Refusal to work is a term commonly used in labor law. It refers to situations where an employee refuses to carry out tasks that are part of their job. This can include not showing up for work or refusing to perform a specific task. Refusal to work can arise for various reasons, but regardless of the cause, it can have serious consequences for both the employee and the employer.
What does refusal to work mean?
As an employee, you have an obligation to follow your employer’s instructions, as long as they are within the scope of your employment contract and don’t violate any laws or collective agreements. Employers have the right to direct and allocate work, meaning you’re required to follow the instructions given to you within your role. If you refuse to perform your duties without a valid reason, it can be considered refusal to work.
Some acts that can be considered refusing to work are:
Refusing to perform tasks that clearly fall within your job responsibilities.
Not following your work schedule or refusing to come to work without a valid reason.
Saying no to changes in tasks that are part of your job.
When is it justified?
There are situations where you as an employee have the right to refuse certain work. Some areas where it’s justified include:
Dangereous situation If the work poses an immediate risk to your health or safety, you have the right to refuse to perform the task until your employer has resolved the issue.
Illegal orders If your employer asks you to do something that violates laws or regulations, you can refuse. For example if your employer wants you to breach occupational health and safety regulations.
Changes to working conditions If your employer makes significant changes to your duties or workplace in a way that conflicts with your employment contract, you have the right to say no.
Consequences of refusing to work
When an employee refuses to work without a valid reason, it can have serious consequences. The employer usually has the right to take action, and in as a worst case scenario, you can be dismissed or terminated. The measures an employer can take include:
Giving warnings The most common first step as a response to refusing to work is a warning. This serves as a reminder of your duties and gives you a chance to correct your behavior.
Salary deduction The employer could decide not to pay you for the time during which you refused to work, since you haven’t fulfilled your obligation to work.
Dismissal If the refusal to work happens repeatedly, it can lead to dismissal. However, the employer has to have valid reasons, meaning they have to show that the employee’s refusal has seriously affected the workplace or the company’s operations.
Termination In the most serious cases, refusal to work can lead to immediate termination, meaning the employment ends right away. In this case, the employee doesn’t work during their notice period. Termination is reserved for serious breaches of conduct or when the refusal to work continues despite previous warnings.
Important considerations
It’s important to understand that as an employee, you’re obligated to follow your employer’s instructions, as long as they don’t violate any laws or put your safety at risk. If you find yourself in a situation where you’re considering refusing to perform a task, it’s always best to first talk to your employer to resolve any misunderstandings or disagreements between you.
Do you need legal help?
We have several lawyers who can help you in this area. Book an appointment with one of them in the Kliently app, or contact us to hire one of the lawyers. We recommend:Dlovan Kassab
There are several responsibilities of an employee that you have to follow. These responsibilities are outlined in your employment contract, in the Swedish Work Environment Act, and other potential agreements. It’s important to follow the rules to allow your employer to create a safe and efficient work environment for all employees.
Some of the most important responsibilities of an employee
Perform tasks according to your contract
You’re required to perform your tasks as specified in your contract. This means you have to follow the guidelines and instructions provided by your employer. If you refuse tasks without a valid reason, it can be seen as refusal to work, which can lead to warnings, and in serious cases even termination.
Follow workplace rules and guidelines
Most workplaces have rules and guidelines that employees have to follow. This can include safety regulations, dress codes, or rules regarding work hours. If you violate these rules, especially the ones related to safety, it can negatively impact both you and your colleagues and lead to disciplinary actions.
Difficulty in cooperation
Cooperation difficulties in the workplace, if severe, can lead to termination. However, it’s important that the ability to cooperate is essential for the job and that your tasks cannot be completed without effective teamwork. In cases of cooperation issues, the employer has to first investigate the problems and attempt to find a solution, such as through reassignment or mediation between employees. The employer’s responsibility to resolve the situation can vary depending on the size and resources of the company.
Disloyal behavior
An employee is also obliged to remain loyal to their employer. This means that you, as an employee, shouldn’t compete with your employer’s business or spread falsehoods or damage their reputation. The higher the position you hold in the workplace, the greater the expectation for loyalty. At the same time, there are protections for whistleblowers under the Whistleblower Act, meaning that reporting misconduct at your workplace isn’t considered disloyalty.
