Your Privacy

Are you curious about how we work with security and privacy when it comes to your personal data?

This is our privacy policy – here we describe how we process your personal data, what we use personal data for, how we protect it and the rights you have.

This privacy policy explains how the Swedish Financial Benchmark Facility (SFBF) use any personal information we collect about you when you use this website or our wider services, in accordance with applicable data protection laws. This can include customers, suppliers, business contacts, employees and other people we have a relationship with or may need to contact.

The privacy policy is designed to assist customers about;

  • What personal information is provided by customers to us
  • On what basis do we collect, store and process the personal information
  • For what purpose are we using your personal information
  • How are processing and holding secure your personal information
  • How long we are keeping your personal information
  • Your protection rights in relation to your personal information
  • Who is responsible for personal information protection at our company and who you can contact about this policy

What information do we collect about you?
We may collect personal information from you in the course of our business operations, including through your use of our website, when you contact or request information from us, when you contract our services or as a result of your relationship with one or more of our staff and clients.

The personal information that we may collect from you, as a result of our business interactions with you or in the provision of services, includes information such as your name, the company you work for, your title or position, contact information, such as your postal address, email address and phone number(s).

We may collect from you Information required for billing services or paying invoices, information from your visits to our website or applications or in relation to contents and communications we send to you electronically, and any other information relating to you that you may provide to us.

Not all the information that we hold about you may have been provided by you directly and may be provided by your employer or some other organisation. In disclosing the above personal information to us, the customer confirms to have informed the natural persons in question (employees, agents, etc.) whose personal information they are disclosing to us about the transfer of this personal information to our company.

How we obtain your personal information
We collect information about you when you fill in a subscription agreement to receive benchmark data services, from SFBF or via third parties where we are contracted to provide data subscription services. All subscription agreements signed by customers have a clause that references to this privacy policy.

We collect information on our website to process your enquiry and deal with your requests or notifications. If you agree, we may also use this information to share updates with you about our services which we believe may be of interest to you.

We collect information about you when you fill in any of the forms on our website such as when sending an enquiry, complaint, whistleblowing notification and giving feedback. Website usage information is collected using cookies.

Cookies are text files put on your computer to collect standard internet log information and visitor behaviour information. This information is then used to track visitor use of the website and to create statistical reports on website activity. For more information visit
You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser. Please note in a few cases some of our website features may not function because of this.

When submitting forms on our website we use a third-party software provider for automated data collection and processing purposes, they will not use your personal information for any purposes and will only hold the personal information in line with our policy on personal information retention

What is the basis for our using your personal information?
We use your personal information on the following grounds;

  • To fulfil a contract for service where you have agreed to provide personal information as part of that contract
  • To meet a Code of Conduct, where personal information is required for meeting that Code
  • To meet and comply with any legal and regulatory requirements
  • For other legitimate business reasons

We use the personal information collected about you for the following purposes;

  • To provide the services you have requested from us, including the steps taken at your request before entering into any agreement
  • For billing and invoice payment purposes
  • To improve this website and for monitoring how it is used
  • To manage our interactions with you and our customers
  • To meet any obligations that we have from a legal and regulatory perspective
  • To understand how benchmark data is used and also to consult with users of the benchmarks on future developments
  • To provide to any of our third-party service providers for the purposes of providing the services to you on our behalf. Our third-party service providers are not permitted to share or use personal information we make available to them for any other purpose than to provide services to us
  • To promote our services to you

In all cases, we will only use your personal information subject to your instructions, data protection law and our duty of confidentiality.

Our website
We use analytics tools to identify how visitors use our website so that we may make improvements and give visitors a better user experience.

Our analytics tools are part of a third-party information storage system that records information about the pages you visit, the length of time you were on specific pages and the website in general, how you arrived at the site and what you clicked on when you were there. These cookies do not store any personal information about you and we do not share this personal information.

Your IP address is logged when visiting our site, but our analytic software only uses this information to track how many visitors we have from geographic regions.

How long will we hold your personal information for?
We will retain your personal information for as long as we reasonably require it for legal, regulatory, business or contractual purposes. Retention periods are determined by a number of factors, such as local laws, contractual agreements, applicable data protection laws and legal requirements. Where there is no legitimate reason for retention we will delete/destroy any personal information held by us.

