Policy for management of personal data within LU-konto

The Identity Provider (IdP) carries out authentication by order of an IT service that is known to Lund University, either through metadata on the IT service being delivered via the identity federation SWAMID or through the IT service and Lund University having a special agreement. Depending on the type of IT service in question, the purpose of the IT service and what relation the IT service has to Lund University’s IdP, one or more personal data sets are delivered to the IT service from Lund University’s directory and authorisation system (Lucat). This procedure follows the intentions of the Swedish Personal Data Act.

All web services have access to a unique identifier that makes it possible for the user to define settings when logging in and gain access to the same settings when logging in the next time. This unique identifier is unique to this IT service only and cannot be shared between different IT services.

Services that are categorised in SWAMID’s metadata using entity categories receive attributes in accordance with SWAMID’s recommendations.

IT services whose primary purpose is to support research and education have access to roughly the same personal data that is automatically sent with each email, i.e. name, email address, user ID, if the user is a student or active (employed or otherwise active) and that the user has an account at Lund University.

Registered IT services that through GÉANT Data Protection Code of Conduct comply with the EU’s Data Protection Directive, (EU) 2016/679, in Sweden called Dataskyddsförordningen and supplemented by Dataskyddslagen (2018:218), have access to the same information as noted above and also additional personal data when requested by the IT service in order to provide its functionality to the user. Personal identity number is provided to IT services requesting it and registered in SWAMID.

Those IT services whose purpose is to help students to manage admission, course and exam registration, assessment, placements, scholarship applications, self-service for user accounts, as well as self-service for Lund University’s staff system, have access to the user’s personal identity number.

To ensure functionality and, if required, to facilitate troubleshooting, Lund University sets up technical logs that can be employed to connect users with the usage of IT services.

Servicedesk and support
For information and user support regarding the SAML2 WebSSO Service at Lund University please contact Servicdesk at:
Phone: +46 46 222 90 00
E-mail: servicedesk@lu.se
Webb: https://support.lu.se