GDPR in Skatt & Bokslut

The General Data Protection Regulation (GDPR), may seem overly complicated. To help you get a better overview, we have gathered information about what you can do to comply with GDPR when working in Visma Skatt & Bokslut Pro.

The information on this page refers to the usage of Visma Skatt & Bokslut Pro in its basic format. If you have any extensions or integrations with other services you should also look into how GDPR affects those.

All companies that handle personal data and operate within the EU must comply with GDPR (General Data Protection Regulation). This means that you are responsible for ensuring that the personal data of your customers, employees and suppliers is handled securely.

The basic GDPR regulations:

  • You may only manage personal data if you comply with all the requirements of the regulation.
  • You may only collect personal data for specified purposes.
  • You may only collect personal data that is necessary in order for you to fulfil the specified purposes.
  • If you are in possession of personal data, the data must be continuously updated and correct.
  • When the specified purposes have been fulfilled, the data should be deleted.
  • Personal data must be stored securely to prevent them from being altered or stolen.

  • You must be able to prove that your processing of personal data complies with the GDPR regulations.

At vismaspcs.se you will find more general information about GDPR.

Below, you can read more about what you can do to meet the demands for managing personal data according to GDPR.

An individual has the right to ask you if you have registered any personal information about them. If that is the case, you must be able to share the information with the individual. The easiest way to do this in the program is to generate a PDF file, which contains these data, in Report center.

The accounting data stored in Skatt & Bokslut must be kept for a minimum of seven years according to the Accounting Act. This includes any personal data entered in appendices, tax forms and annual report documents, which means that the Accounting Act overrides GDPR in these cases.

Therefore, these personal data cannot be anonymized or "pseudonymized" for as long as the Accounting Act has precedence over GDPR.

If you wish to delete accounting information that contains personal information, please refer to the written help for Visma eEkonomi on how to proceed.

It is possible to upload external appendices for reconciliation purposes in Skatt & Bokslut. You need to make sure that any personal data in these appendices have a clear purpose related to your bookkeeping.

Personal data include any information which, directly or indirectly, may identify a natural person. Please note that a sole proprietorship also classes as a natural person. According to GDPR you may only collect personal data for specified purposes. These purposes may differ between companies, depending on what business they conduct. One purpose could for example entail storing address information in order to invoice a customer.

Examples of personal data include information such as name, address, telephone number and personal identity numbers. However, since the law states that personal data can be any information that directly or indirectly can be linked to a natural person, such data may also include photos or a description of the distinguishable features of a person. For more information we recommend further reading at Integritetsskyddsmyndighetens website.

According to GDPR, the person whom you have collected personal data about has the right to access to the following information:

  • who you are
  • the purpose of the data collection
  • what legal grounds that support it
  • whether the information is shared with others
  • how long the data will be stored

The person whom you have collected personal data about has the right to request access to the data.

In the program you find personal data in fields that have a fixed purpose, such as name, phone number and address. If a customer requests access to any information that has been stored about them, this data can easily be compiled. Besides fields with a fixed purpose, personal data can also be stored in other parts of the program, such as in free text fields and comments. We recommend that you avoid entering personal data in these fields since it is difficult to locate, analyse and compile this kind of information.

In Skatt & Bokslut, personal data are stored in certain appendices, in tax forms and in documents in the annual report. The purpose of gathering these personal data in Skatt & Bokslut is based on legislation.

Free-form text fields, which are used for comments etc, could be used to enter personal data or information that could be associated with individuals. Avoid entering sensitive information in these fields.

Certain appendices related to for example salaries, loans and receivables in Reconciliation BS contain fields used for personal data, such as name and monthly pay. This is information that must be provided according to the Accounting Act.

When uploading external appendices, make sure that any personal data in these have a clear purpose related to your bookkeeping.

In Year-end closing - Tax forms, personal data such as Name, Personal identity number and Corporate identity number is automatically entered into the forms.

In Year-end closing - Annual report, the documents Signatures and Financial statements approval contain fields where personal data are entered.

  • Namn
  • Roll
  • Ort
  • Namn
  • Ort

Visma Skatt & Bokslut Pro is a cloud based service, which means that the personal data you enter in the program are stored on our infrastructure supplier’s servers as well as on Visma’s servers. More information about data storage in Visma’s cloud based services can be found in www.visma.com/trust-centre.

If you have generated reports in Skatt & Bokslut, personal data could also be stored locally on your computer or in another storage location.

Please note that you always are the controller for the data that you have collected and that GDPR applies regardless of how the data have been stored and distributed.

In Visma Skatt & Bokslut Pro, Visma is not responsible for storing your accounting data to meet requirements for archiving accounting information, decided by law or trade associations.

If you are using Visma Skatt & Bokslut Pro from Visma Advisor

If you terminate the service for any of your customers, but continue to use Visma Advisor, you will still have access to the information in Visma Skatt & Bokslut Pro, but it will be read-only.

If you also terminate the agreement on Visma Advisor, you need to think about printing accounting information to be archived and store it in a unit / place that is accessible throughout the archive period as there is currently no functionality in Skatt & Bokslut to print all information for all customers from one place.

If you are using Visma Skatt & Bokslut Pro as a company

If you terminate the service, the information will be deleted and it will no longer be possible to access. As there is currently no functionality in Skatt & Bokslut to print all information from one place, make sure to print the accounting information and store it in a unit / place that is accessible throughout the archive period

As long as you are a Visma customer we will make sure your data is safe, with regular backups. More information about data storage in our cloud based services can be found in www.visma.com/trust-centre.

Accounting information, analyses and comments that you would like to archive can be printed from Report center. It is available in both Period closing and Year-end closing. From there, you can create reports and save them as pdf-files for distribution or printing. You can also export the accounting data as SIE-files from Maintenance - Settings - Export data. Read how to do SIE exports here.

As a business owner you sometimes transfer personal data to others, often without even thinking about it. Data could for example be transferred to credit reference companies, webshops as well as invoicing and payment solutions. When a so-called third party supplier receives your personal data they become a processor.

As a business owner you are also a controller, meaning that you are always responsible for the data you receive. You are also responsible for any data that is transferred to third party suppliers. In such cases, a data processing agreement between yourself and your third party suppliers is required. Read more about data processing agreement.

Your program is cloud-based, which means that any personal data that you register in the program are stored by Visma Spcs. Because we process personal data on your behalf, it makes us a third party supplier. Therefore, a data processing agreement between Visma Spcs and yourself should be established. Such an agreement is included in the agreement you approve when you start using your program.

Work smarter

How digital submission works

Digital submission - question and answers

Declarations in Visma Skatt & Bokslut Pro

Accounting consultant? Work smart with Visma Smarta Byrån

Reko/Rex in Visma Skatt & Bokslut Pro

Movies

See all movies about Skatt & Bokslut

Support forum

Visma Smarta Byrån

Searchword : Backup, Archive, dataskyddsinspektionen, datainspektionen