Description of MyAccount Chalmers
MyAccount is a service directed towards user at Chalmers.
The service intended for administration of your Chalmers account (CID).
Processing of personal data
Transfer of personal data
Personal data are being transferred from the identity provider (your login service) to the service to ensure that you as a user have access to your information in the service and to provide you with a user-friendly interface.
When logging in to this service, the following personal data are requested from the identity provider you use:
| Personal data | Purpose | Technical representation |
|---|---|---|
| Unique identifier | To give you access to your information | eduPersonPrincipleName |
| First name | The name is used in the UI | givenName |
| Last Name | The name is used in the UI | sn |
| Social security number | To give you access to your information | norEduPersonNIN personalIdentityNumber |
| Assurance level | eduPersonAssurance |
In addition to direct personal data, indirect personal data are also transferred, such as which organisation the user belongs to and which identity provider has been used when logging in. In combination with the above personal data, these can be used to uniquely identify a person.
Other processing of personal data within the service
The following personal data can be managed in the service: mail, phone number and room number.
Logs from the service are kept for one month. These logs hold personal data acquired from the Identity Provider.
Transfer of personal data to third parties
No data is transferred to third parties.
Purging of personal data
No personal data is stored in the service, the personal data that can be modified is stored in PDB.
Lawful basis, right of access, rectification and erasure, and personal data controller
Please see Processing of personal data | Chalmers for detailed information about how Chalmers University of Technology (Chalmers) processes personal data.
GÉANT Data Protection Code of Conduct
This service complies with the international framework GÉANT Data Protection Code of Conduct (http://www.geant.net/uri/dataprotection-code-of-conduct/v1) for the transfer of personal data from identity providers to the service. This framework is intended for services in Sweden, the EU and the EEA that are used in research and higher education.