Attendance and punctuality
It’s your responsibility to arrive on time and be present during work hours unless otherwise agreed upon. Repeated absenteeism or tardiness without a valid reason can lead to warnings and deductions in pay. In the worst-case scenario, it can even result in dismissal if it becomes a recurring issue.
Follow occupational health and safety regulations
According to the Swedish Work Environment Act, all employees are required to follow safety regulations and use the appropriate protective equipment to make sure that the workplace remains safe. If you don’t follow these rules, you risk not only your own safety but also the safety of your colleagues. This can lead to both disciplinary and legal actions.
Confidentiality
If your employer requires confidentiality regarding trade secrets or sensitive information, you’re obligated to respect that. Breaching confidentiality can lead to legal and financial consequences.
Responsibilities of an employee during the notice period
If you resign or are terminated, you have to work throughout your notice period. The length of your notice period should be stated in your employment contract and can vary depending on how long you’ve been employed or what’s stated in the collective agreement. During the notice period, you have the same obligations as usual to work and contribute to the business. If you don’t work during the notice period, the employer can deduct pay and, in some cases, demand financial compensation for lost labor.
Consequences of not following your responsibilities as an employee
Warnings If you breach your responsibilities, it’s common for the employer to first issue a verbal or written warning. This gives you the chance to correct what’s gone wrong.
Deductions in pay If you’ve breached your responsibilities repeatedly without a valid reason, your employer can make deductions from your pay for the time you haven’t worked.
Reassignment In some cases, an employer can choose to reassign you to different tasks if it would lead to improved performance.
Termination or dismissal For repeated or serious breaches of the employer’s rules, the employer could choose to terminate or dismiss you. In the case of dismissal, your employment ends immediately without a notice period.
Legal consequences If you violate confidentiality rules, workplace safety regulations, or other legally mandated responsibilities, it can lead to consequences such as fines or, in the worst case, imprisonment. That’s why it’s important that you understand and comply with the requirements your employer sets for you. Of course, this only applies as long as the requirements are reasonable and necessary for you to perform your job.
Do you need legal help?
We have several lawyers who can help you in this area. Book an appointment with one of them in the Kliently app, or contact us to hire one of the lawyers. We recommend:Dlovan Kassab, Samir Baraka
Are you thinking about buying a shelf corporation?
A shelf corporation is a ready-made and registered limited company that you can buy and use immediately. Many entrepreneurs choose to purchase a shelf corporation to quickly get started with their business. This way, you avoid going through the time-consuming process of registering a new company from scratch. With a shelf corporation, you still have the opportunity to customize the company according to your needs. So you can, for example, change the name, modify the business description, and appoint your own board of directors. This allows you to start your business faster when buying a shelf corporation.
What are the advantages?
One of the main advantages of buying a shelf corporation, and why so many choose it as an option, is that you avoid the initial administration that comes with starting a limited company. It saves both time and energy, especially if you haven’t gone through the process of starting a company before. It’s valuable if you’re in a hurry to sign contracts, apply for loans, or need to get your business up and running quickly. Since the shelf corporation is already registered, you can instead focus on customizing the company and begin operating your business. This also means you can buy a one regardless of the type of business you plan to run. It doesn’t matter if you plan to, for example, run a store, a consulting business, or a tech startup, as you can quickly adapt the shelf corporation to suit your needs.
And what are the disadvantages?
One of the biggest drawbacks of shelf corporations is the high cost. This is because you’re essentially paying to avoid the registration process and get a ready-to-use limited company. So you still need the 25,000 SEK required for share capital and possibly other funds needed to start your business. If you’re starting with limited capital, it can be difficult to purchase a shelf corporation, even though it saves time.
Another downside is that the corporation isn’t entirely new, even if it hasn’t conducted any business previously. The shelf corporation may have been registered for some time without being active. This means that the company’s fiscal year begins when it was first registered with the Swedish Companies Registration Office. The fiscal year doesn’t start from the date you purchase the shelf corporation. This could bring up certain financial issues that you may need to address from the outset.
It’s also important to remember that even though the process of starting a limited company is faster with a shelf corporation, it doesn’t mean you completely avoid the initial administration. You still need to spend some time setting up things like the company’s board of directors, the company name, and business description, which requires some processing time with the Swedish Companies Registration Office.
Is a shelf corporation the right choice for you?
