The browser you are using is not supported by this website. All versions of Internet Explorer are no longer supported, either by us or Microsoft (read more here: https://www.microsoft.com/en-us/microsoft-365/windows/end-of-ie-support).

Please use a modern browser to fully experience our website, such as the newest versions of Edge, Chrome, Firefox or Safari etc.

When is consent needed?

In most cases you do not need to ask for consent, as personal data processing at the University is often supported by another legal basis. Nevertheless, there are instances when you do need to ask for consent, for example from people who are not actively involved in the University’s operations in situations such as:

  • recruitment of staff and students
  • administration of lists or registers of external stakeholders such as donors, alumni and external recipients of newsletters
  • photographing or filming of people in certain circumstances
  • processing of contact details of students’ next of kin.

Within research, consent is applied in the same way as before. 

Go to researchethics.lu.se and read about research and consent for processing personal data 

How do I approach asking for consent?

Consent is always to be voluntary, informed and documented:

  • VoluntaryEnsure that the person you ask for their consent is not in some way dependent on the University. Be restrictive in using consent for processing personal data relating to staff or students.
  • Informed: You need to inform the data subject about the nature of the personal data you are collecting, the purpose for which it will be used, how it will be processed and the data subject’s rights. As a rule, the information must be provided in writing. You can use the general information at the Privacy Policy for Lund university (link below) 
  • Documented: You must document the consent from the data subject. You must also be able to find it easily if required and be able to link it to the personal data to which the consent applies. However, you do not need to register the consent in official records.

Privacy Policy at Lund university

Template for consent  (Word, 117 kB, opens in a new window)

What applies to children and consent?

For children up to the age of 14, you need to ask the child’s legal guardian for consent to process personal data. From the age of 15, children can give their consent. However, it is preferable to talk to the legal guardian even though this is not required by law.

What applies to consent collected before 25 May 2018?

Past consent is valid, provided it complies with the current legislation – see the information above.

Images and film

Read more on the page Images and film – copyright and consent

Contact

Lund University has an external Data Protection Officer; Secure State Cyber AB and the contact person at Secure State Cyber AB is Sanja Hebib.

Do you have questions regarding data protection - please contact:

dataskyddsombud [at] lu [dot] se (dataskyddsombud[at]lu[dot]se)