Sweden

Law/Regulation Supervisory authority Legal instruments/rights
The GDPR, the Data Protection Act, the Crime Data Act and the Crime Data Regulation The Swedish Data Protection Authority Audit/investigation rights: The Swedish Data Protection Authority may carry out investigations in the form of data protection audits. Further, they have the power to obtain access to all personal data and to all information necessary for the performance of its tasks, and to obtain access to any premises of the company, including to any data processing equipment and means, in accordance with Swedish procedural law.
Administrative fines: Non-compliance with the regulations may result in an administrative fine of up to 4% of the yearly revenue. The Swedish Data Protection Authority may also impose warnings if the contemplated processing of personal data is likely to violate the GDPR.
Penalties: Individuals that, by intent or negligence, breaches certain provisions in the regulations could be subject to criminal penalties, up to up to two years’ imprisonment or a fine.