Service Provider Privacy Policy Template

SWAMID har tagit fram en exempelmall f?r hur en "privacy policy" kan se ut om tj?nsten anv?nder entitetskategorin G?ANT Data Protection Code of Conduct f?r att f? attribut ?verf?rda fr?n en identitetsutf?rdare (IdP) till tj?nsten (SP). N?r ni g?r en egen anpassning av mallen till tj?nsten ?r det viktigt att g? igenom alla delar och kontrollera att er tj?nst fungerar som beskrivet, annars beh?ver ni ?ndra texten. Text i gr?nt ?r st?d till er n?r ni anpassar inneh?llet och ska inte finnas med i slutgiltigt dokument. Text inom < > ska ers?ttas med egeninformation.

Exempelmall: ?verf?ring av personuppgifter till <namn p? tj?nsten> i samband med federerad inloggning (Privacy Policy)

Beskrivning av?<namn p? tj?nsten>

Namn p? tj?nsten ska vara samma som mdui:DisplayName i tj?nstens registrerade metadata i SWAMID.

H?r beskrivs tj?nsten p? ett bra s?tt riktat mot anv?ndare. En k?rnfull sammanfattning p? max 160 tecken av tj?nstens beskrivning ska registreras i mdui:Description i tj?nstens registrerade metadata i SWAMID.?

<Namn p? tj?nsten> ?r en tj?nst riktad till <anv?ndargrupp> fr?n <exempel p? organisationer>.

<Beskrivande text om tj?nsten, ca 1-2 textstycken>

Hantering av personuppgifter

?verf?ring av personuppgifter

Det ?r viktigt att beskriva exakt vilka uppgifter som ?verf?rs och dess syfte. Informationen ska vara tydlig f?r de personer som dokumentet ?r avsett f?r. Den tekniska representationen anv?nds f?r fels?kning och ska vara attributnamn som definierats i attributets LDAP-specifikation.

Personuppgifter ?verf?rs fr?n identitetsutf?rdaren (din inloggningstj?nst) till tj?nsten f?r att s?kerst?lla att du som anv?ndare f?r tillg?ng till din information i tj?nsten samt f?r att ge dig ett anv?ndaranpassat gr?nssnitt.

I samband med inloggning i denna tj?nst beg?rs f?ljande personuppgifter fr?n den identitetsutf?rdare du anv?nder:

PersonuppgifterSyfteTeknisk representation
Unik identifierareAtt ge dig tillg?ng till din informationeduPersonPrincipleName
NamnNamnet anv?nds i listor inuti tj?nstendisplayName
E-postadressAnv?nds f?r att kunna kontakta digmail


F?rutom direkta personuppgifter ?verf?rs ?ven indirekta personuppgifter s?som vilken organisation anv?ndaren tillh?r och vilken identitetsutf?rdare som har anv?nts vid inloggningen. I kombination med ovanst?ende personuppgifter kan dessa anv?ndas f?r att unikt identifiera en person.

?vrig behandling av personuppgifter i tj?nsten

H?r ska det beskrivas vilken ytterligare behandling av personuppgifter och dess syfte som sker inom tj?nsten, t ex genom inmatning av personuppgifter fr?n anv?ndarens sida ifall tj?nsten har en lokal anv?ndarprofil som anv?ndaren sj?lv kompletterar med information som ej kommer fr?n identitetsutf?rdaren. Det handlar ocks? om personuppgifter som kommer ifr?n annan k?lla och knyts ihop med anv?ndaren i tj?nsten. T?nk ocks? p? att personuppgifter som sparas i loggfiler och p? andra st?llen m?ste beskrivas.

?verf?ring av personuppgifter till tredje part

H?r ska det beskrivas vilken (om n?gon) ?verf?ring av personuppgifter som sker till tredje part. T?nk p? att entitetskategorin G?ANT Data Protection Code of Conduct v1.0 (http://www.geant.net/uri/dataprotection-code-of-conduct/v1) medf?r kraftiga begr?nsningar av vilka personuppgifter som f?r ?verf?ras till tredje part.

