Information about Malmö University's use of cookies and processing of personal data.

Cookies on Malmö University's website

A cookie is a text file sent from our website and stored on your computer or device. 

Our site contains two different types of cookies:

  • persistent cookies — these are text files sent from our websites and stored on your computer; and
  • session cookies — these are only stored temporarily and disappear once you close your browser.

Cookies used by Malmö University

We use

  • ImBox/ImBoxStats - Chat (Accept Necessary)
  • Prevent the cookie dialog box to appear (Accept Necessary)
  • Siteimprove Analytics (Accept Necessary)
  • Facebook Pixel cookies (Accept All)

Malmö University uses cookies for statistics, to count users, analyse traffic, handle forms, and optimise our presence on social media channels.

How to disable cookies

You can disable and delete cookies by changing the settings in your browser. How to do this depends on what browser you are using. You can find more information by checking your browser's help resources. 

GDPR — processing personal data

Malmö University, as a public authority, processes personal data in accordance with EU regulation 2016/679 of the European Parliament and European Council. This regulation is referred to as the General Data Protection Regulation (GDPR).The University is responsible for the processing of all personal data related to its operations. 

Contact

If you have any questions regarding GDPR, please contact the University's Data Protection Officer: dataskyddsombud@mau.se

Malmö University only processes personal data when required for a specific purpose. This includes collecting data about students, researchers, employees, patients, job applicants, collaboration partners and conference participants.

The majority of this information will be collected directly from you. In certain cases, we also collect data from other sources such as the Swedish Tax Agency or the Swedish Board of Student Finance (CSN).

The type of personal data we process depends on the information we require. This can include:

  • contact information such as your name, address, phone number and email;
  • personal identification numbers;
  • bank details or other financial information in order to make a payment or send an invoice;
  • personal data that has been collected as part of participation in a research study;
  • study results or other information regarding your academic work;
  • information about patients at our dental clinic or at the Student Health Service;
  • information collected when using our websites, such as cookies;
  • information required for conference attendance or course participation; and
  • personal data which is necessary for employment, or as part of the recruitment process.

Since we are a public instition, a lot of information at the University is public record. If your personal data can be found in a public record, anyone who requests access to this document can view it, unless the Public Access to Information and Secrecy Act (2009:400) prevents this.

Malmö University may only transfer personal data to third parties if there is a legal basis to do so.

Your personal data may be disclosed to Malmö University's partners during research projects, to suppliers, or to other parties that need access to this data due to an agreement between yourself and the University. Data may also be disclosed to external parties if this is in the public interest, is part of an operation of an official authority, or due to legal obligation.

When transferring personal data to another party, we take all legal, organisational and technological precautions necessary  to protect your data. You will be informed if we plan to disclose information about you to other organisations.

Malmö University must ensure that all processing of personal data is protected through technological and organisational measures. The level of these measures must be proportional to the security risk.

Security entails confidentiality, integrity and availability as well as adequate technological protection. This may involve giving only authorised individuals access to personal information, encrypting this information, storing it in specially protected locations and making processing copies. The University has an information security management system that: continuously reviews all administrative systems in which risk and vulnerability analyses are carried out; classifies the information; charts system dependence; and conducts follow ups.

The processing of personal data must have a legal basis, meaning it must be required for a specific purpose.

Malmö University processes personal data in order to fulfill our duties as a public authority, specifically within the field of research and education, and for collaboration purposes. This data is also processed in order to review and develop our operations, and comply with Swedish law. All processing of personal data at the University occurs in order to promote these purposes in some form. 

Your teacher, manager or head of research can provide you with more information on how your personal data is used.

If you have any questions, please contact the University's Data Protection Officer: dataskyddsombud@mau.se.

We only store your personal data for as long as is necessary for processing purposes, or as long as is required by law.

  • If, for example, you are an employee, we process your personal data for as long as we need to manage the terms of your employment.
  • If you are a student, we process your personal data for as long as you are enrolled at Malmö University; in practice this means six months after the last course registration has ended, unless you notify us earlier.
  • If you are a participant in a study, we process your personal data for as long as is necessary to ensure the quality of the research.

In regard to official documents, personal data is managed in accordance with the Freedom of the Press Act (1949:105), the Archives Act (1990:782) and the Swedish National Archive's regulations. In many cases, this means that your personal data may be stored in Malmö University's archive for a minimum of five years.

Malmö University may transfer personal data to a country outside of the EU/EEA, primarily as part of international research projects. You will be notified should this be the case. The University will then take all reasonable legal, organisational and technological precautions necessary to ensure an adequate level of security for your personal data. Personal data may also be transferred to non-EU countries in connection with procured IT services; however, the University will only do so if the security of this data can be guaranteed.

