Privacy Policy

This is how we protect your privacy and our confidentiality.

We at Kredinor AB have a duty of confidentiality, and we ensure that your personal data is processed in accordance with EU Regulation 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, “the data protection regulation.”
We want it to be easy for you to get information and a detailed explanation of privacy protection and confidentiality. Here, you can read more about what it means for you with us. Our privacy information is in line with the data subject’s rights under the General Data Protection Regulation.

Data Controller

Kredinor AB is a debt collection company that handles debt collection. In debt collection operations, your personal data is processed as a general rule because it is necessary to perform a task of public interest (see Chapter 2017/18:120 p.21).

If you need to contact us regarding privacy protection, you can contact our Data Protection Officer via

We use your personal data for the following

Personal data is all information and assessments that can be linked to you as an individual. Kredinor AB processes the following categories of personal data:

  • Identification information such as name, social security number, and copy of ID.
  • Contact information such as phone number, address, email address, IP address.
  • Financial information such as income information, credit history, debt information, payment notes, property, car, other assets, employer, job title.
  • Information you provide us to process your case effectively. Sensitive personal data is only processed if relevant to the case and with your consent.
  • Information to fulfill legal obligations, such as reporting to public authorities and preventing money laundering.
  • Information generated in connection with the use of our digital channels.

The purpose of our processing of your personal data is to be able to fulfill our obligations effectively.

Specifically, this means:

  • We conduct credit assessments using data from various sources, such as credit reporting agencies and other information we have about you. We will use public records to verify that the information we have about you is accurate. We also share your personal information with approved third parties, such as credit reporting bureaus.
  • General administration, such as completed transactions, communication, payments, invoicing, and reminders.
  • Analysis.
  • Risk classification of customers and credit portfolios.
  • Prevention and detection of crime.
  • Security.
  • Audio recordings of telephone calls.
  • Processing to ensure industry-specific regulation.

Your information may also be used for testing and similar purposes for our services and systems to ensure they function as intended.

If we use your personal data beyond what is considered necessary to fulfill our obligations to you or as required by law, this is based on our legitimate interest or voluntary consent from you.

Collection of personal data from you and from others

The personal data we register primarily comes from our customers and data you provide yourself.

Sometimes, we receive information from other sources, such as public and private companies. This could be market-related or demographic information.

Disclosure of personal data

By disclosure of personal data, we mean transferring them to another company that has the right to use the information, such as Kredinor’s group companies and credit reporting agencies. The transfer of personal data to our data processors is not considered a disclosure.


It is necessary for our employees to have access to your personal data to be able to process your case with us. Everyone at Kredinor AB has therefore signed a confidentiality agreement.

As part of our social responsibility and social role, we also provide anonymous statistics, scorecards, and analyses where your personal data can be used as a basis.

The information we have about you can be used anonymously for the development of our business. If necessary to ensure your personal data, we perform the necessary tests when changes are made to our IT systems.

We will also disclose personal data to other companies within the group or group of companies, to the extent necessary to fulfill group-based governance, control, and/or reporting requirements established by or in accordance with the law.

To other private and public companies

Registered personal data is only disclosed to public authorities when this is in accordance with a statutory disclosure obligation or right to disclosure. In order to conduct secure transactions, we may also disclose information to third parties in the event of a payment transaction.

When making payments to or from abroad, we provide the relevant personal data to the foreign bank. The law of the recipient country determines the extent to which information must be disclosed to public authorities or supervisory bodies. For example, to comply with the recipient country’s tax and duty legislation or measures against money laundering and terrorist financing.

Use of data processors

Kredinor AB has entered into agreements with data processing suppliers. Our own data processing agreements regulate all personal data shared with our suppliers. In cases where we use suppliers outside the EU/EEA, we enter into the EU’s standard contract with data processors processing personal data. Our suppliers cannot use information for purposes other than those they have received it for.

How we secure your personal data

It is important that you feel safe knowing that your personal data is secure with us. Here you can see what we do to protect information from loss, misuse, unauthorized access, disclosure, alteration, or destruction.

Technical, organizational, and administrative security measures

Kredinor AB has good procedures for protecting and securing the personal data we process. The group has its own team that works exclusively with handling security incidents and vulnerabilities that may jeopardize your personal data. This team also works with systems outside the group, such as fake websites that trick users into registering personal data and other confidential information.

We continuously work to protect the security of systems and solutions. This includes proper use of security technology such as encryption and firewalls, as well as the development of other initiatives that promote security. Key initiatives include a separate control system for information security, access control, exception handling, and training. For example, all employees receive ongoing information security training so that those who process your personal data are well aware of what is required to keep your information secure.

Your rights

If you have a debt collection case with Kredinor AB, we process your personal data. Here you will find information about your rights.

Right to access

You have the right to obtain information about what personal data we process about you and how we process it.