Utdrag ur?G?ANT Data Protection Code of Conduct v1.0:

The Service Provider agrees and warrants:

f) [Third parties] not to transfer Attributes to any third party (such as a collaboration partner) except

a. if mandated by the Service Provider for enabling access to its service on its behalf, or
b. if the third party is committed to the Code of Conduct or has undertaken similar duties considered sufficient under the data protection law applicable to the Service Provider or
c. if prior consent has been given by the End User;

R?ttslig grund

Under detta avsnitt ska det beskrivas under vilken r?ttslig grund enligt Dataskyddsf?rordningen (GDPR) som personuppgifterna behandlas. Den r?ttsliga grunden ?r kopplad till ?ndam?let med behandlingen.

T?nk p? att den r?ttsliga grunden samtycke st?ller v?ldigt h?ga krav p? frivillighet och kan d?rf?r v?ldigt s?llan anv?ndas f?r tj?nster som en person anv?nder i sin anst?llning eller i sina studier.

R?tt till registerutdrag, r?ttelse och radering av personuppgifter

H?r ska anv?ndarens r?ttigheter enligt Dataskyddsf?rordningen (GDPR) beskrivas. S?rskilt viktigt ?r ?tkomst till personuppgifter, r?ttelse av personuppgifter samt radering av personuppgifter.

F?r registerutdrag, r?ttelse och radering av dina personuppgifter, kontakta personuppgiftsansvarig.

R?ttelse av personuppgifter som ?verf?rts i samband med inloggning g?r du i den identitetsutf?rdare som du anv?nder f?r att logga in. Dessa uppgifter r?ttas i tj?nsten vid f?rsta inloggningen efter att personuppgifterna ?r r?ttade i identitetsutf?rdaren.

Rensning av personuppgifter

H?r beskrivs ?versiktligt tj?nstens regelverk om automatiserad rensning av personuppgifter inkl. hur l?nge dessa sparas d? anv?ndaren inte l?ngre anv?nder tj?nsten.

Personuppgiftsansvarig

H?r beskrivs kontaktv?gar till personuppgiftsansvarig samt?dess f?retr?dare (den som inom organisationen ?r ansvarig/f?rvaltare f?r tj?nsten). Kontaktv?gar ska ?ven anges till organisationens dataskyddsombud. OrganizationDisplayName i tj?nstens registrerade metadata i SWAMID ska vara samma som organisationsnamnet i detta avsnitt.

Personuppgiftsansvarig f?r behandlingen av personuppgifter ?r <organisation>, <land>. Har du fr?gor om hur personuppgifter hanteras inom tj?nsten tag kontakt med <e-postadress till tj?nstef?retr?dare>.

Dataskyddsombud ?r <namn>, <organisation>, <kontaktinformation>. alternativt?Kontaktuppgifter till <organisation> dataskyddsombud finns p? <URL till informationssida med kontaktuppgifter till dataskyddsombudet>.

G?ANT Data Protection Code of Conduct

Denna tj?nst f?ljer det internationella ramverket?G?ANT Data Protection Code of Conduct (http://www.geant.net/uri/dataprotection-code-of-conduct/v1) f?r ?verf?ring av personuppgifter fr?n identitetsutf?rdare till tj?nsten. Ramverket ?r avsett f?r tj?nster i Sverige, EU och EES som anv?nds inom forskning och h?gre utbildning.

Template:?Transfer of personal data to <name of the service> when using federated login (Privacy Policy)

Description of <service name>

The name of the service must be the same as mdui:DisplayName in the service's registered metadata in SWAMID.


<Name of the service> is a service directed towards <user group> from <examples of organisations>.

