Privacy policy

The Stockholm School of Economics (SSE) processes personal data in accordance with the General Data Protection Regulation (GDPR) and applicable Swedish legislation. This page explains how we approach privacy and data protection and what this means for you as a data subject.

Our approach to personal data

SSE processes personal data to carry out its activities in education, research, administration, communication, and outreach. Personal data is handled lawfully, fairly, and transparently, and only for specified and legitimate purposes.

We apply the principles of data minimization, accuracy, storage limitation, and integrity and confidentiality. This means that we only collect the data necessary for a given purpose, keep it up to date, store it only as long as needed, and protect it with appropriate technical and organizational measures.

How personal data is used

Depending on your interaction with SSE, personal data may be processed for purposes such as:

  • administration of studies and education
  • communication with prospective students, applicants, and alumni
  • organization of events and activities
  • research and academic work
  • website functionality, analytics, and communication

Further details about specific processing activities, legal bases, and retention periods are provided in more detailed notices where relevant.

Legal basis for processing

SSE processes personal data based on one or more of the following legal grounds:

  • performance of a contract (for example, when you are a student or participant)
  • compliance with legal obligations
  • tasks carried out in the public interest
  • legitimate interests pursued by SSE
  • consent, where required (for example, for certain cookies or communications)

Data protection and security

SSE has established governance structures and processes to ensure that personal data is protected. A Data Protection Officer (DPO) oversees data protection work and supports the organization in maintaining compliance.

We implement appropriate technical and organizational measures to prevent unauthorized access, loss, or misuse of personal data. Data protection is integrated into our operations and continuously monitored and improved.

Your rights

Under GDPR, you have rights in relation to your personal data. These include the right to:

  • access your personal data
  • request correction of inaccurate data
  • request deletion or restriction of processing in certain circumstances
  • object to processing
  • receive your data in a portable format where applicable

If you wish to exercise your rights, please contact us using the details below.

Data sharing and transfers

Personal data may be shared with partners, service providers, or authorities where necessary for SSE’s activities or to comply with legal obligations. When we use external providers, we ensure that appropriate data processing agreements are in place.

If personal data is transferred outside the EU/EEA, SSE ensures that appropriate safeguards are implemented in accordance with GDPR.

Contact and complaints

If you have questions about how SSE processes personal data, or if you wish to exercise your rights, please contact:

Stockholm School of Economics
Email: info@hhs.se

You also have the right to lodge a complaint with the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten, IMY) if you believe that your personal data has been processed in violation of applicable legislation.

Further information

This page provides an overview of how SSE approaches privacy and data protection. More detailed information may be provided in specific contexts, such as applications, events, or digital services.