GDPR and your personal data

Here you will find information about how we at the Swedish School of Sport and Health Sciences, GIH, process personal data.

What does GIH do with personal data?

As part of its activities, GIH is responsible for processing personal data. GIH processes personal data in accordance with the European parliament's General Data Protection Regulation, (EU) 2016/679 (GDPR).

GIH processes personal data so we can conduct our tasks as a government agency and higher education institution, for example provide research and education, and collaborate with society. We also process personal data to review and develop our activities and comply with Swedish law.

All processing of personal data by GIH takes place to fulfil these purposes. For legal reasons, only personal data necessary for a specific purpose will be processed.

Students and staff can obtain more detailed information about how we process personal data from your contact person, course coordinator, manager or head of research at GIH. If you have not received this information, contact the GIH data protection group. See contact details at the bottom of the page.

What personal details do GIH collect?

Whether you are a student, researcher, participant in a study, an employee, a visitor to a conference or other event, or someone applying for a position, GIH may need to process your personal data.

We obtain most of this information from you directly. What information we process depends on the reason for processing the data. In certain cases, we will collect information from other sources such as the Ladok student documentation system. We will provide information for each individual case.

  • Contact information such as name, address, telephone number and email.
  • Swedish personal identity numbers are processed to establish your identity or coordinate your details between systems to ensure all of our information about you is accurate.
  • Information about credits awarded and other information about your studies at GIH.
  • Personal information obtained as part of participation in a research study.
  • Information about participation in conferences or courses.
  • Banking details and other financial information to make payments or send invoices.
  • Personal data necessary upon employment or when you apply for a position.
  • Information about how you use our websites with the aim to improve the user experience, for example cookies.

What are cookies?

Cookies are small text files that are saved on your computer when you visit our website. They are considered to be personal data. GIH shows a cookie banner when you first visit our website, with an explanation in Swedish. There you can consent or not consent to our collection of data.

How is your personal data protected?

GIH ensures that processing personal details is protected by taking suitable technical and organizational measures. These measures are such that they guarantee a suitable level of security in relation to the risks associated with processing the data.

The security aspects include confidentiality, correctness and accessibility in addition to suitable technical protection. For example, this means that only an authorized person may have access to the information, encryption of data, and secure storage of data. This person is also responsible for ensuring that copies of the processing are made.

Who can access my personal data?

A lot of the information at GIH is considered public record. If your personal information can be found in a public record, everyone who requests the document may obtain your personal information unless the Swedish Public Access to Information and Secrecy Act (2009:400) may prevent this.

In addition, your information may be shared with GIH collaboration partners in research projects; contractors or other parties who may require access to the data as part of an agreement between GIH and your person; if information is of public interest; as part of the activities as a public authority or legal obligation held by GIH.

Information of public interest includes information that GIH must provide as stated in the law or with support from the law, but is not a direct aspect of GIH’s tasks as a public authority.

Should data be transferred to a third party, GIH will take all suitable legal, organizational and technical measures necessary to protect your personal data. If GIH plans on sharing information about you with other organizations, you will be informed.

GIH will not share personal data with other parties without legal grounds.

How long does GIH save personal data?

We will save your personal data for as long as it is necessary or for as long as the law requires.

  • If, for example, you are an employee we will process your personal data as long as necessary for administrative tasks related to your appointment.
  • If you are a student, we will process your personal data for as long as you are enrolled at GIH.
  • If you are participating in a study, we will process your personal data as long as is necessary to ensure research quality.

Data included in public records will be processed in accordance with the Swedish Freedom of the Press Act (1949:105), Archives Act (1990:782) and directions from the Swedish National Archives. In many cases, this means that your personal details may be stored for anything from five years to indefinitely in the GIH archive.

However, public records of temporary or little significance that contain personal data shall always be deleted (removed) once they are no longer relevant. This information will not be stored for longer than two years.

Right to correction and removal

Ongoing personal data processing must be objectively correct. GIH shall ensure that any personal data that is incorrect, incomplete or irrelevant will be corrected or deleted. If a person informs GIH that any registered information regarding the individual is incorrect, this information shall be corrected.

In case of a complaint, you also have the possibility to contact the Swedish Authority for Privacy Protection, Integritetsskyddsmyndigheten

Data to third countries

GIH may share personal data with third countries outside of the EU/EEA, particularly regarding international research projects. Should this be the case, GIH will take all reasonable legal, organizational and technical measures necessary to ensure suitable levels of security for your personal data. You will also be informed of this.

Read more and contact information

Here you will find how GIH is handling personal data

Contact

GIH Data protection group and data protection representative
Lidingövägen 1
Box 5626
SE-114 86 Stockholm

E-mail: gdpr@gih.se

On this page

Last modified:14 Feb 2024