Whether you are a student, parent or an employee, we at Internationella Engelska Skolan want you to feel confident that we handle your personal data in a safe and secure manner.
On these pages we tell you about the personal data we process, why we do it and what we do to protect it.
Find out more by choosing your role below.
The GDPR took effect on the 25th of May 2018. The new regulation is EU-wide and will replace the former Personal Data Act (PuL). The aim is to protect the integrity of all individuals and to strengthen their rights in the processing of personal data.
We process your personal data in order for us to hire you, ensure you receive the correct salary, and carry out other basic HR administration, as well communicate with authorities, follow our legal obligations and collective agreements, and to ensure that you have access to the administrative systems required to fulfil your role.
Examples of personal data we frequently use are names, contact information, social security numbers, bank account information, and union membership in order to carry out the correct salary changes.
We may also need to process other personal data in order to fulfil certain legal obligations, such as verifying a doctor’s note when you are absent due to sickness for more than 7 days.
Your rights
If you have given consent for your personal data to be processed in some way, you have the right to withdraw that consent at any time.
You have the right to know which personal data is being processed, why we need them, for what they will be used and for how long. You may request an extract of the personal data that your school has about you.
Under certain circumstances you may also have the right to have your personal data deleted or changed, or to object to how that data is processed.
Where you have not explicitly given your consent for processing to occur, or we do not have a legal obligation which we are fulfilling by processing your personal data, then in nearly all other cases for processes in our schools you have the right to object to that processing.
Note, however, that we can continue processing your personal data if we have compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
We want all of our employees to feel confident that we are handling their personal data appropriately and to know that we always use a level of security appropriate to the information or system concerned.
We use technical solutions such as central firewalls, web filters, anti-malware, and secure logins using 2-step verification where deemed necessary. All staff work predominantly with Chromebooks in IES which are widely known for their security because they are less prone to malware and theft, and data on them is encrypted.
All our central systems and databases are backed up, and our policy is that all employees work in only approved IT systems.
IES Data Privacy Contact Person
Each of our schools has a Data Privacy Contact Person (DPCP). This is your primary point for questions on how all personal information is handled in your school, and for guidance on how you should be working with personal data.
To contact the Data Privacy Contact Person at a school, email dpcp.school@engelska.se. For example to contact IES Grönköping, dpcp.gronkoping@engelska.se
School reception
If you would like to withdraw a previous given consent or if you wish to have a register extract you can contact the school reception which has a form that needs to be filled out and signed.
IES Data Privacy Group
The overall responsibility for your personal data lies with IES as a company. To support the schools and the Central Services we have a central Data Privacy Group.
To contact the Data Privacy Group, send an email to privacy@engelska.se
It is important that we safeguard the integrity and rights of all the individuals for which we process personal data, where they be students, guardians, colleagues, or someone else.
All employees have a part to play in safeguarding the personal data we process. This includes following routines and procedures, adhering to our company policies, reporting any personal data breaches immediately, participating in ongoing staff education, and being vigilant in matters of security.
To provide more certainty with this in your daily work, we have an internal data privacy site where we gather all information regarding our work with data privacy and relevant policies. We also use short online lessons and quizzes which are sent to all staff members.
We handle an increasing amount of digital information, and cyber crimes are more and more commonplace. You must always be aware of the risks of personal information ending up in the wrong hands, being misused, or handled in an unauthorised manner.
We have technical solutions in place in IES, but there is quite a lot we can all do in addition to these in order to protect the personal information we access. Foremost among these is following our information security policies.
Human error is a common cause for many kinds of security breach. By being aware and thinking critically before clicking a link, opening an email attachment, or adding an extension from a third-party supplier, you can greatly increase your chances of staying safe and properly safeguarding the data to which you have access.
