Our mission

How we operate in each area

Supervision

IMY is Sweden’s national supervisory authority for the processing of personal data.

We ensure that the rules on data protection are followed, primarily through supervision.

We monitor compliance with the General Data Protection Regulation (GDPR), the Criminal Data Act, the Camera Surveillance Act, and other data protection regulations.

We also supervise that credit reporting agencies follow good practice.

If you believe that someone is processing your personal data in a way that violates the GDPR, you can file a complaint with us.

File a Complaint

Credit reporting activities

We grant licenses for credit reporting activities.

EU Cooperation

We actively participate in various joint EU collaborations and contribute to a consistent application of the General Data Protection Regulation (GDPR) across the EU. The purpose of this cooperation is to ensure that all member states interpret and apply the regulations in the same way.

The Director General of IMY is a member of the European Data Protection Board (EDPB), which meets regularly and makes decisions on, among other things, the interpretation of various data protection rules. Representatives from IMY also participate in the EDPB's subgroups.

Guidance

A key part of our mission is to provide guidance and spread knowledge — both to those who process personal data (the data controllers and data processors) and to those whose data is being processed (the data subjects).

We monitor developments in the field of data protection and produce reports and guidance on key areas.

We provide guidance and spread knowledge about data protection regulations, both to the public and to those who process personal data.

We provide advice and engage in dialogue with organizations, and we have extensive collaboration with other authorities.

We work preventively, for example through prior consultations.

We monitor and describe developments that affect the protection of personal data, including in information and communication technology and business practices.

We produce reports and guidance on key topics.

We also work at the national level, providing advice to Parliament and the Government on legislation and administrative measures.

When new laws and regulations are being developed, we ensure that personal privacy is protected and point out any shortcomings or the need for legislative changes.

We provide input on a large number of consultations.

We review drafts of legislation, legislative council referrals, and government bills, and participate as experts in investigations and committees.

We issue our own regulations with general provisions and publish general advice with recommendations on various matters.

We follow developments in privacy protection and report to the government every four years on the most current and significant developments affecting personal privacy.