Buying a shelf corporation can be a good option if you need a company quickly and don’t want to wait for the registration of a new limited company to be completed. It’s especially beneficial if you want to start your business immediately and need a company registration number to sign contracts or conduct business.
At the same time, it’s important to remember that a shelf corporation costs money. So, it’s a good idea to consider whether investing in one is valuable for your business. You simply need to weigh the advantages of the quick start against the higher cost. If you have time to wait and want to save money, it might be better to start a limited company from scratch instead.
Do you need legal help?
We have several lawyers who can help you in this area. Book an appointment with one of them in the Kliently app, or contact us to hire one of the lawyers. We recommend:Mirella Nunes Siqueira
Your rights to annual leave as an employee in Sweden
Especially during the holidays, many people wonder what they’re entitled to when it comes to annual leave. The Swedish Annual Leave Act entitles all employees to 25 days annual leave each year. This corresponds to five weeks. Of those days, you have the right to take at least four consecutive weeks of holiday leave during the summer, i.e. during the months of June-August. If you don’t work five days a week, you’re still entitled to what would equal 25 days of leave. The number of days you’re entitled to will then recalculated based on how many days per week you actually work.
It’s important to distinguish between the right to annual leave and the right to receive compensation during your leave. The Annual Leave Act always gives you the right to leave. If you’re entitled to compensation during your leave depends on whether you’ve worked long enough to earn paid leave days. Also collective agreements and other conditions that you and your employer have agreed upon can affect what you’re entitled to in terms of annual leave.
Annual leave for part-time employees
The Annual Leave Act doesn’t take into account how many hours per day you work. It only takes into account how many days per week you work. As long as you work five days a week, you’re entitled to 25 days of annual leave. This also applies when you work five days a week but part-time. However, if you work fewer than five days a week, you’ll also get fewer annual leave days per year. If you work an average of four days a week, i.e. 80 percent of a five-day week, you’re also entitled to 80 percent of the 25 days the Annual Leave Act guarantees, which then becomes 20 days.
You can only take annual leave for whole days and only on the days you would normally have worked. You can never take half a day off as leave. So when you calculate how many leave days you’re entitled to, you must also round the number of days up to the nearest whole number. An example of this is if you work an average of 3.5 days a week. This means that you work 70 percent of a five-day week, which gives you 17.5 leave days. These should be rounded up to 18 days instead.
Right to compensation during annual leave
To also be entitled to pay during your leave, you must have worked and earned paid annual leave days. The 25 days you’re entitled to according to the Annual Leave Act only gives you the right to take time off. It doesn’t guarantee that you’ll be paid during that time.
According to the Annual Leave Act, a holiday year spans from April 1st of year 1 to March 31st of year 2. The holiday pay you earn during a holiday year can then be withdrawn starting from April 1st of year 2. If you’ve only worked part of a holiday year, for example half, you’ll only get holiday pay for half of the leave days. However, you still have the right to all of your leave days. Only that the rest of the days will be unpaid. If you’ve worked a full holiday year, you’re entitled to 25 paid leave days according to the Annual Leave Act.
If you’re employed for a maximum of three months, your employer can waive your right to annual leave. You won’t have the right to take any leave during your employment then. But you’re still entitled to holiday pay. Your holiday pay cannot be included in your regular salary and your employer has to report the pay separately on your salary statement.
Calculate what you’ll receive in holiday pay
Many employees have a collective agreement that regulates how much your holiday pay is. But if you don’t have one, there’s a minimum level for holiday pay according to the Annual Leave Act. Usually you’ll receive the same salary as you would’ve had you worked, but with a bit more in addition. To calculate your holiday pay you can use the following formula:
(Monthly salary/21) + (0.43 x Monthly salary/number of annual leave days)
If you have a variable salary and, for example, work on commission, there’s another way to calculate what you’ll receive in holiday pay. In this case you can take 12 percent of the total salary you’ve earned from April 1st of year 1 to March 31st of year 2. That’s your total holiday pay. How much that would be per leave day is the amount of the total holiday pay divided by 25.
Should you in this case have more than 25 leave days, you need to add 0.48 percent for each additional day. Instead of taking 12 percent of the total salary, you take 12.48 percent if you have 26 leave days, 12.96 percent if you have 27 leave days, etc.
