Karolinska Institutet (KI) is the controller for the processing of your personal data. Your contact person for this processing is: Pradeep George, INCF, firstname.lastname@example.org, +46-(0)8-524 870 04. The contact information to KI's Data Protection Officer Mats Gustavsson is email@example.com, +46-(0)8-524 864 73.
Why we process your personal data
We process your personal data in order to fulfill our missions, which is providing education, coordinating and informing the scientific community, and assisting our members in conducting research. We are also obligated to inform about our activities and to interact with the public. The most common reasons for us to process your personal data is that you are a student, researcher, employee, participant of a seminar, participant of a conference or celebration, partner or similar. If you have been in contact with us, we may process your personal data in accordance with the Archive Act. In addition to these purposes, we also process personal data to comply with legal obligations to which KI is subject.
KI is a public authority and is thereby obliged to comply with, among other things, the rules on public documents, public authority archives and public statistics. KI will therefore also process personal data in the manner required to comply with other applicable legislation.
What data do we collect?
We collect personal and academic identification information (name, email address, ORCID, location, affiliation, current occupation, academic position and credentials).
How we collect your personal data
You directly provide INCF with most of the data we collect. We collect data and process data when you: register for a membership in INCF, sign up for one of our events and courses; complete a survey or provide feedback via email and internet forums. We also register data when you use or view our website, via your browser’s cookies.
Disclosure of personal data
A lot of the information of Karolinska Institutet is public. If your personal data can be found in an official document, these may be disclosed in accordance with the Public Access to Information and Secrecy Act.
Your personal data may also be shared if it is necessary in order for us to fulfill an agreement with you, in order for us to perform a task of public interest or a task in order to complete our mission as a public authority. Before information is disclosed or shared, a confidentiality check will be carried out.
Since KI is a public authority your personal data and other information about you can become subject of a request from the public in accordance with the Public Access and Secrecy Act, before an extradition KI will perform a secrecy examination.
How will we use your data?
INCF collects your data so that we can
- Process your order (e.g. subscribe you to our newsletter, register you for an event)
- Send you updates on our events and activities
- Chart and improve the geographical distribution of our members
- Allow partner organizations to provide you with benefits they are offering to INCF members
Transfer of personal data to third countries
In some situations, INCF may transfer personal data to countries outside of the EU/EES. For example, in international research projects, student exchanges or in other situations where a transfer is necessary. In these situations, INCF will take the necessary measures to protect your personal data in accordance with applicable requirements, for example, by requiring the receiving party to protect your personal data in accordance with applicable data protection regulations. When you provide your personal data to us, you will be informed if a transfer to a third country will take place.
How long will the data be stored?
Your personal data is handled in accordance with regulations regarding public authority archives.
How do we store your data?
INCF securely stores your data on Google Cloud servers located in Europe. You can read more here about their commitment to GDPR https://cloud.google.com/security/gdpr/.
Disclosure of personal data
A lot of the information of Karolinska Institutet is public, and by extension that includes INCF information. If your personal data can be found in an official document, these may be disclosed in accordance with the Public Access to Information and Secrecy Act.
Your personal data may also be shared if it is necessary in order for us to fulfill an agreement with you, in order for us to perform a task of public interest or a task in order to complete KI’s mission as a public authority. Before information is disclosed or shared, a confidentiality check will be carried out.
How long do we keep your personal data at INCF?
We will keep your personal data for the amount of time necessary to fulfill the purposes they were collected for. Since Karolinska Institutet, which we belong to, is a public authority, we may also need to save personal data after the purpose is fulfilled if it is required to do so by law. This is done, for example, within the educational activities at Karolinska Institutet, where student grades are saved even after you have completed your studies to comply with the Archive Act and The Higher Education Ordinance. Within research projects at Karolinska Institutet, personal data are saved after the completion of research projects in order to comply with the Archive Act and ensure the quality of research.
Your rights as data subject
- You have the right to receive information about what personal data we process about you.
- You have the right to have incorrect information about you corrected.
- You have the right to have data about you deleted in certain situations.
- You have the right to request to limit the processing of some of your personal data and to withdraw a given consent.
If you want to exercise any of these rights, have questions regarding data protection or are dissatisfied with how we process your personal data, please contact us through firstname.lastname@example.org or a letter to INCF Secretariat, Karolinska Institutet, 17177 Stockholm. Visiting address: Nobel's Road 15 A, Solna, Stockholm.
If you are not satisfied with our way of responding to your questions, you can file your complaint with the supervisory authority, currently the Data Protection Authority (Datainspektionen) in Sweden.