Below is a description of how Freja Psychiatry AB, company registration number 559509-4060 (“Freja”), collects and processes your personal data.
Freja operates a general psychiatric clinic.
In order to provide our services and ensure quality of care, information about your health needs to be collected, and sometimes also information about your current work situation and social circumstances.
Collection of Personal Data
From you
When booking an appointment, we collect your name, personal identity number, email address, phone number, the service you have booked, and any information you choose to provide in the comment field.
We also collect information through verbal consultations, medical records you bring with you, records accessed via 1177.se, physical examinations, psychological tests, and any other documentation you choose to share with us.
Information and documentation received via post, email, or phone will be recorded in your medical record if we assess it to be medically relevant.
From third parties
With your consent, we may collect information about you and your health from third parties if:
- additional examinations are required, such as laboratory tests, physiological examinations, or imaging
- documentation from previous healthcare contacts is needed, such as medical records or certificates
- information from relatives is needed to provide a broader background and confirm your current status
- information from your employer is needed to provide additional context and confirm your current status
All information obtained that we consider medically relevant will be recorded in your medical record.
Purpose and Legal Basis
Medical quality
The primary reason we process your personal data is to ensure safe and accurate medical assessment and treatment. Your data is used to evaluate your health status, make diagnoses, and provide appropriate care and follow-up.
We only process personal data that is relevant to your medical needs. Particularly sensitive data, such as religion, sexual orientation, or political affiliation, is not collected unless it is directly necessary for assessment or treatment.
Information related to criminal activity is handled with particular care and is only documented if it is relevant to psychiatric assessment or treatment. In some cases, it may also be necessary to process information about religious affiliation, for example if it affects treatment options or medication.
Legal obligation
How we process your data is regulated by law, including the Swedish Patient Data Act (SFS 2008:355), the National Board of Health and Welfare regulations on medical records and personal data processing in healthcare (HSLF-FS 2016:40), and the Swedish Accounting Act (SFS 1999:1078).
Performance of contract
In order to manage accounting and financial matters related to your case, we may need to include one or more of the following personal data in financial documentation:
- type of service provided
- name
- personal identity number
Legitimate interest
In addition to the above, we may process information based on legitimate interest for statistical purposes and marketing.
Disclosure of Personal Data
We may share your personal data:
- with you upon request
- with other healthcare providers, but only with your consent
- in connection with financial administration (including type of service, name, and personal identity number)
- with authorized authorities
- with your employer, with your consent
Transfers to Third Countries
Our aim is never to transfer your personal data to countries outside the EU/EEA. However, if necessary—for example, to ensure essential service delivery—we ensure that the recipient meets the highest security standards, such as TADPF.
Data Retention
Under the Swedish Patient Data Act (2008:355), we are legally required to retain your medical records for at least 10 years after the last entry. Beyond this, we do not retain your data longer than necessary for each specific purpose.
List of Data Processors
Accounting software
- Fortnox AB (name, personal identity number, and service details may appear in invoices and records)
Email provider
- Google (content sent via email is stored)
Medical record system
Digital certificate management
- Inera AB (Webcert is used to send certificates to the Swedish Transport Agency)
Laboratories
- Karolinska University Laboratory (laboratory analysis)
- Unilabs AB (laboratory analysis and imaging)
- SYNLAB Sweden AB (laboratory analysis)
Test ordering
- InfoSolutions Sverige AB (Labportalen)
- Provio Nordic AB (sampling network)
Payment solutions
- NETS Sweden AB (card payments; name and service details are stored)
- Skandinaviska Enskilda Banken AB (Swish payments)
Telephony system
Your Rights
You have the right to:
- receive information about which personal data we process and for what purpose
- access your personal data
- request correction of incorrect or incomplete data (however, under the Patient Data Act, medical records cannot be deleted without special permission)
- withdraw any consent given
- object to direct marketing
- file a complaint with the Swedish Authority for Privacy Protection (IMY)
Contact
Please contact us if you have any questions or complaints regarding our processing of your personal data.
Email: info@frejapsykiatri.se
Phone: +46 8 414 001 80