Javascript is not activated in your browser. This website needs javascript activated to work properly.

Information for data subjects

When you process personal data, you need to inform the data subject about the processing regardless of whether consent or another legal basis applies. To assist you, there are checklists that contain the information you are obliged to give the data subject.

Who are the checklists for?

The following checklists are intended for use by staff and students at Lund University who are collecting and processing personal data.

Checklist A is intended for use when personal data is collected directly from the data subject

Download Checklist A (PDF, 33 kB, new window)

Checklist B is intended for use when personal data is collected from a source other than the data subject

Download Checklist B (PDF, 33 kB, new window)

What are the checklists for?

The checklists are for ensuring that Lund University follows the pertinent legislation and contains the items of information which the University, according to articles 13 and 14 of the GDPR, is obliged to provide to the data subject.

How to use the checklists

Use the check lists as support for compiling information for the data subject concerning Lund University’s processing of their personal data. Remember:

  • The information is to be provided to the data subject before or at the latest at the time of the collection of the personal data.  
  • The data subject is to be informed regardless of the legal basis for processing the  personal data.
  • The information is to be provided in writing to the data subject unless the data subject has requested that it be provided orally.

Examples of data subjects that Lund University has an obligation to inform:

  • external subscribers to mail-outs (newsletters, information letters and similar)
  • external participants at events for which registration is required by name and including details such as food allergies
  • applicants for vacancies announced by Lund University
  • external partners (invited visiting lecturers)
  • prospective students (for example information mail-outs about Lund University)
  • recipients of external invoices
  • scholarship recipients
Page Manager:


dataskyddsombud [at] lu [dot] se

GDPR glossary

  • Personal data controller – the organisation responsible for processing your personal data. In all but a few cases, Lund University is always the personal data controller.
  • Data subject – the person whose personal data you collect and/or process.
  • Data protection officer – the role and function responsible for Lund University’s compliance  with the GDPR.
  • The EU’s General Data Protection Regulation (GDPR) - The Swedish translation of GDPR is “Dataskyddsförordningen”.
  • Data Protection Act – the Swedish national complement to the EU’s GDPR.

Telephone: +46 (0)46-222 00 00 (switchboard)
Mailing adress: Box 117, 221 00 Lund, Sweden
Invoice adress: Box 188, 221 00 Lund, Sweden
Organisation number: 202100-3211

Site manager: staffpages [at] lu [dot] se

About this website