Konto.hig.se is a service aimed at students at the University of Gävle. The service enables the creation of user accounts, as well as the recovery of passwords for student user accounts.
Personal data is transferred from the identity issuer to the service to ensure that you as a user get access to your information in the service and to provide you with a user-friendly interface.
In connection with logging into this service, the following personal data is requested from the identity issuer you use.
Personal identification number
Level of user identification assurance
To be able to contact you
In addition to direct personal data, indirect personal data is also transferred, such as which organization the user belongs to and which identity issuer has been used when logging in. In combination with the above personal data, these can be used to uniquely identify a person.
konto.hig,se logs usage, i.e. time and user and ip number for troubleshooting and security purposes.
The previously mentioned information is sent to third parties when this is needed for the service.
The University of Gävle uses several IT systems, where usernames and passwords are required. This is part of the exercise of authority.
For register extracts, correction and deletion of your personal data, contact the person in charge of personal data.
Correction of personal data transferred in connection with logging in is done in the identity issuer that you use to log in. This information is corrected in the service at the first login after the personal data is corrected in the identity issuer.
During the period of study at the University of Gävle, the personal data is not deleted.
The personal data controller for the processing of personal data is the University of Gävle, Sweden. If you have questions about how personal data is handled within the service, contact email@example.com.
The data protection officer is firstname.lastname@example.org, University of Gävle.
This service follows the international framework GÉANT Data Protection Code of Conduct (http://www.geant.net/uri/dataprotection-code-of-conduct/v1) for the transfer of personal data from identity issuers to the service. The framework is intended for services in Sweden, the EU and EEA that are used in research and higher education.