Here you will find information about how personal data collected by the website is being processed. Swedigarch complies with the General Data Protection Regulation (GDPR) and is responsible for all processing of personal data in its operations. Swedigarch processes personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and Council, see link below.
What do Swedigarch do with your personal data and why do we collect it?
Swedigarch processes personal data to fulfil our mission as a research infrastructure i.e. to provide access to digital archaeological data.
All processing of personal data within Swedigarch is done to in promote this purpose. The processing must have legal basis and we only process personal data when needed for a specific purpose. We may use your information to:
- send you our newsletters, where you have subscribed;
- respond to any inquiry you make;
- provide you with the information, products and services that you request from us;
- ensure that content from our site is presented in the most effective manner for you and for your computer.
What Personal data does Swedigarch collect?
There are several reasons why Swedigarch processes your personal data. The most common reasons are that you are a user of our analysis services, participant in a conference or other event, collaborating partner, or if you for some reason have contacted Swedigarch.
We collect all data directly from you. What data we process depends on the reason we process your personal data, it may consist of following:
- Contact information such as name and e-mail.
- Personal data obtained from participation in a research study.
- Information when attending conferences or workshops.
How is your personal data protected?
Swedigarch shall ensure that personal data and the processing of personal data are protected by appropriate technical and organisational measures. The measures should be such as to ensure a level of safety appropriate to the risk of handling the data. The security aspects shall include confidentiality, accuracy and availability as well as adequate technical protection. For example, only one authorised person has access to the data, the data is encrypted, stored in specially protected containers.
Who can access your personal data?
Some of the information available at Swedigarch is public documents since Swedigarch is operated from different government parties. If your personal data is part of a public document, anyone requesting the public document may access your personal data, unless secrecy under the privacy law (offentlighets- och sekretesslagen, 2009:400) prevents this.
Furthermore, your personal data may be disclosed to Swedigarchs partners in research projects or to other parties who need to access them as a result of agreements between Swedigarch and you, or because of legal obligations that Swedigarch may have.
Upon transfer of personal data to another party, as principal organisation of Swedigarch, Uppsala University shall take all reasonable legal, organisational and technical measures that may be required to protect your personal data.
Swedigarch will not transfer personal data to other parties without legal support.
How long is your data stored?
We save your personal data only for as long as the purpose of the process is required, or as long as required by law. In the case of public documents, personal data are handled in accordance with the provisions of the Freedom of Press Regulation (1949:105), the Archives Act (1990:782) and the National Archives regulations. In many cases, this means that your personal data can be saved for in between five years and for all future in the central archives of Uppsala University.
Data to third country
Swedigarch does not transfer personal data to third countries outside the EU/EEA.
Rights according to the GDPR
The General Data Protection Regulation gives you a number of rights towards Swedigarch:
THE RIGHT TO EXCERPT
You are entitled to request a reply as to whether Swedigarch processes personal data about you and to receive a free copy of the personal data being processed. In connection with such a request, Swedigarch also provides additional information about the data processed, e.g. its purpose, categories of personal data being processed, expected storage time, etc.
THE RIGHT TO CORRECTION
You are entitled to request that your personal data processed at Swedigarch be corrected if they are incorrect. Swedigarch is then required to correct your personal data without unnecessary delay.
THE RIGHT TO DELETION
You are entitled to have your personal data deleted from Swedigarchs system, if your personal data is no longer required to meet the purpose for which they were collected.
There may be provisions requiring Swedigarch not to delete your personal data, such as the regulations regarding public documents. If your personal data has been disclosed to another party, Swedigarch will take all reasonable steps to notify these parties of your request for deletion.
If Swedigarch cannot delete your personal data for legal reasons, we will limit the processing of your data to only include what is required to comply with Swedigarch obligations.
THE RIGHT TO LIMIT
You are entitled to request that the processing of your personal data be limited, which means that we will only process your personal data for specific purposes. Swedigarch will limit processing of personal data in the following cases:
If you claim that your personal data is incorrect and Swedigarch needs time to check the accuracy of the data.
If you oppose processing of personal data by Swedigarch. The processing is then limited until considerations have been made balancing between your reasons for objection and the Swedigarch compelling legitimate reasons.
If you request deletion of your personal data, but we cannot do this for any reason.
THE RIGHT TO OBJECT PROCESSING
You are entitled to object to Swedigarchs processing of your personal data in certain cases, such as research or educational activities. Swedigarch will then terminate processing your personal data unless we have compelling reasons to continue with it or if the processing of personal data is required for Swedigarchs legal claims.
RIGHT TO DATA PORTABILITY
In some cases, you may have the right to retrieve and use your personal data elsewhere, so-called right to data portability. A prerequisite for this to be possible is that we process your personal data with your consent or to fulfil an agreement with you. Data portability only applies to such personal data that you yourself have provided.
When someone visits https://swedigarch.se we use a third-party service, XXXX, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone.
Our site may, from time to time, contain links to and from the websites of our partners and members. If you follow a link to any of these websites, please note that these websites and any services that may be accessible through them have their own privacy policies and that we do not accept any responsibility or liability for these policies or for any personal data that may be collected through these websites or services. Please check these policies before you submit any personal data to these websites or use these services.
Changes to this policy
Questions and Contact
If you have questions regarding data protection, you can contact the privacy and data protection officer at firstname.lastname@example.org
Contact email@example.com if you have questions regarding our user terms or your rights according GDPR.