Personal data processing at Konstfack - GDPR

Here is information about how personal data collected by Konstfack is processed by us. Konstfack (org. no. 2021001199) is the Personal Data Controller responsible for the processing of the personal data.

Konstfack processes personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council. These regulations are referred below to as the General Data Protection Regulation, GDPR.

Regulation (EU) 2016/679 of the European Parliament and of the Council


What does Konstfack do with personal data?
Konstfack processes personal data in order to fulfil its duties as a government agency and university, i.e. to provide research and education and to cooperate with society.

Only personal data needed for this purpose shall be processed, and the processing must have a legal basis. At Konstfack, personal data is mainly processed to fulfil a legal obligation (act, ordinance, regulation), for exercise of official authority, an agreement, or to carry out an assignment of public interest. Examples include processing of personal data for applicants, employees or registered students necessary to carry out our duties. In other cases, consent is required. Automated and manual processing of personal data is done in connection with transfer between our internal systems in order to give employees and students access to, for example, premises, computers, networks or library resources.

You have the right to receive information about how your personal data is processed and to receive a register excerpt form our systems. Contact Konstfack's registrar, registrator@konstfack.se, who will forward your request to the relevant administrator.


Who has access to your personal data?
A large part of your data that is kept by the university is public information. If your personal data is in a public document, anyone who requests a copy of the document may view your personal data, unless secrecy according to the Public Access and Secrecy Act (2009:400) prevents this.


For how long does Konstfack store personal data?
We store your personal data as long as the purpose of the processing requires it, or to comply with provisions in legislation, ordinances and regulations.

You have the right to have your personal data deleted (or the processing stopped) if we keep the data longer than necessary. You also have the right to have incorrect personal data corrected. How long the data is stored is mainly regulated by the Archives Act, the National Archive's deletion provisions, and the university's local document handling plan (as well as the university's personal data processing register).


Questions
If you have questions about data protection, you can always contact the case administrator, or Konstfack's Data Protection Officer, dataskyddsombud@konstfack.se.