Policy for the use of personal information within the scope of the Identity Provider at Stockholm School of Economics

The identity provider (IdP) at Stockholm School of Economics performs authentication – verification of user identities – on behalf of services that SSE recognizes, either through the SWAMID identity federation or through a specific agreement.

Services that use Stockholm School of Economics IdP may access certain personal information. Personal information is transferred only in conjunction with the user requesting access to the service, which is also interpreted as consent to process personal information required to deliver the service.

Services are categorized through the identity federation SWAMID, or through specific agreements. The category determines what data is made available to each service.

All services have access to a service- and user-specific identifier. This identifier cannot be traced between services, and makes it possible for the service to e.g. save user preferences.

Services whose primary purpose is for the benefit of research and education have access to the user’s name, email address, user identity, if the user is a student or employee and that the user has an account at SSE. Services that via GÉANT Data Protection Code of Conduct adhere to the European Union’s data protection directive can access to the same information.