Skip to main content


What does the general data protection regulation (GDPR) mean?

On May 25, 2018, the GDPR comes into force, the general data protection regulation replacing the current Personal Data Act, PuL. The new legislation will strengthen the protection of the individual's personal data. Here we briefly describe what GDPR means for foundations.

GDPR supplements and replaces PuL

GDPR basically covers the processing of all types of personal data that can be linked to you as a person. Those who today follow the rules in PuL need therefore to supplement and clarify certain information. For example, the Accounting Act may require the Foundation to store certain tasks as accounting material and then we need to decide what information we really need to store.

Your personal information will only be stored as longer as necessary

Authorized applications are normally considered as accounting materials and can be saved on the basis of the accounting rules. Applications rejected are saved for a maximum of two years.

What does GDPR mean for KTH foundations?

It is the foundation that is personally responsible and as such, we are responsible for saving only necessary information.

KTH's Data Protection Officer is Robin Roy. You can contact the representative by e-mail at or by telephone at +46 8 790 87 52.

How is the Foundation Administration at KTH processing your personal information (pdf 30 kB)

Do you want to know more?

Read more about the Data Protection Regulation on the Swedish Authority for Privacy Protection website. 

Did you find this page useful?
Thank you for helping us!
Belongs to: Student at KTH
Last changed: Jan 12, 2021