Published
2018-05-25The Torsten Söderberg Foundation protects the privacy of applicants. The Foundation takes all appropriate measures required in each case to protect personal data from unauthorized access.
The processing of personal data in the Foundation's activities is carried out in accordance with the provisions of the EU General Data Protection Regulation (GDPR).
Processing of personal data of applicants and beneficiaries
The Foundation processes personal data for the preparation of applications submitted and for the payment and follow-up of grants awarded. Personal data may also be processed for the purposes of compiling and evaluating grants, formulating grant policy and producing application statistics.
The data subject is not obliged to provide personal data, but without it the Foundation cannot process submitted applications and carry out the payment and follow-up of grants awarded. The Foundation may also supplement the personal data provided by obtaining information from private and public registers.
The processing of personal data is necessary in order for the Foundation to be able to comply with the grant award decision and the grant conditions established with the grant recipient, for administrative purposes, for accounting purposes and for the Foundation to comply with the legal rules to which it is subject.
Personal data is processed on the basis of consent in the case of applications and agreement in the case of grants.
Personal data liability
It is the Torsten Söderberg Foundation (org. no. 857203-0214) that is responsible for personal data and decides on the purposes of the processing of personal data in the Foundation's activities.
Torsten Söderberg Foundation
Box 5391
102 49 Stockholm
Tel. 08-661 52 11
e-mail kansli@torstensoderbergsstiftelse.se.
How does the Foundation get the personal data?
The Foundation collects personal data when registering a user account, when submitting an application, when requesting funding and through communication with data subjects.
What data is processed?
User account: name and email address.
Application: name, date of birth, title, gender, address, telephone number, e-mail address, year of dissertation, details of organizational affiliation and grant administrator. Contact details for grant administrators are verified with the social security number/organization number from Bisnode's register. Where applicable, the co-applicant's information is processed; name, affiliation and e-mail address as well as information for the authorized head of department, director or head of department; name, affiliation, address and e-mail address.
Statistics and presentation of grants awarded: name, title, grant manager/organization, amount awarded and project title.
Payment: name, address, telephone, e-mail address, bank account number and any other information necessary for the Foundation to administer the payment of grants.
E-mail: additional information through communication with applicants and beneficiaries.
What data is published?
On the Foundation's website and in the Foundation's annual journal and other similar mailings and channels used by the Foundation to present grant awards, grants awarded are published in the form of the applicant's name and title, amount awarded, grant manager/organization affiliation, project title and popular science summary.
Information on consent
By creating an account and submitting an application, the data subject agrees that the Foundation may process the personal data provided to the extent required by the Foundation's purposes.
Transfers to third countries
Personal data may be transferred to and stored in a country outside the EU/EEA for the same purposes described in this document. Regardless of the country to which the Foundation transfers personal data, the Foundation fulfills its obligation to ensure that a high level of protection is afforded to the data and that it is processed in accordance with the General Data Protection Regulation (GDPR).
Who may have access to the data?
In addition to the Board and the Secretariat of the Torsten Söderberg Foundation, the information is provided to the Foundation's scientific advisors and other interested parties linked to the Foundation's activities, such as accounting firms and auditors. A submitted application is not a public document and is not passed on to unauthorized persons. However, in certain cases, an application may be discussed with relevant persons within the applicant's university or research organization, with the relevant administrator and with other external funders.
How long is personal data stored?
Personal data in applications and grant documentation is stored for as long as it is necessary for the Foundation's administrative work and for the follow-up of granted research projects. Applications and grant documentation are stored digitally for ten years, after which they are archived in paper form. The purpose of preservation is to enable historical and statistical research purposes over time. In addition, preservation is based on legitimate interest in evaluating and developing the Foundation's activities.
Rights of the data subject
Extract from the register. The data subject has the right to request an extract in order to verify what personal data the Foundation is processing and the accuracy of the data recorded.
Rectification of data. The Foundation is obliged, at the request of the data subject, to rectify without delay any data that has been altered, is inaccurate or has not been processed in accordance with the GDPR.
Right to erasure, restriction of processing, etc. The data subject has the right to request that the Foundation erase registered personal data or restrict the processing of the data. This right does not include the processing of personal data that takes place on the basis of, for example, the Accounting Act.
A request for an extract from the register, rectification or erasure must be made in writing, signed by the person making the request and include the name and social security number. It should be addressed to the Foundation/data controller (see above).
Complaints. The data subject has the right to lodge a complaint, where appropriate, with the Data Protection Authority, which is the supervisory authority for the processing of personal data.
Update on the processing of personal data
The Foundation may make changes to the processing of personal data. A new version of this document becomes effective when it is published on the Foundation's website.