General Data Protection Regulation (GDPR) - teach and supervise

The university is the controller for all processing in connection with its activities, ranging from the individual student's thesis to the large administrative systems. In order to have control of which treatments are in progress and to be able to report these to the supervisory authority, there is a record of all processing activities where the person responsible for the processing of personal data also registers and enters information into it. This requirement applies only to the person to whom the processing belongs, but it should be known to those who work in an existing processing. If you need to register a processing, you will find the records at:

•  Anmälan om personuppgiftsbehandling_forskare
• Anmälan om personuppgiftsbehandling_examensarbete

Here, you will also find texts that will help you fill in the required information. The registration must not contain any of the material being processed, only information about the processing and who performs it. Briefly, the following information is required:

• the purpose of the processing,
• name and contact details of the controller,
• a description of the categories of data subjects and of the categories of personal data,
• if possible, the period for which the data will be stored and,
• if possible, a description of technical and administrative safeguards.