Here you can download the latest version of the terms and conditions in PDF format:Terms and conditions for SITHS eID (pdf)

Terms and conditions for SITHS electronic ID

1. General Terms and Conditions

1.1 The e-identification service SITHS, hereinafter referred to as SITHS, is provided and owned by Inera AB (Swedish Tax Number: 556559–4230). The SITHS digital ID, hereinafter referred to as SITHS eID, is issued on secure storage, for exemple a smart card, by ID administrators in accordance to a quality-controlled issuing process. The issuing process and the secure storage ensure and secure the SITHS eID. SITHS eID can be used for authentication, signature, and encryption. Activation of the SITHS eID certificates' private keys is protected by activation codes which are confidential and linked to the respective eID.

1.2 The terms and conditions for SITHS apply to both the relying party that uses SITHS eID for authentication, signature, and encryption, and the holder of SITHS eID.

1.3 SITHS issues eIDs with level of assurance 2 and 3.

1.4 In order to obtain a SITHS eID, the individual must be employed or have an assignment in an organisation which is affiliated to the SITHS service directly or via an agent.

1.5 When a holder signs a document using SITHS eID, the holder intends the electronic signature to have the same legal value as if he or she had signed the document on paper.

2. Blocking SITHS eID

2.1 SITHS provides 3 methods to block SITHS eID either 1) through the organisation that issued the eID, 2) via SITHS self-service, “Mina Sidor”, or 3) through a phone number that is specified on the back of the smart card.
2.2 The holder must immediately request blocking if he or she has lost the SITHS eID or if there is suspicion that someone else has gained access to the holder's SITHS eID and/or associated activation codes.
2.3 If a holder requests blocking according to 1) or 3) in § 2.1, it must be implemented as soon as possible by the issuing organisation.

2.4 Blocking can also be implemented by Inera AB or the issuing organisation in case of:
The holder violates the terms and conditions.

• The enployment or assignement between the issuing organisation and the holder are terminated.

• It is discovered or suspected that the information provided at the issuance of the SITHS eID is false or incomplete.

• It is discovered or suspected that someone other than the holder has gained access to the SITHS eID or its activation codes.

• It is discovered or suspected that the holder or someone else has or will misuse SITHS eID.

• Upon request by court decision, law, or regulation from a superior authority.

2.5 Inera AB may also block one or more eIDs if:

• The issuing organisation issued SITHS eID incorrectly or fails on its obligations as an affiliated organisation.

• The issuing organisation requests assistance with implementing a blocking request.

2.6 Blocking SITHS eID means that the digital identity can no longer be used.

2.7 It is not possible to cancel the blocking of a SITHS eID. However, it is possible to apply for the issuance a new one.

3. The Holder's Responsibility for SITHS eID

3.1 SITHS eID should only be used for the holder's personal use and under no circumstances can be borrowed to a third person or organisation. The holder is responsible for ensuring that the use does not:

3.2 The holder should not tamper with or manipulate SITHS eID.

3.3 The holder must handle SITHS eID and associated activation codes in a way that prevents unauthorised access.

3.4 The holder is liable to Inera AB and third parties for:

3.5 The holder is responsible for promptly reporting and complaining about discovered errors in a SITHS eID to the issuing organisation or Inera AB.

3.6 The holder is only responsible for damages caused before a blocking request is submitted.

4. Responsibility of Relying Parties Using SITHS eID

4.1 A relying party using SITHS eID to electronically identify or create signatures for holders, agrees to do so in accordance with these terms and conditions.

4.2 A relying party must implement its solutions in accordance with the instructions, standards, and specifications provided by Inera AB.

4.3 A relying party must use the technical interfaces for validity control provided by Inera AB for this purpose.

4.4 A relying party is responsible to the holder and third parties for:

5. 5. Inera AB's and Issuing organisations' responsibilities and limitations

5.1 Inera AB and its issuing organisations are responsible for:

• Ensuring that the information provided by the customer is checked against the population register via Navet or another registry approved by Inera AB;

• Ineras AB:s explicit commitments according to these terms and conditions.

5.2 Inera AB provides SITHS for a professional use. Inera AB has the right to use subcontractors to fulfill its obligations. Inera AB is responsible for the subcontractor's work as if it were its own.

5.3 If Inera AB or the issuing organization discover an error in SITHS eID, the holder will be promptly informed and provided with a new eID free of charge.

5.4 Inera AB is not responsible for damage caused by false information provided and/or comfirmed by the holder during the issuing process. Furthermore, Inera AB is not responsible for damage caused by the holder's failure to report changes which affect SITHS eID in accordance with § 8.2 below.

5.5 Inera AB is not responsible for damage caused by governmental actions or omissions, newly enacted or amended legislation, labor conflicts, blockades, war, riots, sabotage, extreme weather conditions, lightning strikes, fires, explosions, floods, natural disasters, or accidents, or other similar circumstances beyond Inera AB's control.

6. Compensation for Damages

6.1 The holder of SITHS eID is not entitled to any compensation from Inera AB for either direct or indirect damage. Any damages that may occur should be regulated, where applicable, in agreements between the holder and the issuing orgsanisation or the organisation's agreement with the affiliated issuing organisation which acts as an agent.

7. Validity Period

7.1 The current validity period is given on each SITHS eID.

8. Consent to the Processing of Personal Data

8.1 "Personal data" refers to information about the holder, such as full name, registered address, personal identification number, HSA-ID, email, workplace, ID document details, photo.

8.2 The holder must provide the information that Inera AB or the issuing organisation request for providing the SITHS eID. The holder must promptly inform Inera AB or the issuing organisation of any changes in his or her personal data.

8.3 Inera AB and its subcontractors process the personal data necessary to provide SITHS eID (including verifying personal data against the population register or another register).

8.4 Inera AB also processes personal data to fulfill its legal obligations, comply with governmental decisions or regulations, and for record maintenance and traceability.

8.5 By accepting these terms and conditions, the holder consents to the use of personal data for these purposes.

9. Software

9.1 Software and other copyright-protected information provided by Inera AB or any of Inera AB's subcontractors are the property of Inera AB or the subcontractor. The holder should not, without written consent from Inera AB or the subcontractor, use, alter, or otherwise handle software or other material belonging to SITHS. The holder should not transfer or grant rights to such software or material to another party without written consent.