Processing of Personal Data

The University processes personal data so that it can meet its obligations towards, for example, students, partners, suppliers, and visitors. When we process personal data, we aim always to comply with the General Data Protection Regulation (GDPR) and adapt our practices to ensure this is the case.

Dalarna University processes personal data in its role as a government authority. It provides education, conducts research and collaborates with external parties, and in its pursuit of these, it must process personal data.

Whose personal data do we collect and process?

We need to collect and then process the personal data of, for example, students, researchers, study participants, employees, conference attendees, attendees of other events, job applicants and collaborative partners.

In most cases, we receive the information directly from the individual in question. In some cases, we collect data from other sources, such as the Swedish Tax Agency (Skatteverket) or the Swedish Board of Student Finance (CSN). We can inform you about the need for this on an individual basis.

What personal data do we collect and process?

Examples of the personal data we collect and process are as follows:

  • Contact information such as name, home address, phone number and email address. Personnummer are processed to securely establish your identity or to coordinate your data between systems so as to ensure that the information that we have about you is consistent.
  • Banking and other financial information for the purpose of payment and invoicing.
  • Personal data collected as a result of your participation in a research study.
  • Study results and other such information about your studies at Dalarna University.
  • Information about how you use our websites so that we can improve them and make them more user-friendly: for example, using cookies.
  • Information about conference or course participation.
  • Employment and application-related information.

Legal Basis

All processing of personal data we do at Dalarna University must be carried out as part of our mandate. It must have a legal basis. When it comes to students, it is often as part of the exercise of authority and in research activities in the public interest. Only the personal data required for the purpose may be processed.

As a student or an individual, you can get more detailed information about how your personal data is processed by requesting a register extract. You can also contact Dalarna University's Data Protection Officer (dataskydd@du.se).

Who may access your personal data?

University employees can access your data, and in some cases so can other authorities. External providers of IT systems can also have access to your personal data; however, when this is the case, agreements must ensure correct and legal treatment. In the event of the transfer of personal data outside the EU/EEA, an adequate level of protection must be ensured.

The University is a state authority that is subject to the principle of transparency. This means that personal data in public documents must be disclosed upon request but only upon a confidentiality review.

How long do we store your personal data?

We store your personal data for as long as the purpose of the processing requires, or as long as is required by law. We do not store it longer than this.

  • If you are a university employee, then we process your personal data for as long as necessary for the purpose of employment.
  • If you are a student, then we process your personal data as long as you are a Dalarna University student.
  • If you take part in a study, then we process your personal data for as long as is necessary to ensure the quality of the research.

When it comes to official documents, personal data is treated in these in accordance with the Freedom of the Press Ordinance (1949:105), the Archives Act (1990:782) and the regulations of the National Archives. This will often mean that your personal data may be destroyed after a short time or preserved forever in our archive systems (this is the case with, for example, degree certificates).

What are your rights?

  • You have the right to receive information about how we process your personal data and you have the right to access your data.
  • You have the right to have incorrect personal data corrected (rectification).
  • You can, in some cases, request that your personal data be deleted, that the processing be restricted or that the personal data be moved (data portability).
  • You have the right to object to your personal data being used for marketing purposes. In some cases, you can also object to other processing of your personal data.
  • You have the right to object to automated decision-making and profiling to the extent that it occurs.
  • You have the right to withdraw your consent.
  • If you believe that we have in any way violated the rules for the processing of personal data, you can file a complaint with the Swedish Authority for Privacy Protection (IMY).
  • If you believe that you have suffered damage because we have not complied with the rules for the processing of personal data, you can request compensation.

Protected Personal Data

Ladok processes the personal data of students that is protected. Special procedures are in place for this.

Contact Us

If you have questions about how Dalarna University processes your personal data, please contact our Personal Data Controller or our Data Protection Officer.

Personal Data Controller

Dalarna University
Organisation number: 202100-2908
Address: 791 88 Falun
Email: registrar@du.se
Phone: 023-77 80 00

Data Protection Officer

Anne Lindelöf, ArkivIT
Email: dataskydd@du.se
Phone: 079-060 59 91

Further Information

Read more about the processing of personal data and the General Data Protection Regulations (GDPR) on the website of the Swedish Authority for Privacy Protection.

Last reviewed: