Committees and boards
The legal basis for processing personal data
One of the University’s responsibilities is to collaborate with wider society and to provide information on our activities. This includes providing information about our organisation, how the University is managed and the decisions that are made. This is a so-called public task which provides a legal basis for processing personal data. It means we can process personal data to provide information about boards and advisory boards, but only personal data which is necessary.
You can read more about the legal basis on the Legal basis page, which you will reach by clicking here (opens in the same window)
What information can I put online?
You are allowed to put information about a board or advisory board online and, among other things, provide information on who the members are. You can for example put up information about the secretary or other people connected to it. However, only provide personal data which is necessary. For example you can provide information like name, title, the person’s unit within the University or the external organisation to which a person is affiliated.
How do I process minutes?
You are also allowed to put meeting minutes online, with information on who was there and what decisions were made. Be careful with matters relating to individuals. One option is to include all data on individuals in an annexe offline. The minutes would state, for example: “The Board decided that [...], in accordance with the annexe”.
If the board/advisory board organises a course, conference or similar, it may mean that other kinds of personal data need to be processed.
You can read more on the Public events page, which you will reach by clicking here (opens in the same window)
Lund University has an external Data Protection Officer; Secure State Cyber AB and the contact person at Secure State Cyber AB is Sanja Hebib.
Do you have questions regarding data protection - please contact:
dataskyddsombud [at] lu [dot] se