When your employer doesn’t comply with the Annual Leave Act
What the Annual Leave Act says is the basis for all employees in Sweden. You could be entitled to more if you also have a collective agreement or extra benefits in your contract. But if your employer should deny you annual leave and holiday pay when you’re entitled to it, you can contact a lawyer for advice and to pursue your case in court. In the Kliently app, you can get in touch with our lawyers seven days a week, 365 days a year.
Do you need legal help?
We have several lawyers who can help you in this area. Book an appointment with one of them in the Kliently app, or contact us to hire one of the lawyers. We recommend:Dlovan Kassab, Samir Baraka
Everything you need to know about trademark protection
Have you protected your brand yet?
Building and maintaining a strong brand is critical to a company’s success and competitiveness. And through strong trademark protection, you’re able to protect your company against trademark infringement and strengthen its position on the market. You can protect your brand by registering it with the Swedish Intellectual Property Office (PRV) or by incorporation.
A brand that has achieved an established position on the market and is well known among consumers is protected by trademark protection. Since establishing this requires a lot of time and work, it’s easiest and most efficient to register your brand. That gives your brand formal rights. It protects your brand from others trying to register brands that could be interchangeable with your brand. And it allows you to use the ®-symbol in marketing.
Important things to consider before registering your brand
Distinctiveness is key to strong trademark protection and simply means that your have to be able to distinguish your products or services from others on the market. To ensure your brand is distinctive enough, it shouldn’t be generic or descriptive of the products or services your brand represents.
If your brand is illegal or violates morals or public order, you won’t be able to register it. You also won’t be able to register it if there’s risk of misleading consumers or if your brand is similar to other protected intellectual property rights.
Register for trademark protection
To make sure your brand is protected, you can register it with the Swedish Intellectual Property Office (PRV). Just send an application through their site and pay SEK 2,400 to register your brand for protection in one class. If you want to protect your brand in more classes, additional fees will apply. If you instead choose to register your brand by sending in an application by post, it’ll cost you SEK 3,500. Once you’ve submitted your application, it takes approximately 3-4 months before you receive a response.
Regardless of whether your brand is registered or not, you’ll need to pay for your application. But if your brand is registered, the registration will be valid for ten years. You can then renew your registration provided you pay a fee to PRV. The registration only applies to protection in Sweden. For trademark protection internationally, you’ll have to turn to other means.
International trademark protection
There are ways to secure international protection through various international agreements and organizations. For example, you can apply for EU trademark registration for trademark protection within the EU. The registration can be made with the European Union Intellectual Property Office (EUIPO).
You can also register your brand through the so-called Madrid Protocol, a collaboration among over 80 countries worldwide, and which is administered by WIPO (World Intellectual Property Organization).
Do you need legal help?
We have several lawyers who can help you in this area. Book an appointment with one of them in the Kliently app, or contact us to hire one of the lawyers. We recommend:Mirella Nunes Siqueira
All the dates regarding your declaration that you need to keep track of
Make sure you’re aware of the dates regarding your income tax return
It’s time to declare again and there are some dates that are important to keep track of when it comes to your income tax return. Here’s the list of dates about when and what applies when you have to declare your taxes.
March
March 4-8 – everyone with a digital mailbox will have their declaration sent there during this period. After March 8, the declaration is also available to everyone on My Pages at the Swedish Tax Agency. There, you can access a pdf file of your income tax return that you can check but not make changes to.
March 15 – April 15 – if you don’t have a digital mailbox, you’ll receive your income tax return in the mail during this period. But by using e-identification, you can still access your declaration on My Pages at the Swedish Tax Agency. You can even declare starting March 19 regardless of whether you’ve received your declaration by post or not.
March 19 – now you can declare, that is, you can make the changes you want to make or just accept the declaration as it is. To do this, you’ll need to log in to the Swedish Tax Agency’s e-service Income declaration 1.
April
April 3 – if you’re going to get money back on your taxes and want the money as soon as possible in April, you need to approve your tax return now. But you can only get your money in April if you approve the declaration without changing it in any way. And only if you approve the declaration digitally.
April 8-12 – this week you’ll receive your final tax notice if you’ve approved your tax return by April 3. You can see this as a confirmation that your declaration is finished and approved and finished. If you’re going to get money back on your taxes, you’ll get them between 9-12 April. If you instead have to pay more tax, you need to do so by July 12 at the latest.
