9. YOUR RIGHTS
9.1 Our responsibility for your rights
9.1.2 Sibyllekliniken is obliged to respond to your request to exercise your rights within one month of hearing from you. If your request is complicated or if we have received a large number of access requests, we have the right to extend the response period by another two months. If we believe that we are not able to comply with your request, we are obliged to notify you within one month of receiving your request about the reason for our rejection and inform you that you have the right to lodge a complaint with the competent supervisory authority.
9.1.3 All information, communication, and measures we carry out due to this policy are free of charge for you. If, on the other hand, what you request due to your rights is clearly unfounded or unreasonable, we have the right to charge an administrative fee to carry out the requested action or refuse to comply with your request.
9.2 Your right to access, correction, deletion, and restriction
9.2.1 You have the right to request the following from Sibyllekliniken
a) Access to your personal data. You have the right to request access to and receive information about what personal data we process about you. This includes information about who has gained access to your medical record and why (so-called log excerpt).
b) Rectification of your personal data. If information about you is incorrect, including information in your medical record, you should contact Sibyllekliniken with a request of rectification. Sibyllekliniken can in certain circumstances refuse such a rectification, in which case you can request a note in the medical record that you as a care recipient believe that the medical record contains incorrect or misleading information about you.
c) Erasure of your personal data. You can request that we delete information we process about you, such as contact information. In some cases, you can apply for your medical record to be erasure in whole or in part. Erasure requests are made at the Swedish Health and Care Inspectorate, IVO.
d) Restriction of processing. You have the right to request that we temporarily restrict the use of your personal data if:
(i) you believe that your information is incorrect, and you have requested correction, while we investigate the accuracy of the information,
(ii) the use is illegal, and you do not want the data deleted,
(iii) we as data controllers no longer need the personal data for our purposes of use but you need them to be able to establish, exercise or defend a legal claim, or
(iv) you have objected to use, waiting for control if our legitimate interests override your privacy rights.
e) Blocking medical record. You have the right to block your medical record or parts of it from other healthcare providers but in that case, you are responsible for informing the healthcare providers yourself about what they need to know in order to provide you with correct and safe care. The request for a block must be made via the care unit you have been in contact with either by telephone or by visit.
If you have chosen to block your record and want to unblock your medical record, we will help you do this. You must request cancellation of the blocked patient record yourself, this cannot be done by a representative or a person with a power of attorney. To unblock your medical record, you must visit your healthcare provider.
9.3 Your right to object to use
You have the right to object to processing of your personal data performed on the basis of a legitimate interest or of public interest (see section 4 above). If you object to such use, we will only continue to process the data if we have compelling legitimate reasons for continuing the processing which override your interests.
9.4 Your right to withdraw consent
9.5 Your right to data portability
You have the right to request a transfer of your personal data to another Data Controller by receiving your personal data, to the extent that the personal data has been provided by you, in an electronic format that is generally used to be able to transfer them to another party.
9.6 Your right to complain to the supervisory authority
You have the right to submit any complaints about our processing of your personal data to the Swedish Authority for Privacy Protection.
9.7 Your right to compensation for damages
If your personal data is processed in violation applicable legislation, you may be entitled to damages.