The General Data Protection Regulation (GDPR) is a European-wide regulation that now replaces the older Data Protection Directive (Directive 95/46/EC) which in Sweden corresponds to PUL (1998:204). The new regulation enters into force May 25th, 2018 and is aimed to ensure that any organization that holds personal data provides a reasonable level of protection for it.The regulation concerns management of user data or “personal data”, in other words data pointing to living persons. Among other things the new regulation gives citizens the right to request an excerpt of how and what personal data is being processed and stored. Citizens can also request correction, deletion or limit the processing or transfer of personal data.

Ahead of the new data protection laws coming into force, the BioAtlas team will be making some changes to the way we process and store data. This will ensure that we are compliant with the new laws, and that everything we do with our user information is as clear and transparent as possible. BAS only holds data that is adequate, relevant and limited to what is necessary in relation to its purpose. Examples of the data BAS holds includes names and emails. The way that BAS processes and stores personal data is outlined in our privacy policy.

At BAS we strive for best practice and we will make sure that all of your personal data stays secure and that we meet the terms of all upcoming data protection laws and regulations. If you would like more information on GDPR at BAS please do not hesitate to contact our Secretariat.

Further information about the implementation of GDPR in Sweden can be found on the Swedish Data Protection Authority or at the Swedish Government Offices.