<Descriptive text about the service, approx. 1-2 paragraphs of text>

Processing of personal data

Transfer of personal data

It is important to clearly describe which data is being transferred and for what purpose. The information must be clear to the persons for whom the document is intended. The technical representation is used for troubleshooting and should be attribute names defined in the attribute's LDAP specification.

Personal data are being transferred from the identity provider (your login service) to the service to ensure that you as a user have access to your information in the service and to provide you with a user-friendly interface.

When logging in to this service, the following personal data are requested from the identity provider you use:

Personal dataPurposeTechnical representation
Unique identifierTo give you access to your informationeduPersonPrincipleName
Name The name is used in lists within the servicedisplayName
E-mail addressUsed to be able to contact you by e-mailmail


In addition to direct personal data, indirect personal data are also transferred, such as which organisation the user belongs to and which identity provider has been used when logging in. In combination with the above personal data, these can be used to uniquely identify a person.

Other processing of personal data within the service

Here it must be described which further processing of personal data that takes place within the service and for which reason this is done, for example by entering of personal data from the user if the service has a local user profile which the user himself supplements with information that does not come from the identity provider. There should also be a description regarding personal data that comes from another source and is linked to the user in the service. Keep in mind that personal data stored in log files and elsewhere must be described.

Transfer of personal data to third parties

Here it must be described which (if any) transfer of personal data takes place to third parties. Keep in mind that the entity category G?ANT Data Protection Code of Conduct v1.0 (http://www.geant.net/uri/dataprotection-code-of-conduct/v1) imposes severe restrictions regarding which personal data may be transferred to third parties.

Excerpt from G?ANT Data Protection Code of Conduct v1.0:

The Service Provider agrees and warrants:

f) [Third parties] not to transfer Attributes to any third party (such as a collaboration partner) except

a. if mandated by the Service Provider for enabling access to its service on its behalf, or
b. if the third party is committed to the Code of Conduct or has undertaken similar duties considered sufficient under the data protection law applicable to the Service Provider or
c. if prior consent has been given by the End User;

Lawful basis

This section describes the Data Protection Regulation (GDPR) lawful basis according to which the service processes personal data. The lawful basis is linked to the purpose of the processing.

Keep in mind that the lawful basis for consent places very high demands on voluntariness and can because of this very rarely be used for services that a person uses in their employment or in their studies.

Right of access, right of rectification and right of erasure of personal data

Here, the user's rights according to the Data Protection Regulation (GDPR) must be described. Particularly important is access to personal data, rectification of personal data and erasure of personal data.

For access,?rectification and erasure of your personal data, contact the Personal data controller.

Rectification of personal data that was transferred at the moment of login has to be done in the identity provider that you use to log in. This information is corrected in the service at the moment of the first login after the personal information has been corrected in the identity provider.

Purging?of personal data

Here, a general description of the service's routines regarding automated purging of personal data, incl. how long the personal data are stored after the user no longer uses the service, should be entered.

Personal data controller

Here, contact information to the personal data controller and its representative (the person within the organisation who is responsible / administrator for the service) are described. Contact information must also be specified to the data protection officer. OrganizationDisplayName in the service's registered metadata in SWAMID must be the same as the name in this section.

Personal data controller for the processing of personal data is <organisation>, <country>. If you have questions about how personal data are?processed within the service, please contact <e-mail address for service representatives>.

Data protection officer is <name>, <organisation>, <contact information>. alternatively Contact information for <organisation> data protection officer can be found at <URL to information page with contact information for the data protection officer>.

G?ANT Data Protection Code of Conduct

This service complies with the international framework G?ANT Data Protection Code of Conduct (http://www.geant.net/uri/dataprotection-code-of-conduct/v1) for the transfer of personal data from identity providers to the service. This framework is intended for services in Sweden, the EU and the EEA that are used in research and higher education.

Exempel p? anv?ndning av denna mall

Nedan finns exempel p? n?r mallarna p? denna sida har anv?nts.


  • No labels