How the cultural affairs administration processes personal data

The cultural affairs administration processes your personal data in accordance with the stipulations in the General Data Protection Regulation (GDPR).

As a public authority, the cultural affairs administration is also bound by the Principle of Public Access to Official Documents, which means, for example, that emails and letters that are sent to us are generally considered to be public documents that can be requested by anyone.

What is personal data?

Personal data includes all types of information which directly or indirectly identify a living, physical person. If the identity of a person can be seen directly or indirectly from registered information, it is classed as personal data. Examples of personal data could be a name, address, civil registration number, email address, or a photograph. Audio recordings processed on a computer could be personal data even if no name is mentioned. Data processing in effect means every action that is taken, such as collecting, registering, storing, erasing, printing, or combining the data.

Why are we permitted to process your personal data?

The cultural affairs administration has support in law for processing your personal data when processing is necessary to perform a task that is in the public interest. A task that is in the public interest must be founded on a legal enactment (e.g. the Museums Act or the Libraries Act), through a collective agreement, or following a decision reached with support in law, such as a directive issued by a public authority.

However, it could also be the case that you have signed an agreement with us or that you have granted your consent for us to process your personal data.

How have we gained access to your personal data?

In many cases we have gained access to your personal data by you providing us with it.

This could include:

  • Personal data which you provided when you borrowed or reserved books or other materials from one of our libraries.
  • Personal data which your organisation provided when an application was submitted for cultural activity support.
  • Personal data which you provided when you took part in a programme at one of our museums.
  • Personal data which, as a pupil at the School of Arts, you provided when you hired an instrument from our instrument store.
  • Personal data which you provided when you subscribed to a newsletter.
  • Personal data which you provided when you applied for a job with us.

We may have also obtained your personal data from a source other than you personally – from other authorities for example.

Who is allowed to see your personal data?

Staff from the administration who are dealing with a specific matter are permitted to access your personal data. Exactly who these persons are depends on the matter in question. In certain instances suppliers of systems that we use have access to your personal data. In that case the Cultural Affairs Administration has an agreement with the supplier where they undertake to process your personal data securely and legally in accordance with the General Data Protection Regulation.

How long is your personal data saved?

Your personal data is saved until the purpose of the processing has been fulfilled. The data is then handled according to the rules governing document management plans and disposal decisions.

Your rights

You are entitled at any time to request details of which items of your personal data have been saved. You can do so by requesting a register extract. If your data at the cultural affairs administration is incorrect, incomplete, or irrelevant, you can request rectification. You can also request that data be erased. Your rights could be limited in those cases where confidentiality applies or if the data is filed in accordance with the Archives Act (1990:782).

If you request a register extract, rectification, or erasure, or if you have any other questions, you can contact the cultural affairs administration. If you have any views or complaints regarding the processing of your personal data by the cultural affairs administration, you can contact the Data Protection Officer at Intraservice, City of Gothenburg. Contact details are available below.

You are also entitled to file a complaint with the Swedish Authority for Privacy Protection, which is the regulatory authority for the processing of personal data:

Data Protection Officer

The data protection officer at the cultural affairs administration is Patricia Gozon.

When you send an email to the data protection officer, you must include the name of the administration or company to which the matter or inquiry refers, as well as your name and telephone number as the person wishing to be contacted.

If you would like a register extract or assistance with other rights under the General Data Protection Regulation, you can contact:

Contact Centre 031-365 00 00