About this website
Our accessibility work includes technology, language and structure. We strive to make our websites usable to everyone and follow established standards and guidelines. We write and structure content in an accessible way and screen readers can identify and interpret what is being displayed on the screen.
Please note that if you choose not to allow cookies, you may lose some functionality on the site.
Texts published on www.su.se may be cited and forwarded with an indication of the source (Stockholm University website, su.se). The texts may not be used for commercial purposes or in ways that can harm the University without permission from Stockholm University.
The graphic profile used by Stockholm University’s web pages may not be copied and used to present web pages that are not published by Stockholm University.
Nor may the graphic profile be used or copied for use in personal web servers or personal web publishing systems without permission from the system owner, Communications office.
Here you will find information on how personal data is collected and processed. Stockholm University (org.nr. 202100-3062) is responsible for the treatment of personal information.
Stockholm University treats personal information in accordance with Regulation (EU) 2016/679 of the European Parliament (GDPR) and supplementary national legislation on data privacy. These regulations are called ‘data protection regulations’ or ‘GDPR’ in the text below.
What does Stockholm University do with personal data?
The university uses personal data to accomplish our mission as a governmental agency and a university, i.e. to provide research, teaching and societal collaboration.
Personal data at the university is used only to accomplish this goal. There must also be a legal basis. Only the personal data required to meet this goal will be processed.
Who can use your personal information?
Much of the information at Stockholm is in the public record. If your personal information is in public documents, anyone who requests the documents can use your personal data so long as the public sector and confidentiality laws (Public Access to Information and Secrecy Act 2009:400) do not prevent this. The university will not hand over personal information to other parties without a lawful basis.
How long does Stockholm University keep my personal information?
We store your personal data only as long as it is needed to accomplish our goals, or as long as the relevant laws demand.
Rights according to data protection regulations
GDPR gives individuals a number of rights as concerns Stockholm University:
- Right to information about how your personal personal data is stored and processed
- Right of access by the data subject
- Right to correct personal data
- Right to have your personal data erased
For assistance with any of the above, please contact the university’s Head Registrar firstname.lastname@example.org
If you have questions about data protection you can always contact the person responsible for the project or course. You can email the University data protection officer at email@example.com
Identity Provider (IdP)
Policy for the management of personal information within the scope of the Identity Provider (IdP). The Identity Provider performs authentication at the request of a service which Stockholm University recognises, either via metadata provided by the SWAMID federation or because the service and Stockholm University has a specific agreement. Depending upon the type of service involved, the purpose of the service and what relationship the service has to the Stockholm University's IdP, one or more pieces of personal data are transferred from Stockholm University's catalogue and authorization system to the requesting service. This procedure follows the intent of the Data Protection Regulation (GDPR).
All web services have access to a unique identifier which makes it possible for the user to save preferences after logging in such that the user has access to the same preferences during a subsequent login. This unique identifier is unique to that specific service and cannot be shared or traced between different web services.
Services that are categorised in SWAMID’s metadata with entity categories receive attributes in accordance with SWAMID’s recommendations, see below.
Services whose primary purpose is for the benefit of research and education have access to approximately the same personal data which are automatically sent with an everyday email, that being name, email address, user identity, if the user is a student or employee (or similar active role) and that the user has an account at Stockholm University. Registered services that via GÉANT Data Protection Code of Conduct adhere to the European Union’s data protections directives, in Sweden the Data Protection Regulation (GDPR), get access to the same information.
Services whose purpose is for students to process admissions, course registrations, examination sign-up, degree applications, internships, grant applications, self-service account administration and for employees self-service for Stockholm University's HR-system have access to the user’s Swedish personal identity number or Swedish higher education interim personal identity number for foreigners.
Data Protection Regulation, or GDPR regulates how personal information is to be handled.
Last updated: February 22, 2021
Source: Communications Office & IT Support Office