Privacy policy

As part of the University of Gothenburg, Wexsus applies the General Data Protection Regulation (GDPR) with supplementary legislation.

On this page, we collect information about how personal data is processed at Wexsus. If you have questions about how the University processes personal data, you can find more information on gu.se and you are welcome to contact the University of Gothenburg's Data Protection Officer.

• Read more: To gu.se
• Contact: dataskyddsombud@gu.se

Wexsus processes personal data in order to be able to carry out our mission to strengthen society's ability to make sustainable transition through collaboration. We disseminate research and knowledge about sustainable development, create networks, make contacts and build relationships between sectors of society, research fields and disciplines.

The processing of personal data takes place in accordance with established procedures for collection, storage, access and deletion. We use technical and organisational measures to ensure that personal data is handled in a secure and correct manner.

What is meant by personal data?

Personal data is any kind of information that can be directly or indirectly linked to an identifiable person, such as name, email address, job title or employer.

In what situations does Wexsus process personal data?

Wexsus processes personal data in order to:

• Conducting and administering events such as meetings, seminars, webinars and conferences.
• Manage subscriptions to newsletters and other mailings.
• To mediate contacts that facilitate collaboration between academia, companies, public actors and civil society.
• Administer participation in research networks and expert groups.
• Document, administer and follow up participation in activities and projects.
• Communicate and inform through different channels.
• Improve the user experience in our channels and offers.

What type of personal data is processed?

Wexsus processes the following types of personal data:

• Contact information such as name, email address and telephone number.
• Professional information such as title, role, area of expertise and employer.
• Study-related information such as university affiliation, subject knowledge and course assignments.
• Information related to participation in activities (e.g. meetings, seminars and conferences) such as type of participation and food preferences.
• Data for communication in internal and external channels, such as images, video and contact preferences.
• Data that describes user behaviour and experience in our channels (e.g. web and newsletters) such as cookies and the user's assessment of content.

Personal data is usually collected directly from the data subject, but may in some cases come from an employer or publicly available sources such as a public website.

Legal basis for personal data processing

The processing of personal data is based on the following legal basis under the GDPR:

• Public interest (Art. 6.1 e) – as Wexsus is part of a public authority and has the task of collaborating with the surrounding society, promoting sustainable development nationally and globally, promoting lifelong learning and contributing to a close connection between and high quality in education and research as described, among other things, by the Higher Education Act (1992:1434) Chapter 1, Section 2,  3 §, 4 § and 5 §. 

How is the personal data protected?

Wexsus complies with applicable security standards and current guidelines for the protection of personal data, in accordance with the guidelines established by the University of Gothenburg. 

Examples of protection are:

• Limited access to personal data based on eligibility and adequate training for authorized personnel.
• Encryption of data when necessary.
• Procedures for secure storage and deletion of data.

If an incident occurs

In the event of a personal data breach, the matter is handled according to established procedures, and affected individuals are informed in accordance with GDPR Articles 33 and 34.

Who can access my personal data?

Since Wexsus is part of the University of Gothenburg, we are subject to the principle of public access to official documents. This means that information, including certain personal data, may be disclosed upon request, unless there are confidentiality reasons that prevent this. Personal data can also be shared with partners and suppliers when it is necessary for the business, and then it is done in accordance with applicable rules and agreements.

Transfer of personal data to third countries

Wexsus may in some cases transfer personal data to third countries (countries outside the EU/EEA). Such transfers only take place when there is legal support and with appropriate safeguards, for example through agreements with standard contractual clauses.

How long is the personal data stored?

Since Wexsus is part of the University of Gothenburg, we are covered by the Archives Act. This means that information, including certain personal data, may be archived. In this case, the information is stored forever in the University's archives. In other cases, personal data will only be stored for as long as they are needed for the purpose for which they were collected. Deletion takes place in accordance with established procedures and in accordance with current legislation.

Your rights

As a data subject, you have the right to request access to your personal data and information about how it is processed, rectification if something is incorrect, deletion of your data in certain cases, restriction of the processing of your data and to object to processing that takes place on the basis of public interest. You also have the right to request data portability, which means that you can receive your data in a structured, machine-readable format. If you believe that your rights are not being respected, you have the option of filing a complaint with a supervisory authority. To exercise your rights, you can contact us using the contact details set out below.

Want to know more

If you have questions about how your personal data is processed, you can contact Wexsus by e-mail: info@wexsus.se.

You can also turn to the University of Gothenburg's Data Protection Officer for questions about personal data processing: dataskyddsombud@gu.se.

If you believe that we are processing your personal data in violation of applicable legislation, you have the right to file a complaint with the Swedish Authority for Privacy Protection (IMY): https://www.imy.se