What is the purpose of GDPR?

The General Data Protection Regulation  (GDPR) has two fundamental purposes. On the one hand, it aims to protect individuals concerning the processing of personal data, and on the other hand, to create conditions for the free flow of personal data within the EU. There are several strong principles of privacy protection in the regulation that should be applied in a way that enables the achievement of other important goals for individuals and society at large.

In the section on General information to the left, you can read more specifically about principles for personal data processing, what legal basis is, what information we are obligated to provide to our registered individuals, and much more.

General information on data protection

What are the implications for the University?

Our mission means that we are permitted to process the personal data that is necessary for conducting education, research and external engagement. Lund University is to process personal data in a secure and correct manner. This means that data is to be protected so that is not lost, corrupted or vulnerable to unauthorised access.

In the section on Area-specific information to the left, you will find more targeted guidance on data protection for research, education, and collaboration, as well as within areas such as finance, managerial work, and IT systems.

Area-specific information on data protection

Learn more about data protection

There are two online courses on data protection - one is a basic education, and the other is specifically tailored for research. The courses consist of short video clips, with each section being a few minutes long, including self-study questions.

Basic Course:
Canvas learning platform: Personal Data and Data Protection

Advanced Course (research):
Competence Portal: Personal Data in Research