May
May 2 – this is the last day to submit your income tax return as long as you haven’t been granted an extension of time to submit the tax return. That is, as long as you haven’t been approved by the Swedish Tax Agency that you can submit your tax return after May 2. If you don’t submit your return on time and you were born in 1959 or later, you may have to pay a late fee of SEK 1,250 or more, depending on when you submit your tax return.
May 3 – if you have a maximum of SEK 30,000 in tax left to pay, you have to make an extra payment to your tax account now to avoid paying cost interest as well.
May 16 – if you’ve been granted an extension to submit the tax return later than May 2, you have to submit it now.
June
June 3-7 – if you declared May 2 at the latest and your tax return is approved, you’ll receive your final tax notice to your digital mailbox now. Otherwise, it will arrive by post 1-3 weeks later. If you’re getting money back on your tax, you’ll receive the money in your account between June 4-7. If, however, you still have tax to pay, you have to have made the payment by September 12 at the latest. The exact date that applies in your case is stated in your final tax statement. But it’s usually 90 days from the date the Swedish Tax Agency sends your final tax statement.
June 17 – if the Tax Agency has given you an extension to submit your tax return through your accounting firm, this is the last day to declare. This is called an agency deferral and means that your accounting agency has been approved to submit your return later than May 2.
July
July 12 – if you have taxes left to pay and approved your income tax return back in April and received the final tax notice in the same month, you have to make a payment by this date. The exact date that applies in your case is stated in your final tax statement and is 90 days from the date the Swedish Tax Agency sent your final tax statement.
August
5-9 August – you will now receive your final tax notice to your digital mailbox if you didn’t receive it in April or June and declared by May 2. If you don’t have a digital mailbox, you’ll instead receive the final tax notice in the mail 1-3 weeks later. If you also have tax to be refunded, the money will land in your account between August 6-9. If you instead have tax left to pay, you have to make a payment by November 12 at the latest. The exact date that applies in your case is stated in your final tax statement. But it’s usually 90 days from the date the Swedish Tax Agency sends your final tax statement.
December
December 2-6 – if you haven’t received your final tax statement earlier in the year, or if you lack tax registration in Sweden, you’ll receive your final tax statement to your digital mailbox now. If you don’t have a digital mailbox, you’ll instead receive it in the mail 1-3 weeks later. If you’re going to get money back on your taxes, you’ll receive the money in your account between December 3-6. If, however, you still have tax to pay, you have to have made a payment no later than March 12, 2025. The exact date that applies in your case is stated in your final tax statement. But it’s usually 90 days from the date the Swedish Tax Agency sends your final tax statement.
As CEO, you’re responsible for a company’s day-to-day operations and have ultimate responsibility according to, among other things, the Work Environment Act, the Environmental Code, the Tax Act, the Annual Accounts Act and the Accounting Act, as well as labor laws. So it’s important to clearly state in the agreement which areas of responsibility are included. You can also draw up a special CEO instruction that clarifies the division of work and responsibility within the board members and other functions.
2. What are the specifics concerning the CEO’s employment protection?
Since the CEO isn’t covered by LAS, it’s important to write down exactly what form of employment they have, how long the notice period is and how notice is given, as well as if, how and in which situations the company can fire them. Most often, the notice period is a few months and can be the same regardless of whether it concerns a dismissal or the CEO being fired. It’s also common to then receive a severance payment which means you also have to state how much that will be and when it will be paid out.
3. How and how much will the CEO be paid?
In addition to salary, the CEO can also receive a bonus for the work they perform. There are usually conditions for bonus payment. That is, goals that they have to reach to get the bonus. As well as when it’s paid out in that case. The agreement should also state when it’s time to renegotiate the compensation going forward.
4. Make sure you have a confidentiality clause
As CEO, you’re sitting on a lot of information that can be valuable for competing businesses. So it can be good to include a confidentiality clause in the agreement. In it, you specify what is confidential and may not be shared with external parties. This way, you can ensure that your trade secrets are protected both while the CEO is with you and after they have left the company.
5. Non-competing clauses are important
It is just as important to have a non-competing clause in the agreement. Through the clause, you can prevent the CEO from going to and working for a competitor immediately after employment with your company. Most often, this is done by offering compensation for the time they’re not allowed to work at competing businesses. However, it is important to remember that non-competing clauses can’t be too extensive. Make sure to check with a lawyer if your agreement holds up to be on the safe side.
