SH-Konto is a service directed towards admitted/registered students and new employees at Södertörn University.
SH-Konto is used to collect login credentials (SH-Account) for the university´s IT environment.
Personal data are being transferred from the identity provider (your login service) to the service to ensure that you as a user have access to your information in the service.
When logging in to this service, the following personal data are requested from the identity provider you use:
| Personal data | Purpose | Technical representation |
|---|---|---|
| norEduPersonNIN | To ensure that correct credentials (SH-Account) are collected by the individual. | urn:oid:1.3.6.1.4.1.2428.90.1.5 |
| eduPersonAssurance | To ensure that credentials (SH-Account) are collected only when login is SWAMID Assurance Level 2 verified. | urn:oid:1.3.6.1.4.1.5923.1.1.1.11 |
| eduPersonPrincipalName | Used to ensure that correct credentials (SH-Account) are collected by the individual when Swedish security number is not available. | urn:oid:1.3.6.1.4.1.5923.1.1.1.6 |
| givenName | Used to ensure that correct credentials (SH-Account) are collected by the individual when Swedish security number is not available. | urn:oid:2.5.4.42 |
| Used to ensure that correct credentials (SH-Account) are collected by the individual when Swedish security number is not available. | urn:oid:0.9.2342.19200300.100.1.3 | |
| mailLocalAddress | Used to ensure that correct credentials (SH-Account) are collected by the individual when Swedish security number is not available. | urn:oid:2.16.840.1.113730.3.1.13 |
| samlSubjectID | Used to ensure that correct credentials (SH-Account) are collected by the individual when Swedish security number is not available. | urn:oasis:names:tc:SAML:profiles:subject-id:req |
| schacDateOfBirth | Used to ensure that correct credentials (SH-Account) are collected by the individual when Swedish security number is not available. | urn:oid:1.3.6.1.4.1.25178.1.2.3 |
| sn | Used to ensure that correct credentials (SH-Account) are collected by the individual when Swedish security number is not available. | urn:oid:2.5.4.4 |
In addition to direct personal data, indirect personal data are also transferred, such as which identity provider has been used when logging in. In combination with the above personal data, these can be used to uniquely identify a person.
In addition to personal data from the identity provider, time of use is logged and the SH-Accounts unique identifier (uid) to be able to prove that the ceredential issuing has followed the regulations in SWAMIDs "Identity Assurance Level 2 Profile".
No personal data is transfered to third parties.
The processing of personal data in the service SH-Konto is part of Södertörn University´s duties as a public agency.
For access, rectification and erasure of your personal data, contact the Personal data controller.
Rectification of personal data that was transferred at the moment of login has to be done in the identity provider that you use to log in.
Personal data are saved as long as your SH-Account is valid, i.e. as long as you study or work at Södertörn University. Thereafter your SH-Account is revised and all your personal data linked to your SH-Account will disappear (in accordance with GDPR).
Personal data controller for the processing of personal data is Södertörn University, Sweden. If you have questions about how personal data are processed within the service, please contact utveckling@sh.se.
Data protection officer is Anna Gulle, Södertörn University, dataskydd@sh.se.
This service complies with the international framework GÉANT Data Protection Code of Conduct (http://www.geant.net/uri/dataprotection-code-of-conduct/v1) for the transfer of personal data from identity providers to the service. This framework is intended for services in Sweden, the EU and the EEA that are used in research and higher education.