The purpose of the regulation is to give you more power over what organisations do with your personal data. According to GDPR, you have the right to find out whether your personal data is being processed, which data, the purpose of the processing, the category of the data, where your data is stored, who the data will be disclosed to, the existence of any automated decision making based on the data and the period for which the data is expected to be stored. You also have the right to be forgotten, meaning the right to demand the erasure of data for which you no longer consent to data processing or which are no longer necessary to process, as well as the right to data portability, meaning that you should be allowed to receive, in machine-readable format, the personal data concerning yourself at any time.
Apart from the photos of your face and ID document, the rest of the data is available for you to see on the My Pages web portal and the Freja eID app. Given the sensitive nature of this data, we will not share it with anyone over an open channel. If you would like a copy of what we store about you, please contact our support team and we will provide you with it in a secure way free of charge.
We store all the data within the EU.
Please bear in mind that due to legal reasons some information cannot be deleted within a certain time frame. The reason is that you in some instances are using your Freja eID to sign transactions or agreements. If you – for example – sign a loan agreement with a bank, we cannot delete the data related to this signature until you and the bank have ended that agreement.
This means that we must keep some of your action history, including the user ID related information you used to initiate and sign actions with Freja eID.