The service “IDS Malmö University” is for employees, students and visitors. The service provides retrieval and administration for your user account at Malmö University.

Transfer of personal data

The personal information from the identity issuer (your login service) verifies your identity so that you get access to your user account at Malmö University.
By logging into this service, the identity issuer provides the following personal information:

  • Social security number or coordination number

    To know who is logging in. 
    Technical representation: norEduPersonNIN, personalIdentityNumber and schacDateOfBirth
  • First name and last name

    To know the name of who is logging in
    Technical representation: givenName and sn
  • Assurance profile

    To know what assurance profile the logged in account has
    Technical representation: eduPersonAssurance
  • E-mail

    Used to contact you and to know who the logged in account is when the social security number and coordination number are missing.
    Technical representation: mail and mailLocalAddress
  • Unique identifier

    To connect the logged in account with the user account at Malmö University
    Technical representation: eduPersonPrincipalName
  • Affiliation

    To know what affiliation the logged in account has
    Technical representation: eduPersonAffiliation

In combination with the above personal data, these uniquely identifies a person.

Other processing of personal data in the service

If employed, Malmö University's salary system supplies information about your employment. If you are a student, Ladok supplies information about your study. Malmö University's identity management database contains information about your account.

Transfer of personal data to third parties

Third party receives your name, social security number and delivery address if you use the multi-card feature.

Legal basis

The user concludes an agreement in connection with registering the account. The user account is a prerequisite for being able to work or study at Malmö University.
In order to carry out our exercise of authority in a legally secure manner, we must be able to verify the right person who is registering the user account.

Right to register extract, correction and deletion of personal data

For register extracts, correction and deletion of your personal data, contact IT service.
Correction of personal information gathered by registering the account is done in Ladok the student administrative system for students and in the salary system for employees.

Data erasure

The data is preserved according to the Swedish law ”Förordning (1993:1153) om redovisning av studier med mera vid universitet och högskolor”.

Personal data manager

Responsible for the processing of personal data is Malmö University, e-mail: dataskyddsombud@mau.se.

GÉANT Data Protection Code of Conduct

This service complies with the international framework GÉANT Data Protection Code of Conduct for the transfer of personal data from identity issuers to the service. The framework is intended for services in Sweden, the EU and the EEA that are used in research and higher education.

GÉANT Data Protection Code of Conduct

When you apply to one of Malmö University’s doctoral programmes or courses personal data will be used to process the application and report study results to Ladok. This means that the University collects your name, social security number, e-mail address and which doctoral program you are admitted to, and supporting documents, to be able to enrol you on the programme or course and correctly register your study results.

As all processing of personal data is regulated by the General Data Protection Regulation (GDPR), you have the right to get information about the processing and about the rights you have.

Controller of personal data                 

Malmö University
205 06 Malmö
Phone +46 (0)40-6657000

The University's Data Protection Officer                         

dataskyddsombud@mau.se

The legal ground for the processing

The processing is necessary to fulfil our duties as a public authority, specifically within the field of research and education, and for collaboration purposes.

Responsible for the processing            

The coordinator for each course or programme.

Purpose of the processing         

To be able to carry out admission to and reporting of study results for the university's doctoral programmes and courses.

Receiver                                      

Malmö University and Ladok, the student administration system used in Sweden.

Transfer to third countries           

No transfer to third countries.

Time of storage                                    

The data is preserved according to the Swedish law ”Förordning (1993:1153) om redovisning av studier med mera vid universitet och högskolor”.

Your rights                             

  • You have the right to receive an extract from the personal data that is processed. Contact the course or programme coordinator if you want such an excerpt.

  • You have the right to have incorrect information corrected and if you would like to have your information corrected, you can contact the course or programme coordinator.

  • You have the right to request that your information be deleted by revoking your consent. If you want to request that your information be deleted, you can contact the course or programme coordinator.

  • You have the right to obtain your information in a digital format so that you can transfer it to someone else, so-called data portability. If you wish to obtain your information in this way, you can contact the course or programme coordinator.

  • You also have the right to have the processing of your data restricted, which means that they may only be stored until it has been investigated whether they may be used or not. Remember that in a treatment based on consent, you always have the right to revoke your consent and have your information deleted. If you want to request a restriction on the processing of your data, you can contact the course or programme coordinator.

  • You have the right to complain to the supervisory authority, which in Sweden is called the Swedish Authority for Privacy Protection. You can find them at www.imy.se

More information

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

Regulation (EU) 2016/679