The Riksbanks' API Portal
We provide industryHere you can find information about how to use the APIs supplied by the Riksbank. You can also make simple test calls to the APIs and see how they work.
If you need more extensive access to the APIs you are welcome to sign in and get extended ability to call the APIs. -leading APIs.
The Riksbank safeguards your personal integrity and always endeavours to properly protect all personal data. The following message explains how the Riksbank processes your personal data according to the European General Data Protection Regulation (GDPR). It also provides information about your rights and how you can assert them. For more information on how the Riksbank handles personal data, please read our Integrity Policy .
Who is responsible for the processing of your personal data?
The controller of your personal data as described below is Sveriges Riksbank (organisation registration number 202100-26684), SE-103 37 Stockholm).
Why are we processing your personal data?
When you use the Riksbank’s API services and register as a user in the Riksbank’s API portal, we will collect your personal data in order to be able to offer these services. Your personal data is processed in order for us to be able to:
· Monitor performance and use of the service
· Restrict use and counteract abuse
· Troubleshoot and investigate attacks
· Compile anonymised statistics on use of the service
· Communicate with you about the service, e.g. planned changes or stoppages (applies only if you have chosen to register as a user)
Which personal data do we process?
When you call the Riksbank’s API services, we collect the following data to fulfil the above-mentioned purposes:
· IP address
When you register as a user in the API portal, we collect the following data to fulfil the above-mentioned purposes:
· First names and surname
· Email address
How long do we keep your personal data?
Registered user data is saved during the time you have an active user account. Upon closure of the account, the data is erased. The IP address is saved as long as necessary to fulfil the purposes given above, but for a maximum of 120 days.
What are the legal grounds for the processing of personal data?
Your personal data are processed in order to perform a task of public interest.
With whom do we share your personal data?
We use selected third parties to process the personal data that you as a user provide us with. These include IT suppliers for storage, development and operation of the API portal and the various API services. When transferring personal data, the Riksbank will take reasonable technical, organisational and legal measures to ensure that personal data continues to be protected, transferred and processed in accordance with the applicable legislation.
The Riksbank upholds your rights in accordance with GDPR. You have the right to request the following:
· Access to your personal data – If you wish to know which personal data is being processed by the Riksbank, you may request access to it. This means that you are entitled to request a register extract and a copy of the processing performed by the Riksbank using your personal data. You have the right to receive information on what personal data about you is registered, the purpose of the processing and with whom the data has been or will be shared. This also includes information on where the data has been retrieved from if it has not been collected from you and the length of time it will be stored.
· Correcting your personal data – On your request, the Riksbank will correct any incorrect or incomplete personal data that it is processing about you.
· Erasing your personal data – You have the right to request that your personal data be erased if it is no longer needed for the purpose for which it was collected. The erasing of personal data is not an absolute right, however, as the Riksbank may still have legal grounds to process your personal data.
· Restricting processing of personal data – As a user of the Riksbank's API services, you have the right to demand that processing of your personal data is restricted in certain cases. This entails the data being marked so that it may only be used for certain limited purposes. For example, personal data can be restricted while it is being corrected.
· Data portability – Under certain conditions, you have the right to obtain the personal data you have submitted to the Riksbank in a structured and mechanically readable format and have the right to transfer it to another controller of personal data.
· Objecting to the processing of personal data – As a user of the Riksbank’s API services, you have the right in certain cases to object to the processing of your personal data if the processing is based on a balance of interests. In such cases, the Riksbank may only continue to process the data if it can be proved that there are binding, legitimate reasons for doing so. For more information, please contact the Riksbank’s Data Protection Officer. Contact details can be found below.
If you as a visitor consider that the Riksbank has processed your personal data in contravention of applicable law, you may lodge a complaint with the Swedish supervisory authority, the Data Inspection Board.
You can also contact the Riksbank’s Data Protection Officer with questions and complaints at email@example.com. You may also send a request or questions to firstname.lastname@example.org or:
Sveriges Riksbank Registratorn, SE-103 37 Stockholm.