Processing of personal data

Personal data are all kinds of information that can be linked directly or indirectly to a physical living person.

Processing personal data

Every measure which involves personal data, automatic or manual, constitutes a processing of personal data.

Examples of processing can be: collecting, registering, storing, using, disclosing, disseminating, coordinating or disposing of personal data.  

Data Protection Officer

The Data Protection Officer's task is to ensure that GDPR is followed within the organization. For data protection issues contact

Data Protection Officer at MDH is Ann-Marie Alverås Lovén.


The aim of GDPR is to protect people from violation of their personal integrity through the processing of their personal data.

The main rule of GDPR is that personal data may be processed if the person registered has been informed of the processing and its purpose, and also that the person registered has given consent to the processing.

Exceptions to the requirements for consent

The University may process personal data without consent if the processing is necessary in order to:

  • Fulfil agreements
  • Satisfy legal obligations
  • Protect vital interests of the registered person
  • Be able to carry out work assignments of general interest
  • Exercise authority

The University may also process personal data without consent in cases where the University’s need to process personal data outweighs the individual’s need of integrity.

Information that processing is taking place and what its purpose is must be divulged even if consent is not necessary.

Processing students’ personal data

The personal data submitted by the applicant when applying for admission is registered in the universities’ national admissions system. When an applicant is admitted to a course or study programme the personal data are transferred to the University’s system for student documentation Ladok, which is used to document the students’ results and to compile statistics both for internal use and for Statistics Sweden (SCB).

The University is responsible for the processing of applicants and students’ personal data in the above register. Processing is regulated in the Ordinance on the Reporting of Studies etc. at Universities and University Colleges (1993:1153).


Website search

Our website uses an external service for indexing and displaying search results. The external service neither saves or processes personal data.