Access to your information, correction, portability and deletion
Under general data protection laws, you have specific rights to your personal information. You have;

  • the right to be informed
  • the right of access
  • the right of rectification
  • the right to erasure
  • the right to restrict personal information processing
  • the right to personal information portability
  • the right to object
  • the rights of automated personal information processing
  • Objections to processing of personal information

Objections to processing of personal information
It is your right to lodge an objection to the processing of your personal information. The only reasons we will be able to deny your request is if we can show compelling legitimate grounds for the processing, which override your interest, rights, or the processing is for the establishment, exercise or defence of a legal claims.

Subject Access
You have the right to request details of the personal information that we hold about you and copies of such personal information. To do this contact us on

Your Right to be Forgotten
You have the right to request to withdraw consent from us to holding personal information about you. This could mean that we are unable to continue to provide you with services. Should you wish for us to completely delete all information that we hold about you please be aware that your personal information may be required to be maintained under regulation and legislative requirements, and that we will be obliged under these circumstances to continue to hold that information.

Keeping accurate personal information
As a Personal information Controller and Processor, we are bound by legal regulations and best practice doctrine and have a responsibility to ensure that any personal information we keep about you is accurate and up to date. To advise us in any change to your personal information that we hold on you please email

Transferring your information outside of Europe
As part of the services offered to you through our services, the information which you give to us may be transferred to countries outside the European Union (EU). For example, some of our third-party providers may be located outside of the EU. Where this is the case, we will take steps to make sure the right security measures are taken so that your privacy rights continue to be protected as outlined in this policy. By using or participating in any service or by submitting your personal information you are agreeing to this transfer, storing or processing. If you use our services while you are outside the EU, your information may be transferred outside the EU to give you those services.

Security protection for personal information
We use appropriate technologies and organisational procedures to help protect your personal information from unauthorised access, use, disclosure, alteration or destruction consistent with applicable data protection laws.

All of our employees are required to follow our privacy policy and local legislation and/or procedures when handling personal information.

Where we have provided authentication information for you to access services, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

While we do take appropriate steps to protect your personal information, no website, product, device, online application or transmission of personal information, computer system or wireless connection is completely secure and therefore we cannot fully guarantee the security of your personal information.

Links to Third Party Websites
This privacy statement only covers websites that we own and control. It does not cover links to other websites and accordingly any information collected by those parties that own and control those websites or their use of cookies set from their domains when you visit their websites.

Additional Services and Marketing
You may choose to sign up to receive information about the services that we provide, and which may be of interest to you. If you have consented to receive marketing, you may opt out at any point as set out below. You also will be given the opportunity on every e-communication that we send you to indicate that you no longer wish to receive our benchmark consultation material. You have a right at any time to stop us from contacting you for marketing purposes. To opt out please email:

Information from Children under 16 years of age
We understand the importance of taking extra precautions to protect the privacy and safety of children. Our services are not marketed to a broad group of consumers; however, the website will allow any person to download a subscription form/contact us form/whistleblowing or complaint form and to send this to us for processing. In the case, that a child under the age of 16 sends any such information to us, we will delete it as soon as we identify it.

Enforcing your rights
If you wish to enforce any of your rights under applicable Personal Information Protection Laws, please contact our Data Protection Officer, by emailing
We will respond to your request without delay.


If you have questions about the processing of your personal data or wish to enforce any of your rights under applicable Personal information Protection Laws, please contact our Data Protection Officer by emailing

You may also send a request by post at:

Swedish Financial Benchmark Facility
Attn: Data Privacy Officer
Box 7603, 103 94 Stockholm, Sweden

If you have contacted us and, as a result, have unresolved concerns, you have the right to file a complaint with the relevant Competent Authority, Integritetsskyddsmyndigheten, that oversees compliance with the legislation in effect in relation to privacy and the protection of data. The complaint form can be filled in at the following address File Complaint at IMY

Box 8114, 104 20 Stockholm, Sweden, Phone: +46 8 657 61 00