Some pages on nih.no have forms you can fill out. This can be contact forms, registration forms for an event or subscription to our email newsletter. All our forms are designed so that we only request relevant personal data for the purpose of the form.
When you sign up for a newsletter or event and give your consent to the form, we also subscribe you to our email lists. You can unsubscribe at any time by following the link at the top of the last email you received, or let us know at email@example.com.
We retain your personal data as long as they are relevant to our professional relationship with you, or until you explicitly notify us at firstname.lastname@example.org to delete or correct them.
We will only use the information for internal analysis, and to send you information we think you will benefit from.
Only NIH employees have access to personal data that we collect. We do not pass on your personal data to the use of outsiders.
The privacy statement complies with the requirements set out in Article 12-15 of the GDPR Privacy Regulation.
This Privacy Regulation is the EU legislation in the field of privacy, and applies to the entire EU / EEA from 25 May 2018 (in Norway from July 2018).
By “personal data” is meant any information or assessment that may be linked to you as an individual, either directly or indirectly. In order for NIH to use (register, collect, disclose, etc.) personal information about you, we must have a basis as stated in the law.
What is a privacy statement?
A privacy statement describes what personal information is processed, how they are processed, who is responsible for the processing, what rights you have and who you can contact about your personal information.
NIH processes personal data:
- About you as a student, (applicant, former student, student and PhD candidate)
- About you as an employee and former employee
- About you as a research participant
All treatment at NIH shall be in accordance with applicable laws and regulations. NIH shall not process personal data to a greater extent than is necessary to fulfill the purpose of the college, which will be education, research, innovation, dissemination and administration.
NIH shall ensure that the treatment is carried out as specified in the law, whether it is consent, the consequences of the law / regulations or whether a treatment is necessary to carry out.
When handling or processing your personal data, NIH shall ensure that this handling constitutes as limited intervention as possible for the data subject (you), and that no information about you is used or stored for longer time than necessary, cf. data minimization requirements.
Where NIH uses individual information, the data subject (you) are entitled to access this treatment and learn the purpose and basis of the treatment.
All use of NIH's ICT infrastructure leaves electronic traces. NIH collects, analyzes and stores such electronic tracks to manage ICT infrastructure, ensure efficient and cost-effective operation, and to protect NIH's ICT infrastructure from threats and abuse. NIH's ICT infrastructure is provided with solutions for registration of activities (logging) and backups, among other things, to be able to document violations or non-compliance with internal rules and procedures, but also to detect breaches of the security of the ICT infrastructure. The collection, storage and use (and deletion) of electronic tracks is done in accordance with current legislation.
Data Protection Officer
At NIH we have our own privacy representative who can be contacted if there are any questions about the treatment: email@example.com .