time. Other retention periods may also apply when personal data is processed for other purposes than for the contractual relationship, and in order for Länsförsäkringar to fulfil applicable legal obligations with regard to e.g. preventing money laundering (5 years after the customer relationship has ended) and accounting (7 years).

Personal data that is only processed for marketing purposes and does not result in a contract will normally be stored up to a maximum of six months.

Profiling means any form of automated processing of personal data that is used to evaluate certain personal aspects relating to a natural person, such as e.g. personal preferences, interests and location. Länsförsäkringar processes personal data for profiling for marketing purposes in order to be able to provide you with customised products and services. Profiling may also be used for determining premiums and automated decisions, as well as in order to prevent fraud.

The insurance companies within Länsförsäkringar Alliance may also register and collect data from the insurance industry's joint damage claims records (GSR). This record contains certain information about the damages, as well as information about who has requested compensation, and is only used in connection with claim adjustment. This means that the insurance company will receive information if you have previously reported damages to another insurance company. The purpose of the GSR is to provide information to insurance companies to identify unclear or dubious insurance cases, so the companies can prevent paying compensation based on false information. The data may also be anonymised and used for statistical purposes.

The data controller for GSR is Skadeanmälningsregister (GSR) AB, Box 24171, 104 51 Stockholm. Please see for more information about the processing of personal data contained in the register.

Insurance companies within the Länsförsäkringar Alliance may also transfer personal data to Larmtjänst, which is the joint agency for the insurance industry regarding the investigation of unclear or dubious information and searching for stolen property. The data controller is Larmtjänst AB, Box 24158, 104 51 Stockholm.

In some cases Länsförsäkringar uses automated decision-making, i.e. decisions that are based solely on automated processes without human intervention that have legal effects for you or significantly affects you. This could for example be an automated approval or rejection of a credit application via the internet.

Länsförsäkringar will never sell your personal data. However, we will transfer your data to other companies within the Länsförsäkringar Alliance for statistical and marketing purposes, taking into account, when applicable, banking and insurance secrecy. Personal data may also be transferred to other companies with whom companies within the Länsförsäkringar Alliance cooperate in order to provide their services, such as Bankgirocentralen, suppliers of IT-infrastructure services, insurance intermediaries and reinsurance companies. This may occur both within and outside of the EU and EEA. See further information about non-EU and EEA recipients below (section Transfer of personal data outside of EU/EEA).

Furthermore, your personal data will be transferred to public authorities if it is required by law. In the event of disputes and other procedures in order to establish, exercise or defend legal claims, your personal data may be transferred to courts, tribunals and opponents. Personal data may also be transferred to creditors with mortgage liens on insured property or site leasehold rights. In addition, information about your property and casualty insurance may be disclosed to persons in your household.

The legal basis for transfer your personal data with other companies is for the performance of our contract with you or due to a legal obligation. In some cases, the legal basis may be our legitimate interests to market products and services from other companies within the Länsförsäkringar Alliance.

For Which Purposes Do We Process Your Personal Data?

Managing Contracts, Applications & Offers

For the Performance and Administration of the Contract


  • Collecting, registering and administrating the necessary personal data required for the contract
  • Updating information such as your registered address
  • Managing payments of insurance premiums
  • Managing bank deposits and withdrawals
  • Regulating insurance claims
  • Calculating premiums and fees
  • Answering your questions via our online forms, telephone or chat
  • Reinsuring our insurance risks where applicable
  • Managing claims from creditors with priority right in insured property
  • Establishing, exercising or defending legal claims, such as recourse claims

Taking Steps that You Request Prior to Entering into a Contract


  • Registering the necessary information in order to submit an offer
  • Assessing an application for e.g. an insurance or mortgage loan
  • Collecting, verifying and registering the necessary information in order to enter into contract
  • Preparing and providing advice to you about our products and services

Compliance with Legal Obligations

Fulfilling Legal Obligations


  • Screening personal data against sanction lists as required by law or official decisions by public authorities
  • Preventive measures against money laundering and financing of terrorism
  • Reporting to authorities, both Swedish and foreign

Processing Based on our Legitimate Interests

In order to Offer You Customised Products and Services


  • Providing a complete overview of your engagements with the Länsförsäkringar Alliance
  • Carrying out marketing activities such as direct marketing via e-mail and text messages
  • Marketing and customer analysis, in some cases including profiling
  • Carrying out customer surveys
  • Producing statistical data for our risk assessments and insurance products

Preventing Fraud


  • Preventing, investigating and averting fraud. This may include screening against public records and cooperation with Larmtjänst and their partners.

