Information about Malmö University's use of cookies and processing of personal data.

Cookies on Malmö University's website

A cookie is a text file sent from our website and stored on your computer or device. 

Our site contains two different types of cookies:

  • persistent cookies — these are text files sent from our websites and stored on your computer; and
  • session cookies — these are only stored temporarily and disappear once you close your browser.

Cookies used by Malmö University

We use

  • ImBox/ImBoxStats - Chat (Accept Necessary)
  • Prevent the cookie dialog box to appear (Accept Necessary)
  • Google Analytics (Accept All)
  • Siteimprove Analytics (Accept All)
  • Facebook Pixel cookies (Accept All)

Malmö University uses cookies for statistics, to count users, analyse traffic, handle forms, and optimise our presence on social media channels. Google Analytics collects IP addresses, geographic location, and information about the device the visitor is using.

How to disable cookies

You can disable and delete cookies by changing the settings in your browser. How to do this depends on what browser you are using. You can find more information by checking your browser's help resources. 

GDPR — processing personal data

Malmö University, as a public authority, processes personal data in accordance with EU regulation 2016/679 of the European Parliament and European Council. This regulation is referred to as the General Data Protection Regulation (GDPR).The University is responsible for the processing of all personal data related to its operations. 


If you have any questions regarding GDPR, please contact the University's Data Protection Officer:

Malmö University only processes personal data when required for a specific purpose. This includes collecting data about students, researchers, employees, patients, job applicants, collaboration partners and conference participants.

The majority of this information will be collected directly from you. In certain cases, we also collect data from other sources such as the Swedish Tax Agency or the Swedish Board of Student Finance (CSN).

The type of personal data we process depends on the information we require. This can include:

  • contact information such as your name, address, phone number and email;
  • personal identification numbers;
  • bank details or other financial information in order to make a payment or send an invoice;
  • personal data that has been collected as part of participation in a research study;
  • study results or other information regarding your academic work;
  • information about patients at our dental clinic or at the Student Health Service;
  • information collected when using our websites, such as cookies;
  • information required for conference attendance or course participation; and
  • personal data which is necessary for employment, or as part of the recruitment process.

Since we are a public instition, a lot of information at the University is public record. If your personal data can be found in a public record, anyone who requests access to this document can view it, unless the Public Access to Information and Secrecy Act (2009:400) prevents this.

Malmö University may only transfer personal data to third parties if there is a legal basis to do so.

Your personal data may be disclosed to Malmö University's partners during research projects, to suppliers, or to other parties that need access to this data due to an agreement between yourself and the University. Data may also be disclosed to external parties if this is in the public interest, is part of an operation of an official authority, or due to legal obligation.

When transferring personal data to another party, we take all legal, organisational and technological precautions necessary  to protect your data. You will be informed if we plan to disclose information about you to other organisations.

Malmö University must ensure that all processing of personal data is protected through technological and organisational measures. The level of these measures must be proportional to the security risk.

Security entails confidentiality, integrity and availability as well as adequate technological protection. This may involve giving only authorised individuals access to personal information, encrypting this information, storing it in specially protected locations and making processing copies. The University has an information security management system that: continuously reviews all administrative systems in which risk and vulnerability analyses are carried out; classifies the information; charts system dependence; and conducts follow ups.

The processing of personal data must have a legal basis, meaning it must be required for a specific purpose.

Malmö University processes personal data in order to fulfill our duties as a public authority, specifically within the field of research and education, and for collaboration purposes. This data is also processed in order to review and develop our operations, and comply with Swedish law. All processing of personal data at the University occurs in order to promote these purposes in some form. 

Your teacher, manager or head of research can provide you with more information on how your personal data is used.

If you have any questions, please contact the University's Data Protection Officer:

We only store your personal data for as long as is necessary for processing purposes, or as long as is required by law.

  • If, for example, you are an employee, we process your personal data for as long as we need to manage the terms of your employment.
  • If you are a student, we process your personal data for as long as you are enrolled at Malmö University; in practice this means six months after the last course registration has ended, unless you notify us earlier.
  • If you are a participant in a study, we process your personal data for as long as is necessary to ensure the quality of the research.

In regard to official documents, personal data is managed in accordance with the Freedom of the Press Act (1949:105), the Archives Act (1990:782) and the Swedish National Archive's regulations. In many cases, this means that your personal data may be stored in Malmö University's archive for a minimum of five years.

Malmö University may transfer personal data to a country outside of the EU/EEA, primarily as part of international research projects. You will be notified should this be the case. The University will then take all reasonable legal, organisational and technological precautions necessary to ensure an adequate level of security for your personal data. Personal data may also be transferred to non-EU countries in connection with procured IT services; however, the University will only do so if the security of this data can be guaranteed.

When you apply to one of Malmö University’s doctoral programmes or courses personal data will be used to process the application and report study results to Ladok. This means that the University collects your name, social security number, e-mail address and which doctoral program you are admitted to, and supporting documents, to be able to enrol you on the programme or course and correctly register your study results.

As all processing of personal data is regulated by the General Data Protection Regulation (GDPR), you have the right to get information about the processing and about the rights you have.

Controller of personal data                 

Malmö University
205 06 Malmö
Phone +46 (0)40-6657000

The University's Data Protection Officer                 

The legal ground for the processing

The processing is necessary to fulfil our duties as a public authority, specifically within the field of research and education, and for collaboration purposes.

Responsible for the processing            

The coordinator for each course or programme.

Purpose of the processing         

To be able to carry out admission to and reporting of study results for the university's doctoral programmes and courses.


Malmö University and Ladok, the student administration system used in Sweden.

Transfer to third countries           

No transfer to third countries.

Time of storage                                    

The data is preserved according to the Swedish law ”Förordning (1993:1153) om redovisning av studier med mera vid universitet och högskolor”.

Your rights                             

  • You have the right to receive an extract from the personal data that is processed. Contact the course or programme coordinator if you want such an excerpt.

  • You have the right to have incorrect information corrected and if you would like to have your information corrected, you can contact the course or programme coordinator.

  • You have the right to request that your information be deleted by revoking your consent. If you want to request that your information be deleted, you can contact the course or programme coordinator.

  • You have the right to obtain your information in a digital format so that you can transfer it to someone else, so-called data portability. If you wish to obtain your information in this way, you can contact the course or programme coordinator.

  • You also have the right to have the processing of your data restricted, which means that they may only be stored until it has been investigated whether they may be used or not. Remember that in a treatment based on consent, you always have the right to revoke your consent and have your information deleted. If you want to request a restriction on the processing of your data, you can contact the course or programme coordinator.

  • You have the right to complain to the supervisory authority, which in Sweden is called the Swedish Authority for Privacy Protection. You can find them at