Policy for management of personal data relating to the Identity Provider (IdP) at Lund University
The Identity Provider carries out authentication by order of an IT service that is known to Lund University, either through metadata on the IT service being delivered via the identity federation SWAMID or through the IT service and Lund University having a special agreement. Depending on the type of IT service in question, the purpose of the IT service and what relation the IT service has to Lund University’s IdP, one or more personal data sets are delivered to the IT service from Lund University’s directory and authorisation system (Lucat). This procedure follows the intentions of the Swedish Personal Data Act.
All web services have access to a unique identifier that makes it possible for the user to define settings when logging in and gain access to the same settings when logging in the next time. This unique identifier is unique to this IT service only and cannot be shared between different IT services.
Services that are categorised in SWAMID’s metadata using entity categories receive attributes in accordance with SWAMID’s recommendations.
IT services whose primary purpose is to support research and education have access to roughly the same personal data that is automatically sent with each email, i.e. name, email address, user ID, if the user is a student or active (employed or otherwise active) and that the user has an account at Lund University. Registered IT services that via GÉANT Data Protection Code of Conduct comply with the EU’s Data Protection Directive, represented in Sweden by the Personal Data Act, have access to the same information.
Those IT services whose purpose is to help students to manage admission, course and exam registration, assessment, placements, scholarship applications, self-service for user accounts, as well as self-service for Lund University’s staff system, have access to the user’s personal identity number.
To ensure functionality and, if required, to facilitate troubleshooting, Lund University sets up technical logs that can be employed to connect users with the usage of IT services.