Improving Our Products and Services


  • Developing and improving both existing and new products and services
  • Developing and testing our systems for managing our products and services in a secure and effective manner

Preventing Damages


  • Giving advice and suggestions to avoid or minimise damages, such as, via text message, informing about upcoming weather changes
  • Producing statistics about injury-hit areas, such as accident prone roads, in order to attempt to affect the authorities to take preventive measures.

Legal Basis for Our Processing of Personal Data

The processing of your personal data is necessary for our performance of a contract to which you are a party or in order to take steps requested by you prior to entering into a contract. Please see examples of our processing activities under Managing Contracts, Applications & Offers.

The processing of your personal data is necessary for our performance of a contract to which you are a party or in order to take steps requested by you prior to entering into a contract. Please see examples of our processing activities under Managing Contracts, Applications & Offers.

The processing of your personal data is necessary for compliance with legal obligations. This may be processing activities described under Compliance with Legal Obligations, but also processing when you are not a party to a contract but where we still have a legal obligation to fulfil.

When consent is used as legal basis for our processing of your personal data, it is necessary that you give us permission to process your personal data.

You have the right to withdraw your consent at any time. In such case, we will have no right to continue to process your personal data based on the consent and if a certain processing has been carried out based on your consent, we will not be able to complete the processing. This means that, for example, if processing of an application is carried out on the basis of a given consent, and the consent is withdrawn during the ongoing processing, we will no longer be able to process your application. The withdrawal of your consent will not affect the lawfulness of Länsförsäkringar's processing based on the consent before its withdrawal.

In some cases, we may need to collect sensitive data, such as health data and information about trade union membership. Unless the processing is necessary in order to establish, exercise or defend legal claims, we will require your consent in order to be able to process such data.

The processing is necessary in order to be able to establish, exercise or defend legal claims in connection with disputes and other procedures, e.g. recourse claims.

Your Rights and How to Exercise Them

You have the right to request information about what personal data we process or we have access to about you (subject access request). In order to ensure that nobody else is allowed access to your personal data, you will be required to identify yourself when requesting such access.

If you would like to make a subject access request, please contact us via "My Pages", post mail or telephone. As Länsförsäkringar consists of several companies, it is important that you specify what company your access request regards.

You have the right to receive personal data that you have provided to Länsförsäkringar and which we process electronically, through an electronic copy. You also have the right to request that the electronic copy shall be transferred to another data controller, if this is technically possible. The request for data portability can be made in the same way as a subject access request. In order to receive an electronic copy, you must identify yourself and specify which company within the Länsförsäkringar Alliance that you request the information from.


You have the right to object to processing of your personal data based on our
legitimate interests. You also have the right to object to direct marketing. If you would like to exercise your right to objection, please contact us via Mina sidor, telephone or post mail.

Länsförsäkringar is obliged to only process correct and up-to-date personal data about you. If your personal data are incorrect, you have the right to request rectification or completion of such data. You also have the right to request that we restrict the processing of your personal data, e.g. while assessing our legitimate interests.

The data controller for the processing of your personal data is the company within the Länsförsäkringar Alliance that you have entered into a contract with or otherwise provided your personal data to, or who has obtained your personal data from a third party, such as your employer.

Companies within the Länsförsäkringar Alliance also have joint customer database with general information about you, such as your name, contact details and information about your engagements. Your personal data will be processed e.g. for automatic updates of your address and for the coordination of the companies' information and marketing to you. The companies within the Länsförsäkringar Alliance are the joint controllers for the processing of personal data in joint databases, and have therefore entered into a so-called data sharing agreement.

In some cases you have the right to request that your personal data are erased when they are no longer necessary for the purposes which they were collected. Länsförsäkringar will erase personal data about you when the data are no longer needed, but may store your personal data if required by law.

The Swedish supervisory authority

You also always have the right to lodge a complaint or report an infringement of the GDPR to the Swedish supervisory authority, Datainspektionen. 


Contact Details

Contact Us in Case of Questions

Please do not hesitate to contact us if you have any questions about data protection or would like to exercise any of your rights.

Contact us

Data Protection Officer

We have appointed a data protection officer to monitor compliance with the GDPR and other applicable data protection rules. You may also contact our data protection officer if you wish to make any objections to our processing of your personal data.

Dataskyddsombud, Länsförsäkringar Skåne, Box 742, 251 07 Helsingborg.