The Royal Institute of Art (org. No. 202100-2957) processes personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of Europe. These rules are referred to here as the GDPR.
Here’s how we use personal data
The Royal Institute of Art processes personal data to fulfill its mission as a state authority and learning institution, providing education and research whilst collaborating with the community.
Only personal data needed for this purpose should be processed. Handling of data must have a legal basis. At the Royal Institute of Art we deal with personal data mainly for the fulfilment of a legal obligation (law, regulation, ordinance); our exercise of authority; an agreement; or to carry out a task of public interest. For example, we process the personal data of staff and students as necessary for us to fulfill our mandate. Otherwise, consent is required. Automated and manual processing of personal data involves transmission into our internal systems in order to give employees and admitted students access to the premises, computers, networks or library resources, for instance.
large part of the information available at the Royal Institute of Art is publicly available. Personal data contained in a such documents are made public unless deemed confidential under the Swedish Public Access to Information and Secrecy Act (2009: 400).
Stored personal data
The Royal Institute of Art saves personal information so long as use is required, or to fulfill the requirements of law, rules, and regulations.
You have the right to request information about how your personal data is processed and to obtain activity logs from our system. In order to do so, contact the Royal Institute of Art’s registrar by email: firstname.lastname@example.org.
You have the right to have your personal data deleted (or the processing cancelled) if we keep it longer than necessary. You also have the right to have incorrect personal data corrected. The duration for which personal data is stored is regulated by the Archives Act (1990:782); the processing regulations of the Swedish National Archives; and the Royal Institute of Art’s policy on local document-management and the registry of personal data processing.