The request is sent to our email,, or by mail to:

Kredinor AB
Mailing address:
Box 92111
120 07 Stockholm

In certain cases, exceptions to the right of access apply. This is common when we are legally obligated to maintain confidentiality or when we need to keep information confidential for the purposes of prevention, investigation, detection, and legal follow-up of criminal offenses. Exceptions also apply if information is only found in documents created for internal case preparation, and an exception to the right of access is necessary to ensure proper handling of the case.

Correction and deletion

It is important that the information we have about you is accurate. Within the framework of the Data Protection Act, you can request that we correct and delete information about you if it is inaccurate or unnecessary. Kredinor AB checks information against the national population register and other sources.

Kredinor AB deletes or anonymizes personal data when the purpose of the specific processing of personal data is fulfilled, unless the information needs to be retained beyond that in accordance with the law.

Limitation of personal data

You can request limitation of the processing of your personal data. In cases where we cannot delete personal data, we can limit processing. This means that we can continue to store personal data but not use it.

Kredinor AB may resume the processing of your personal data if it becomes relevant in connection with legal claims or to protect another person’s rights. More terms and information about limiting personal data can be obtained by contacting us.

Protection of your personal data

If you have a specific need to limit the number of employees who have access to and insight into your personal data, we can investigate this.

By protecting your information through limitation, our ability to help you significantly reduces. More terms and information about the protection of personal data can be obtained by contacting us.

Receiving your information in machine-readable format (data portability)

In certain cases, you have the right to receive your own information that you have provided us in a machine-readable format, depending on how the information is digitally stored. This applies to information you have given us based on consent or agreement.

Correction and objections

As a registered person, you have the right to have inaccurate information corrected under Art. 16. If there are questions about whether a personal data is inaccurate, Kredinor AB must investigate these matters promptly. If the information is inaccurate, it must be corrected without undue delay.

The right to correction exists only if information is objectively inaccurate. If an alleged inaccurate information is correct, Kredinor AB will inform you of this. If there is still a disagreement, you can contact the Data Protection Authority for a possible decision in the matter.

If an objection is raised or if you request certain information to be corrected, personal data should, as a starting point, no longer be processed, and processing in these cases must be limited to the storage of personal data. However, the right to limitation is not unconditional. Kredinor AB may continue processing for important public interests. An ongoing debt collection case cannot, therefore, force a limitation of the processing of personal data. Objections will, however, always be documented, investigated, and answered. If the objection is rejected, you can file a complaint with the Data Protection Authority, where your case can be processed.

Automated decisions

Automated decisions refer to decisions made by computer programs without human intervention or influence. When such decisions have legal or similarly significant consequences for you, we can only do this when necessary to enter into or perform an agreement with you, when the law requires/permits it, or when based on consent given by you.

When we make such automated decisions, you have the right to request human intervention in the processing and to receive an explanation of the decision made. Additional information about terms and your rights can be obtained by contacting us.

Opportunity to complain

If you believe that Kredinor AB is not processing your personal data in accordance with the law, you can file a complaint to You can also file a complaint with the supervisory authority.

Prevention and detection of fraud and crime

Kredinor AB has a great social responsibility and manages significant assets. We follow the Act (2017:630) on Measures against Money Laundering and Financing of Terrorism, which among other things means that we work preventively to prevent and detect fraud, crime, money laundering, and financing of terrorism. Personal data can be used for this purpose, and if we have reasonable grounds to suspect money laundering or financing of terrorism, we must report this to the Police Authority according to § 4, paragraph 3. The retention period is at least five years from the registration date.

Recording of telephone calls and storage of other customer communications

Kredinor AB makes audio recordings of telephone calls with you. The calls are deleted after a limited period. We may be obligated to disclose information to public authorities and others who, under the law, may require it. Information may also be disclosed to the Data Inspectorate in connection with the processing of complaints.

Contact us if you want access to the recordings that are stored. In such a request, you must always be able to provide your phone number and the time of the call.

How we use cookies and analytics tools

It is important to us that you feel safe when visiting our website, while we do our best to provide you with the experience you want.

Analysis tools and statistics make us better

Our websites use cookies.

If you have been logged in, we can use information about your activity on the websites to improve the user experience. The purpose of the information we collect is to better tailor the websites to your needs.

We measure activity on our websites in the form of statistics, such as:

  • What you do on our websites, such as which pages you visit and how often or how long you are there.
  • Your approximate geographical location using the IP address, which is then anonymized.
  • Technical information about your browser and operating system.

User customizations and page experience

We use cookies to support your experience on the page. They provide us with a “reminder” of your previous use and the background for optimizing content and solutions, including Mina Sidor, which you can log in to via our website,

We use our own cookies to measure what you do on our websites. The information can be used to build interest and user group profiles.

Cookie usage settings

You can delete registered cookies in your browser if you want. However, please note that this may cause some of our websites to not function correctly.

For more information, we refer to Privacy Policy and Cookie Declaration for Cookiebot, which is used on our websites.

You can change and revoke your consent through Cookie Declaration on the Cookiebot website.