Javascript is not activated in your browser. This website needs javascript activated to work properly.

Committees and boards

Personal data processing in work on committees and boards
The information below is intended for those who are involved in providing support to committees and boards. Here you will find information on what you should consider when processing personal data.

The legal basis for processing personal data

One of the University’s responsibilities is to collaborate with wider society and to provide information on our activities. This includes providing information about our organisation, how the University is managed and the decisions that are made. This is a so-called public task which provides a legal basis for processing personal data. It means we can process personal data to provide information about boards and advisory boards, but only personal data which is necessary.

Read more about the legal basis on the Legal basis page

What information can I put online?

You are allowed to put information about a board or advisory board online and, among other things, provide information on who the members are, for example the secretary or other people connected to it. However, only provide personal data which is necessary, for example name, title, the person’s unit within the University or the external organisation to which a person is affiliated.

How do I process minutes?

You are also allowed to put meeting minutes online, with information on who was there and what decisions were made. Be careful with matters relating to individuals. One option is to include all data on individuals in an annexe offline. The minutes would state, for example: “The Board decided that [...], in accordance with the annexe”.


If the board/advisory board organises a course, conference or similar, it may mean that other kinds of personal data need to be processed.  

Read more on the Public events page

Page Manager:


dataskyddsombud [at] lu [dot] se

GDPR glossary

  • Personal data controller – the organisation responsible for processing your personal data. In all but a few cases, Lund University is always the personal data controller.
  • Data subject – the person whose personal data you collect and/or process.
  • Data protection officer – the role and function responsible for Lund University’s compliance  with the GDPR.
  • The EU’s General Data Protection Regulation (GDPR) - The Swedish translation of GDPR is “Dataskyddsförordningen”.
  • Data Protection Act – the Swedish national complement to the EU’s GDPR.

Telephone: +46 (0)46-222 00 00 (switchboard)
Mailing adress: Box 117, 221 00 Lund, Sweden
Invoice adress: Box 188, 221 00 Lund, Sweden
Organisation number: 202100-3211

Site manager: staffpages [at] lu [dot] se

About this website