The Swedish Coast Guard’s operational activities
How the Swedish Coast Guard processes personal data
The Swedish Coast Guard processes personal data when necessary to the agency’s operational activities. When the Swedish Coast Guard processes personal data in operational activities, the agency complies with the General Data Protection Regulation (EU) 2016/679 (GDPR) and national legislation such as the Act containing supplementary provisions to the EU General Data Protection Regulation (SFS 2018:218). The Swedish Coast Guard must also comply with data protection regulations specific to the agency’s operations in the Act (SFS 2019:429) and Ordinance (SFS 2019:438) concerning the Swedish Coast Guard’s processing of personal data within the scope of the Criminal Data Act.
The Swedish Coast Guard is the controller of the personal data processing performed by the agency in the course of its operations and that is necessary to fulfil the agency’s assignment.
In conjunction with, for example, maritime surveillance, suspicions may arise that criminal activities are being conducted, in which case personal data are processed within the scope of the Swedish Coast Guard’s law enforcement activities. You can find further information about that processing here.
For how long do we process personal data?
Personal data are processed for as long as necessary given the purposes of processing. As the Swedish Coast Guard is a public authority, documents held, received or drawn up by the agency are official documents and must be preserved accordingly. How long personal data are preserved depends on provisions on disposal and various archiving regulations.
Further information on how the Swedish Coast Guard processes personal data
You have certain rights when personal data concerning you are processed by the Swedish Coast Guard, including the right to obtain rectification of inaccurate personal data. If you would like to learn about your rights as the data subject or how we process personal data, such as who we share data with, you can find out morehere.
Contact the Swedish Coast Guard and our data protection officer
If you have any questions or views, or you wish to exercise your rights as the data subject, please contact us. You are also welcome to get in touch with our data protection officer, whose assignment is to independently monitor the Swedish Coast Guard’s processing of personal data to ensure regulatory compliance. You can find contact details here.
Purpose and legal basis of our personal data processing
The Swedish Coast Guard is tasked with conducting maritime surveillance and maintaining order in maritime traffic, as well as conducting supervision and inspections in areas such as fisheries, customs, border control, maritime security and maritime traffic.
The Swedish Coast Guard often supports other agencies at sea, including Swedish Customs or the Swedish Police Authority in special control in respect of aliens.
To conduct maritime surveillance, inspection and supervision, the Swedish Coast Guard needs to process personal data. This processing is necessary in order to, for example, document an inspection or supervisory measure and the outcome thereof.
The Swedish Coast Guard is also the point of contact for maritime traffic, meaning that among other things the agency is responsible for maritime clearance for merchant vessels calling at Swedish ports for border control and maritime security. This includes collecting and checking crew and passenger manifests that contain personal data. These data are reported to the Swedish Coast Guard via the Swedish Maritime Administration’s IT system Maritime Single Window. The Swedish Coast Guard checks the names of everyone on the manifests against the Schengen Information System (SIS). If the SIS check leads to a hit, the Swedish Coast Guard’s Command and Control Unit and the Swedish Police Authority will be alerted.
The legal basis under GDPR is that the Swedish Coast Guard’s processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority.
If a specific suspicion of crime arises during, for example, a routine inspection, personal data will instead be processed within the scope of the Swedish Coast Guard’s law enforcement assignment. You can learn more about how the Swedish Coast Guard processes personal data in law enforcement activities here.
The Swedish Coast Guard may need to process personal data to conduct a rescue operation. Personal data may be processed in connection to environmental protection operations, rescues at sea and other emergency services.
The legal basis under GDPR is that the Swedish Coast Guard’s processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority.
The Swedish Coast Guard is tasked with coordinating civil maritime surveillance needs and passing on civil maritime information to the relevant government agencies. To perform this assignment, the Swedish Coast Guard needs to process personal data.
Personal data – primarily related to coordinates and other data concerning vessels, such as the vessel’s name and owner – are collected in an IT system that facilitates maritime surveillance. These personal data are shared with other government agencies that have a legal right to access the IT system.
The legal basis under GDPR is that the Swedish Coast Guard’s processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority.
The Swedish Coast Guard is tasked with investigating and issuing decisions on sanction charges in cases of water pollution and receiving payment of such charges pursuant to the Pollution from Ships Act (SFS 1980:424). To administer such cases, the Swedish Coast Guard must process personal data, including details of the vessel’s captain and/or owner.
The legal basis under GDPR is that the Swedish Coast Guard’s processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority.
The Swedish Coast Guard processes personal data when the agency collects, processes and analyses information in order to prepare and analyse maritime situation reports.
The Swedish Coast Guard processes maritime information and performs analyses to meet the agency’s own needs and the needs of other government agencies to whom the information is conveyed. The information on which the analysis is based, and the analysis itself, may contain personal data, such as information relating to a specific vessel. The legal basis under GDPR is that the Swedish Coast Guard’s processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority.
The Swedish Coast Guard cooperates internationally in a number of areas involving maritime surveillance and rescue services. As part of this cooperation, the Swedish Coast Guard may process personal data and share this data with other international actors.
The legal basis under GDPR is that the Swedish Coast Guard’s processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority.
The Swedish Coast Guard may process personal data if necessary to register incoming documents containing personal data in the agency’s register or to take administrative measures.
The legal basis under GDPR is that the Swedish Coast Guard’s processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority.