Go to content

Data protection policy

The purpose of this policy is to inform you how we treat your data at the University College of Copenhagen (KP). We take our data responsibility seriously, and we make sure that the data processing is legal and transparent.

In order to best protect your personal data, we continuously assess our data processing risks, in order to avoid any negative effects on your basic rights. Should we process sensitive personal data, we will analyze the consequences of the data processing for your privacy and take the appropriate technical and organizational security measures to best protect your data.


If you have any inquiries regarding our processing of personal data, or would you like to exercise your rights to access or object to our data processing, you can contact us as follows. Be sure to use your work or study mail if you are an employee or student of KP when you contact us.

Mette Adler Nielsen, men@kp.dk
Lars Kofod-Jensen, lako@kp.dk

In agreement with the above, you can contact our Data Protection Officer (DPO) at
Email: kp@dpoteam.dk
Tel: +45 71 74 90 20

Our use of personal data

We use this type of data about you

KP uses data about you to manage your education or employment with us. We use data about you to improve our service and ensure quality in our educational offerings and other services, as well as in our communication with you.
The data we use include: 
Personal data – any information relating to an identifiable person who can be directly or indirectly identified
Social Security number
Special category personal data – the types of personal data which are particularly sensitive and private in nature, and therefore more likely to cause distress and damage if compromised:
Health related conditions (physical and mental health)

  • Traffic data on Internet usage
  • Transaction data
  • Unique numbers on network devices

As a general rule, KP never collects personal information without you having provided this information yourself by participating in, for example a study, registration for an event or course or as part of your education or employment with KP. However, KP may collect personal data in connection with cases relating to violation of rules of order, rules of employment, etc.
KP compiles data in anonymized or pseudonymised form for general statistics, as well as for training and organizational development.
We collect and store data for specific purposes
KP collects and stores data in order to:

  • Manage your relationship with us
  • Manage your education
  • Meet legal and contractual requirements
  • Improve our education and services
  • Conduct research
  • Customize our communications and marketing to you

We may need to use your personal data for other purposes than the original purpose

Unless you already have consented to the new purpose, we will investigate whether the original purpose of collecting your data is compatible with the new purpose. In this case, we evaluate the sources from which your data originates and whether it is common or sensitive information we need to use. We also assess whether using your data for the new purpose will have a negative impact on your freedom of action before we use these data.

We only process relevant personal data

We will only process data about you that is relevant and adequate in relation to the purposes defined above. The purpose is crucial to what type of data about you is relevant to us. The same applies to the extent of the personal data we use. For example, we do not use more data than we need for the specific purpose.

We only process necessary personal data

We only collect, process and store the personal data necessary to fulfill the purposes defined above. In addition, it may be determined by law what type of data we need to collect and store. The type and extent of the personal data we process may also be necessary to fulfill a contract, education agreement or other legal obligation.

We check and update your personal data

We verify that the personal data we process about you is not inaccurate or misleading. We also make sure to update your personal data on an ongoing basis. We will also ask you to provide us with relevant changes to your data. Change information can be sent from your KP mail to the Study Service (if you are a student in KP) or to HR (if you are an employee of KP).
We delete your personal data when they are no longer needed
We delete or anonymize your personal data when it is no longer necessary for the purpose that was the reason for our collection, processing and storage of your data, unless there are regulatory purposes that require us to store data.

We do not disclose your personal data

KP discloses personal data to third parties when this is justified by statutory requirements or in the case of investigative situations and audits.
KP discloses the following categories of personal data:

  • Salary and working hours information
  • Absence and vacation information
  • Information on study activity if a student has an educational requirement, is rehabilitating, etc. if KP is obliged to do so or if you have given consent that KP can disclose the information in question to an authority.
  • Information relating to payment of SU, e.g. leave, study activity, interruption or termination of education.
  • Information collected for research projects may be disclosed to collaborating partners if the research projects are carried out in collaboration with, for example, another educational institution, if you have consented to this.

They are passed on to the following categories of recipients:

  • Collaboration partners who are involved as co-educators
  • Agency for Modernisation – Ministry of Finance in connection with payroll and personnel administration
    Municipalities, internships, job centers, etc.
  • Danish Agency for Institutions and Educational Grants (Ministry of Higher Education)
  • Payment Denmark (Udbetaling Danmark) (information on maternity leave and length of sick leave in regards to reimbursement)
  • Authorized accounting firms in connection with audit of KP.

Personal information is disclosed to the police in specific cases in the case of police reporting for document fraud, theft, vandalism or other criminal matters. Personal information is also passed on to law firms in specific cases. personnel and study cases requiring special legal assistance.

Protection of personal data

KP ensures that personal data is stored securely and confidentially. We have information and security rules, that contains instructions and measures that protect your personal data from being lost, changed, and unknowingly passed on to strangers.
Personal data is stored in systems with limited access, so that only the relevant employees of KP have access to the personal data. Technical security measures in the form of two-factor validation, backup, logging, encryption, etc. have been implemented.
In the event of a security breach resulting in a high risk of compromising your data, we will notify you of the breach as soon as possible.

Use of cookies

If we use cookies, you will be informed of the use and purpose of data collected via cookies.
Before we use cookies on your equipment, we will ask for your consent. However, elementary cookies to ensure functionality and settings can be used without your consent.
Learn more about our use of cookies.
Use of cookies

Your rights

You have the right to access your personal data

At any given time, you have the right to know what data we process about you, where they originate from and what we use them for. You also have the right to know, for how long we keep your personal data and who receives data about you to the extent that we pass on data in Denmark and abroad.
If you request it, we may inform you of the data we process about you. However, access may be restricted for the privacy, business secrets and intellectual property of other persons.
You may exercise your rights by contacting us. Our contact information can be found at the top of this policy.

You have the right to have inaccurate personal data rectified or deleted

If you believe that the personal data we process about you is inaccurate, you have the right to have the data rectified. You must contact us and inform us of the inaccuracies and how they can be corrected.
In some cases, we will have an obligation to delete your personal data. This applies, for example, if you withdraw your consent. If you believe that your data is no longer necessary for the purpose for which we obtained it, you may request that it is deleted. You may also contact us if you believe that your personal data is being processed in violation of law or other legal obligations.
When you make a request to have your personal data corrected or deleted, we investigate whether the conditions are met and, if so, make changes or deletions as soon as possible.

You have the right to object to our processing of personal data

You have the right to object to our processing of your personal data. You can use the contact information at the top to submit an objection. We then assess whether your objection is justified. If your objection is justified, we will cease processing your personal data.
You have the right to receive the personal data you have provided to us. If you wish to access your data, have it corrected or deleted, or object to our data processing, we will investigate if it is possible and respond to your inquiry as soon as possible and no later than one month after we have received your inquiry.