Personal data and data protection (GDPR)
The EU’s General Data Protection Regulation (GDPR) and the Swedish Data Protection Act have replaced Sweden’s Personal Data Act (PUL). “EU:s Dataskyddsförordning” is the Swedish translation of the EU’s General Data Protection Regulation (GDPR).
What is the purpose of the GDPR?
The purpose is to strengthen the right to privacy and adapt legislation to the digital society. For Lund University, this means that we are to safeguard our students, partners and colleagues, as well as the participants in our research projects.
What are the implications for the University?
Our mission means that we are permitted to process the personal data that is necessary for conducting education, research and external engagement. We are to process personal data in a secure and correct manner, which means that data is to be protected so that is not lost, corrupted or vulnerable to unauthorised access.
Information and support
The information is divided up into two sections: general and area-specific information. To assist you, there are checklists for aspects on which you need to inform the data subject, FAQs and general tips.
dataskyddsombud [at] lu [dot] se
- Personal data controller – the organisation responsible for processing your personal data. In all but a few cases, Lund University is always the personal data controller.
- Data subject – the person whose personal data you collect and/or process.
- Data protection officer – the role and function responsible for Lund University’s compliance with the GDPR.
- The EU’s General Data Protection Regulation (GDPR) - The Swedish translation of GDPR is “Dataskyddsförordningen”.
- Data Protection Act – the Swedish national complement to the EU’s GDPR.