6. What are the consequences for breach of contract?
If the CEO violates any of the terms of the agreement, it needs to be clearly stated what the consequences are. Most of the time, it usually means that they have to pay a fine. And you have to state how big the fine will be and whether the company has liability insurance to cover certain situations.
7. How do you resolve any disputes?
If a dispute arises between the company and the CEO, it’s easiest to resolve them in an arbitration court. Just because the process is faster, the verdict isn’t public and it isn’t possible to appeal either.
Do you need legal help?
We have several lawyers who can help you in this area. Book an appointment with one of them in the Kliently app, or contact us to hire one of the lawyers. We recommend:Mirella Nunes Siqueira
Contact Kliently lawyer Beatrice Gustafsson when you need a notary public
If you have legal affairs that require parties outside of Sweden to review and/or sign documents, you may have heard of the term notary public. It can be about contexts regarding corporate affairs, real estate affairs, adoption, etc. But what does the term mean and how do you know you’re getting the right help?
A notary public is an authorized official who performs various types of legal and official duties. Most often, it’s in connection with document management and evidence. Their main tasks are to witness and stamp documents, verify signatures, and sometimes also act as witnesses in various legal transactions. What kind of authority and powers they have may vary from country to country, but all of them play an important role in ensuring that legal documents and agreements are authentic and reliable.
Each county in Sweden has at least one notary public who is appointed by the County Administrative Board. The person must have a law degree and have sufficient language skills. The person cannot be declared bankrupt or have an administrator according to law.
The County Administrative Board trusts the person in question to, among other things:
certificate that Swedish documents, signatures and the like are authentic. This is called issuing an apostille and means that the documents are given a special stamp of authentication.
certify that an authority or person has the right authority or holds a certain position.
provide explanations on legal and financial matters of importance to third parties.
act as a witness both when seals are put on and broken and when rooms for storage are opened and closed.
When you need help from a notary public, it usually requires you to visit the appointed person to get help. You then need to bring valid identification and the papers that are necessary in your particular case.
Do you have the right information in your cookie policy?
Does your cookie policy include all the necessary information?
Companies that want to get to know their users and analyze their behavior can use cookies to do so. It’s a good way to improve your offers and make sure your users get the information that benefits them the most. If you use cookies on your website, you have to have a cookie policy where you inform about how you use cookies.
Most websites use cookies, i.e. small text files with information that is stored in browsers. By saving cookies in the browser, the user’s experience of the site becomes smoother. It’s because of cookies that users can collect products in a shopping cart knowing they’ll remain until the next time they visit the site. It’s also because of cookies that users only need to log in to sites once and choose to keep themselves logged in even after they’ve closed the browser.
This is what your cookie policy should contain
Your cookie policy has to be clear and easy to understand. Users have to be able to quickly understand what it means to accept or not accept cookies. Simply put, what the consequences are for each choice. In addition, your policy has to include:
what cookies are. The user has to be able to quickly understand what cookies are and how they work.
how and why you use cookies. You don’t have to get into details, but should give an overall, clear explanation of which type of cookies you use and what the purpose for using them is. As a separate paragraph in this section, you can also include whether you use cookies from a third party, for example if you use Google Analytics.
how the user can disable cookies. The user should both receive information about how they deactivates cookies and what happens when they do so. You can also link to other pages where the user can follow instructions on how to disable cookies. In this section, you can also explain how users delete the cookies that have already been saved.
All companies that in any way process and store personal data has to have a data protection policy, i.e. a GDPR policy. All information that has a connection to you in some way, whether directly or indirectly, is considered personal data. It can be anything from name, address, phone number and social security details to email address containing your name, ID card number and even your IP address. Even pictures, videos and sound recordings are considered as personal data.
In your GDPR policy, there are a number of details you must have easily accessible to your users. The information has to be straight-forward and easy to understand. Otherwise, the risk is you can be fined for violating GDPR. And above all, there has to be a legal ground that allows you to collect other people’s personal data.
There are six legal grounds that allows you to process personal data. Organizations that process personal data in any way has to fulfill at least one of these grounds:
You need consent from the user to be able to save their data.
You need to have an agreement with the user that requires their personal data to be saved.
