Processing of Personal Data in the Email and Calendar Service
Description of the Email and Calendar Service
The university's email and calendar service consists of several IT systems that together constitute the entirety of the service. The main system is Microsoft Exchange, which is managed by the Division for University IT Services (UIT) and hosted in server rooms within the university.
Sympa is the system for managing mailing lists and is also operated internally within the university by UIT. Sunet Mailfilter is usedfor scanning incoming and outgoing email for the presence of viruses, spam, malware, or other malicious code. The service is operated by Sunet and administered by UIT.
You should only log in to these systems if you are affiliated with Uppsala University or in collaboration with Uppsala University and have been requested to log in.
Students at the university use Microsoft Exchange Online, which is part of Microsoft 365.
Management of Personal Data
Transfer of Personal Data
Personal data in the email and calendar systems are limited to usernames, first names, last names, and email addresses.
Personal Data | Purpose | Technical representation |
|---|---|---|
User Name | Account identifier for you as a user in the service so that you can access according to the rights assigned to you. | |
First Name | Identify yourself to other users in the services. | |
Last Name | Identify yourself to other users in the services. | |
Email Address | Account identifier and contact method. |
Other Processing of Personal Data in the Services
Content in message text, attachments and calendar events may contain personal data. Sensitive personal data must not be sent unprotected via email.
Technical logs are saved for troubleshooting and security-related incidents. These technical logs contain information about all logins made, including transferred personal data.
Generally, logs within the service are retained for 3-12 months.
Transfer of Sensitive Personal Data to Third Parties
No sensitive personal data is transferred to third parties except for what users themselves input into the services.
Legal Basis
Personal data is processed based on the legal basis of public interest. Personal data must be transferred to provide users access to the service for their work at Uppsala University or in collaboration with Uppsala University.
Right to Access, Rectify, and Erase Personal Data
Personal data for university students, employees, and other active individuals are automatically corrected based on the personal data transferred from Uppsala University's directory and authorization system (AKKA).
To delete your personal data or request an extract from the register, contact dataskyddsombud@uu.se.
Purging of Personal Data
Uppsala University only retains your personal data for as long as necessary for the purpose of processing, or as required by law.
Data Controller
The data controller for the processing of personal data is Uppsala University.
If you have questions about how personal data is handled within the service, contact the data protection officer.
Contact information for the data protection officer: dataskyddsombud@uu.se.
GÉANT Data Protection Code of Conduct
This service follows the international framework GÉANT Data Protection Code of Conduct for the transfer of personal data from identity issuers to the service. The framework is intended for services in Sweden, the EU, and EEA used in research and higher education.