Acceptable use policy

Rules and obligations when using the network of Mid Sweden University.

Acceptable use policy

Information about the handling of personal data when using a Mid Sweden University student account

When you applied for studies at Mid Sweden University, you
informed us of your name, your Swedish personal ID number,
and your name. The university needs this data to register
your studies. The handling of personal data is automated
and in accordance with the Swedish regulation on the
presentation of studies etc. at universities and university
colleges (1993:1153).

To facilitate your studies, you are given a user identity for e-
mail, conferences, printouts, storage of files etc., as well as
an entrance card for Mid Sweden University. For the
handling of the card and the account, Mid Sweden University 
uses Ladok data to register user identities and entrance card
data. The user account data include your name, your Swedish
personal ID number and e-mail address, and the entrance
card data include your name, your Swedish personal ID
number, e-mail address as well as the course or programme
code.

The aim is to facilitate a secure handling of the user identity
and the entrance card. Your contact information can also be
found in Moodle or other learning platforms, so that you can
access the content of the courses. This data will only be used
in the context of your studies at Mid Sweden University, but
all employees can get access to that data in different ways.
In the case of a suspected crime, data from the system may
be handed over to law enforcement agencies.

Mid Sweden University is responsible for the students´
personal data. The university is also a Swedish authority,
and therefore, it is obliged to follow certain regulations,
such as the rules and regulations for public records,
authorities´ archives and public statistics. This way, the
university will also handle the personal data in line with
the legislation in force. If a person requests a copy of a
public record containing your personal data, Mid Sweden
University may approve. This is the case if the data are
considered public records and not classified.

By submitting a written request, you have the right to know if
personal data about you are used by Mid Sweden University,
and, among other things, be given the opportunity to look at
the personal data Mid Sweden University has registered 
about you. Reasons for this could be to check if the
information is correct, or to decide if you would like to ask
for a change, or part of the information to be deleted, if
possible. Please send your request to registrator@miun.se
or to Mid Sweden University, the Registrar´s Office,
SE-851 70 Sundsvall.

You have the right to submit a complaint regarding the
handling of your personal data to the Mid Sweden University
Data Protection Officer or directly to the Swedish Data
Protection Agency.

The contact information of the Mid Sweden University Data
Protection Officer can be found on the website, search for
”Data Protection Officer”. More information about the
Swedish Data Protection Agency can be found at
Integritetsskyddsmyndigheten

Regulation for the use of the network and other IT resources at Mid Sweden University

The IT resources of the university belong to Mid Sweden
University and are meant to be used in the framework of the
activities of the university. The IT resources may only be used
by authorized users. The use of the IT resources may not
interfere with existing legislation, the rules of SUNET, the
regulations listed in this document or the regulations of the
respective activity.

Authorized user

An authorized user is a user who has been authorized to use
the IT resources of the university

  • The authorization is personal and cannot be transferred
    to a third person
  • The user identity must not be hidden when using the IT
    resources
  • The authorization expires when the employment,
    studies or other link to Mid Sweden University ends
  • The authorization can be withdrawn when the
    regulations are violated or when Mid Sweden University
    finds it necessary.

Use of the IT resources at Mid Sweden University

The IT resources of Mid Sweden University must not be used
to spread, store or share information in an inappropriate way

  • interfering with existing legislation,
  • in activities that are not tied to the university,
  • for purposes that may harm the university´s name or
    reputation,
  • aiming at the marketing of products or services that are
    not linked to the university,
  • or in any other way interfere with the university´s
    activities.

 

Specific rules for Microsoft365 

Microsoft365 is a cloud-based platform with tools for working anywhere and on different platforms. It contains applications such as Word, PowerPoint, Excel, Outlook mail, and Outlook calendar, and several other tools/services, such as programmes to discuss, exchange ideas, plan, collaborate and share documents. 
Please note that all communication with employees is considered public documents and may be disclosed to the public. In addition to general rules in accordance with the University's liability for Microsoft365 (M365), the following applies: 

  • The purpose of M365 is to support the activities and tasks that the studies require.
  • M365 must not contain data that is covered by confidentiality under the Public Access to Information and Secrecy Act or by law violations and specific categories of personal data (so-called sensitive personal data) according to the General Data Protection Regulation, GDPR.  
  • M365 must not be used so that the use infringes on the privacy of others, attempts to insult or humiliate others, illegally disseminates copyrighted material, solicits violations or violates Swedish law or is otherwise inappropriate, offensive, disturbing, vulgar, obscene or indecent. 
  • Your M365 account, as well as the e-mail account which is part of it, will remain active for 12 months after you have been deregistered as a student at Mid Sweden University. Thereafter, your M365 account will be inactive for 30 days before it is deleted. 

Equipment and network

It is not allowed to:

  • attach equipment, such as switches, routers, access
    points or other types of network equipment,
  • offer services, such as DHCP, DNS, FTP, HTTP, HTTPS,
    SMTP using the Mid Sweden University network.

It is allowed to attach private equipment, such as mobiles or
computers, to the Mid Sweden University network.

Information security and GDPR

As a user, I am also obliged to

  • follow the university´s rules and regulations for information security
    Information security
  • handle personal data in accordance with GDPR
    GDPR

Consequences/Sanctions

Users who breach the regulations may be suspended from
further use of the computers and network of Mid Sweden
University, and also suspended from their studies or work,
 or even fired. Acts that are considered criminal will be
reported to the police. Individuals who breach the above-
mentioned regulations are personally liable in terms of
consequences, sanctions or compensation.

Inactivating a user identity

Your user identity will be inactivated when:

  • You have not been logged in for the last 12 months
  • You have not been registered as a student in the last 12
    months

Responsibility

I hereby confirm that I have read the Mid Sweden University
regulations for using the university´s IT resources, and I have
the intention to follow them. I also intend to stay informed
about any changes in the regulations and if applicable, follow
the new regulations.

Links:

SUNET´s rules: 
https://www.sunet.se/policy-for-tillaten-anvandning/
Informationsecurity: 
https://www.miun.se/informationssakerhet
GDPR: 
https://www.miun.se/en/staff/support/general-data-protection-regulation/gdpr-kurs/

Identity Provider - IDP

General description of SAML2 WebSSO

The service provides authentication of users which have an electronic idenitity at Mid Sweden University , together with release of attributes pertaining to the authenticated user. The provider of the service/centre of learning is a member of SWAMID, the Swedish identity federation for Research and higher education. The service has been deployed in accordance with SWAMID’s policy and encompassing rules and guidelines which have been laid down by SWAMID.

 

Policy for personal integrity

The service adheres to the policy for the handling of personal data which has been published by Mid Sweden University in accordance with Swedish law.

 

The service and limitations of service

Mid Sweden University undertakes to guarantee the availability of the service in accordance with Mid Sweden University’s requirements and expectations. The process for creation, deletion and maintenance of electronic identities at Mid Sweden University is described here . Mid Sweden University follows SWAMID’s recommendations for release of attributes based upon entity categories. Mid Sweden University reserves the right to change the actually released attributes, having communicated such with a service provider, regardless of the recommendations from SWAMID concerning the entity category the service provider has been placed in.

 

Service and support


Questions and faults regarding Mid Sweden University and it’s SAML2 WebSSO service should be directed to the following local support channels: 

 

Tfn: 010-142 80 00
E-post: itsupport@miun.se
Webb: www.miun.se/itsupport

Contact

IT Support

IT Support

0101428000

The page was updated 9/19/2022