Legal information

Here you will find information which by law Mälardalen University must provide when using the University’s electronic services.


At Mälardalen University’s website ( cookies are used. Cookies are small text files stored on the visitor’s computer and which are possible to use to monitor what the visitor does on the website.

There are two types of cookies:

1. A permanent cookie remains on the visitor’s computer for a specified time.

2. A session cookie is temporarily stored in the computer’s memory during the time a visitor is using a website. Session cookies disappear when you close down your web browser.

No personal information about the visitor, such as emails or names, is saved.

Mälardalen University uses cookies to manage choices of language. They are also used on the Student Portal, to identify the user during the time the person is logged in, and in the Alumni Network, to keep track of the user identity.

If you do not accept cookies being used you can close these down in your web browser’s security settings. Please note that the Student Portal requires cookies in order to work; if you have closed down cookies in your web browser you cannot use the Student Portal.

You can also set your web browser so that you get a question each time the website tries to place a cookie on your computer. By means of the web browser, previously stored cookies can be deleted; see the web browser’s help pages for more information.

The Swedish Post and Telecom Authority, which is the supervisory authority in this area, provides further information about cookies on their website.

Post and Telecom Authority’s Q&A about cookies

Personal data

By personal data is meant all types of information which directly or indirectly can be connected to a physical living person.

Processing personal data

Every measure which involves personal data, automatic or manual, constitutes a processing of personal data.

Examples of processing can be: collecting, registering, storing, using, disclosing, disseminating, coordinating or disposing of personal data.  

The Personal Data Act

The aim of the Personal Data Act is to protect people from violation of their personal integrity through the processing of their personal data.

The main rule of the Personal Data Act is that personal data may be processed if the person registered has been informed of the processing and its purpose, and also that the person registered has given consent to the processing.

Exceptions to the requirements for consent

The University may process personal data without consent if the processing is necessary in order to:

  • Fulfil agreements
  • Satisfy legal obligations
  • Protect vital interests of the registered person
  • Be able to carry out work assignments of general interest
  • Exercise authority

The University may also process personal data without consent in cases where the University’s need to process personal data outweighs the individual’s need of integrity.

Information that processing is taking place and what its purpose is must be divulged even if consent is not necessary.

Processing students’ personal data

The personal data submitted by the applicant when applying for admission is registered in the universities’ national admissions system, NyA. When an applicant is admitted to a course or study programme the personal data are transferred to the University’s system for student documentation LADOK, which is used to document the students’ results and to compile statistics both for internal use and for Statistics Sweden (SCB).

The University is responsible for the processing of applicants and students’ personal data in the above register. Processing is regulated in the Ordinance on the Reporting of Studies etc. at Universities and University Colleges (1993:1153) and the Personal Data Act (1998:204). According to the Personal Data Act, a person who is registered owns the right, once per year and without charge, to receive what is known as a register extract showing what personal data the University has registered. The registered person also owns the right to request corrections of information that the University has registered.

Please write to the following address to request a register extract or correction:

Mälardalens högskola,
Rektors kansli,
Box 883,
721 23 Västerås

Data Protection Officer

The duty of the Data Protection Officer is to see that personal data are processed in a legal and correct way.

Questions about the Personal Data Act 

Christina Perez, Chief Legal Officer

Thomas Welin, Chief Legal Officer

Website search

Our website uses an external service for indexing and displaying search results. The external service neither saves or processes personal data.