Transfer of personal data to Ladok development systems when using federated login

Description of services

The Ladok development systems are services used by the development organisation of the Ladok system. The federated login handles login to the infrastructure used in the development of Ladok.

Processing of personal data

Transfer of personal data

Personal data is transferred from the identity provider (your login service) to the service to ensure that the service knows who you are and what permissions you should have. While logging in to this service, the following personal information is requested from the identity provider you use:
Personal data Purpose Technical representation
Unique identifier To identify the user and apply user access eduPersonPrincipalName, cn
Personal identity number To identify the user and apply user access norEduPersonNIN
Name To name your identity in the service givenName, sn, displayName
E-mail address To contact the user mail
Assurance level To ensure the quality of identification of the user eduPersonAssurance
Organisation affiliation To categorise the user's employment status eduPersonScopedAffiliation

In addition to direct personal data, indirect personal data are also transferred, such as which organisation the user belongs to and which identity provider has been used when logging in. In combination with the above personal data, these can be used to uniquely identify a person.

Other processing of personal data within the service

Personal data is also stored in log files at the service in order to maintain traceability and to simplify troubleshooting.

Transfer of personal data to third parties

No personal data are transferred to third parties.

Lawful basis

The processing of personnel’s personal data and personal data transferred from identity providers while logging in is processed within the framework of public interest to enable use of the service.

Right of access, right of rectification and right of erasure of personal data

For access, rectification and deletion of your personal data, contact the personal data controller for the service.

Correction of personal data transferred from your identity provider during login is done at your identity provider.

Purging of personal data

Personal data is purged when the no longer are needed by the services.

Personal data controller

The person responsible for the processing of personal data is the Ladok Consortium, Sweden. If you have questions about how personal data is handled within the service, contact Gunnar Råhlén,

Data protection coordinator within the Ladok Consortium is Gunnar Råhlén,

GÉANT Data Protection Code of Conduct

This service complies with the international framework GÉANT Data Protection Code of Conduct ( for the transfer of personal data from identity providers to the service. This framework is intended for services in Sweden, the EU and the EEA that are used in research and higher education.