Privacy policy

We at Kredinor AB are bound by a duty of confidentiality, and we ensure that your personal data is processed in accordance with EU Regulation 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (the “General Data Protection Regulation”, GDPR), which repealed Directive 95/46/EC.

young woman at her home office with her pet dog

It should be easy for you to access information and receive a detailed explanation regarding privacy protection and confidentiality. Here you can read more about what this means for you. Our privacy information is fully aligned with the rights of data subjects under the GDPR.

Data Controller

Kredinor AB is a debt collection company responsible for the recovery of outstanding debts. In our debt collection activities, your personal data is processed primarily because it is necessary for performing a task carried out in the public interest (see Government Bill 2017/18:120 p. 21).

If you need to contact us regarding privacy matters, you may reach our Data Protection Officer at DPO@kredinor.se.

What We Use Your Personal Data For

Personal data includes all information and assessments that can be linked to you as an individual. Kredinor AB processes the following categories of personal information:

  • Identification information, such as name, personal identity number, and a copy of identification.
  • Contact information, such as telephone number, address, email address, IP address.
  • Financial information, such as income information, credit history, debt details, payment defaults, property, vehicle ownership, other assets, employer, job title.
  • Information you provide to help us handle your case in the best possible way. Sensitive personal data is processed only if relevant and with your consent.
  • Information necessary to fulfill legal obligations, such as reporting to public authorities and preventing money laundering.
  • Information generated through the use of our digital channels.

The purpose of processing your personal data is to enable us to fulfill our obligations effectively.

Specifically, this means that:

  • We perform credit assessments using data from various sources such as credit reference agencies and any other cases involving you.
  • We use public registers to verify the accuracy of the information we hold.
  • We may share your personal information with approved third parties, such as credit reference agencies.
  • General administration, such as transactions, communication, payments, invoicing, and reminders.
  • Analyses.
  • Risk classification of customers and credit portfolios.
  • Prevention and detection of crime.
  • Security.
  • Call recordings.
  • Processing to ensure compliance with industry-specific regulations.

Your information may also be used for testing our services and systems to ensure they function properly.

If we process your personal data beyond what is necessary to fulfill our obligations or what is required by law, this is based on our legitimate interest or your voluntary consent.

Collection of Personal Data From You and Others

The personal data we register primarily comes from our clients (creditors) and from you directly.

We may also collect information from other sources, such as public and private entities. This may include market-related or demographic information.

Disclosure of Personal Data

By disclosure, we mean transferring personal data to another entity that is legally entitled to use it—for example, Kredinor group companies and credit reference agencies. Transfers to our data processors are not considered disclosures.

Internal

Our employees need access to personal data to handle your case. All employees at Kredinor AB are bound by confidentiality agreements.

As part of our social responsibility, we may also provide anonymized statistics, scorecards, and analyses in which your personal data may contribute as underlying material.

Information we hold about you may be used anonymously to help develop our business. To ensure data security, we conduct necessary testing when implementing IT system changes.

We may also disclose personal data to other group companies where required to meet governance, control, or reporting obligations established by or under law.

To Other Private and Public Entities

Personal data is disclosed to public authorities only when required by law. To carry out transactions securely, we may also disclose data to third parties in connection with payment transactions.

For payments to or from abroad, the relevant personal data is shared with the foreign bank. The laws of the receiving country determine the extent of disclosure to authorities or oversight bodies, for example to comply with tax or anti‑money‑laundering regulations.

Use of Data Processors

Kredinor AB has agreements with suppliers acting as data processors. Data processing agreements regulate all personal data shared with those suppliers. When using suppliers outside the EU/EEA, we enter into the EU Standard Contractual Clauses.

Our suppliers may not use the information for purposes other than those for which it was provided.

How We Secure Your Personal Data

We take your privacy seriously and ensure your personal data is protected against loss, misuse, unauthorized access, disclosure, alteration, or destruction.

Technical, Organizational, and Administrative Security Measures

Kredinor AB has robust procedures to secure the personal data we process. The group maintains a specialized team that handles security incidents and vulnerabilities, including threats outside the organization such as fraudulent websites.

We continuously work to secure systems and solutions through encryption, firewalls, access controls, exception handling, and regular staff training in information security.

Your Rights

If you have an active debt collection case with Kredinor AB, we process your personal data. You have the following rights:

Right of Access

You have the right to obtain information about which personal data we process and how.

Requests may be sent to DPO@kredinor.se or by post:

Kredinor AB
Box 92111
120 07 Stockholm
Sweden

Certain exceptions apply, for example where confidentiality is required to prevent or investigate criminal offenses or where disclosure could impair proper case handling.

Correction and Erasure

You have the right to request correction or deletion of incorrect or unnecessary personal data, within the framework of applicable legislation.

Kredinor AB deletes or anonymizes personal data once the purpose of processing has been fulfilled, unless storage is required by law.

Restriction of Processing

You may request restriction of processing. This means data may be stored but not used.

Protection of Your Data

If you have specific concerns about access to your personal data, we can review internal access restrictions.

Data Portability

You may request your personal data in a machine‑readable format when processing is based on consent or contract.

Rectification and Objections

You have the right to rectification under Article 16 GDPR. If you object to processing, or request rectification, processing will typically be restricted to storage only—unless there is a compelling public interest.

You may escalate unresolved objections to the Swedish Authority for Privacy Protection.

Automated Decisions

Automated decisions are made without human involvement. Such decisions may only be made when necessary for entering or performing a contract, when required by law, or when you have given consent.

If automated decisions are made, you may request human review and an explanation of the decision.

Complaints

If you believe Kredinor AB is not processing personal data correctly, you may file a complaint at info@kredinor.se or with the supervisory authority.

Fraud Prevention and Crime Detection

Kredinor AB follows the Swedish Anti‑Money Laundering and Counter‑Terrorist Financing Act (2017:630). If we have reasonable grounds to suspect money laundering or terrorist financing, we must report it to the Police Authority. Data is stored for at least five years.

Call Recordings and Storage of Customer Communication

Kredinor AB records telephone calls for security, documentation, or training purposes and may disclose such recordings to authorities if legally required.

To access stored recordings, you must provide your phone number and the time of the call.

Use of Cookies and Analytics Tools

We use cookies to provide a secure and user‑friendly website experience.

We measure website activities such as visited pages, duration, approximate geographical location (anonymized), and technical information about your device.

Cookies support your user experience and allow us to tailor the website based on your needs. Privacy policy for cookies can be found here.

You may delete cookies in your browser settings, though some functions may not work as intended. You can manage or withdraw your consent through Cookiebot’s Cookie Declaration page.