You need to have a legal obligation that requires you to save certain personal data by law.
You need to show that you’re processing personal data to be able to protect peoples fundamental interests, for example to save their lives. This mainly applies to healthcare.
You need to be an authority and process personal data as part of your work as an authority and in the interest of the public.
You need to have your interests to process personal data outweigh the interests of your users making processing personal data necessary. This can apply to when your organisation is part of a large group and you having to share personal data with others within the group in order to be able to pay salaries and the like.
1. Your GDPR policy must include who’s responsible of the personal data
Who’s responsible for personal data depends on the form of the company. It’s usually not a person, but the organization itself. If you’re a company, then the company is responsible for personal data. If you’re an association, it’s the association who’s responsible. One individual can also be responsible for personal data, such as in individual companies.
2. Why do you collect personal data?
Different organizations have different reasons for collecting personal data. What’s important to keep in mind is that the personal data you collect doesn’t only apply to your users, but also to your employees. For example, data you collect in payroll systems has to comply with GDPR. The same goes for when you want to communicate with your users, for example through a newsletter.
Regardless of the reason, it’s particularly important to be clear about why you’re collecting personal data. Both so your users can easily get that information, but also because you can’t use the information you’ve collected in any other way than how you’ve specified. For example, you can’t collect email addresses when your users create accounts at your webpage and then at a later stage use the same information to start sending newsletters to them. If you want to change the purpose, you have to disclose the information to your users and be clear about how the changes affects them and why you’ll collect their personal data going further.
3. Where do you store the personal data?
Do you store the data within the EU or do you store it in a country outside of the EU? Depending on where you store the data, you need to check that the country has a sufficiently high level of protection of personal data according to the EU/EEA standard. If the country doesn’t, you can’t store personal data in that country. So you need to check whether there is a decision from the European Commission regarding the level of protection in the country you want to store the data in. If there’s no such decision, you need to have standard contract clauses that the European Commission has decided on. But since such clauses sometimes means you also need to take other protective measures according to the EU Court, it would be a good idea to bring in a GDPR expert who can make sure that your GDPR policy is air-tight.
4. The type of personal data you collect has to be included in your GDPR policy
Even when it comes to which personal data you collect, you have to be clear and can’t change and collect other personal data without approval. If there’s a change in your systems that causes you to collect new personal data, you have to share that information with your users. Remember that it’s important to be clear and include exactly all information that’s considered personal data. All information that can in any way be linked to individuals is personal data and must be categorized in your GDPR policy.
5. Who will have access to the personal data?
Are there other parties who will have access to the data? Do you have external suppliers who have access to them? Or are there other parties you collaborate with who will have access to the personal data you collect? Then this has to be stated in your policy. You also have to clarify rights and obligations your partners have. The important thing here is that the personal data you collect isn’t at risk of being misused by partners using it for purposes other than what you’ve informed your users about.
6. How long will you store the data?
Depending on how you intend to use the personal data, the period for how long you intend to store it varies. Simply put, you can save the data as long as you need it for the purpose you’ve specified in your policy. When the purpose is no longer relevant, you have to delete the data.
Sometimes, however, you may need to state that you don’t know how long you’ll need to store the personal data. Then you instead have to state why you can’t limit the storage in time.
7. Your users’ rights have to be stated in your GDPR policy
According to the GDPR, everyone has the right to access their personal data from organizations collecting them. Everyone has the right to both receive an extract and have information changed if it’s incorrect. In addition, everyone has the right to request to have their data deleted in the vast majority of cases. It’s only if there are no other legal obstacles that prevent you from deleting the data that this doesn’t apply. However, this exception mainly applies to authorities. For most companies, if a user wants the company to delete the person’s data, the company has to do so.
8. Where do users submit any complaints?
In January 2021, the Data Inspectorate changed its name to The Swedish Authority for Privacy Protection. They’re the ones who ensure that Swedish organizations comply with the GDPR. It’s also where private individuals can report complaints if they’re concerned about how an organization handles their personal data. That’s why you have to include contact information to the Authority for Privacy Protection in your policy so that your users can easily contact them about any questions, concerns and complaints.
Do you need legal help?
We have several lawyers who can help you in this area. Book an appointment with one of them in the Kliently app, or contact us to hire one of the lawyers. We recommend:Adib Hosseini
