When is consent needed?
In most cases you do not need to ask for consent, as personal data processing at the University is often supported by another legal basis. Nevertheless, there are instances when you do need to ask for consent, for example from people who are not actively involved in the University’s operations in situations such as:
- recruitment of staff and students
- administration of lists or registers of external stakeholders such as donors, alumni and external recipients of newsletters
- photographing or filming of people in certain circumstances
- processing of contact details of students’ next of kin.
Within research, consent is applied in the same way as before. Go to researchethics.lu.se and read about research and consent for processing personal data
How do I approach asking for consent?
Consent is always to be voluntary, informed and documented:
- Voluntary: Ensure that the person you ask for their consent is not in some way dependent on the University. Be restrictive in using consent for processing personal data relating to staff or students.
- Informed: You need to inform the data subject about the nature of the personal data you are collecting, the purpose for which it will be used, how it will be processed and the data subject’s rights. As a rule, the information must be provided in writing. You can find out more from the general information at lunduniversity.lu.se
- Documented: You must document the consent from the data subject, be able to find it easily if required and link it to the personal data to which the consent applies. However, you do not need to register the consent in official records.
What applies to children and consent?
For children up to the age of 12, you need to ask the child’s legal guardian for consent to process personal data. From the age of 13, children can give their consent. However, it is preferable to talk to the legal guardian even though this is not required by law.
What applies to consent collected before 25 May 2018?
Past consent is valid, provided it complies with the current legislation – see the information above.
Images and film
For questions about personal data and data protection, please contact:
Data Protection Officer, Legal Counsel
dataskyddsombud [at] lu [dot] se
+46 46 222 04 26