The University of Stavanger (UiS) is responsible for the processing of personal data that we register, process and store in connection with your student and applicant relationship at UiS. This privacy policy provides you with information about how we process your personal information, what rights you have and who you can contact with inquiries concerning your personal information.
The University of Stavanger is primarily responsible for processing your personal data in the list of systems mentioned below.
The processing of personal data is a necessary prerequisite for being an applicant and student at UiS and is not based on consent.
The purpose of processing personal data is to safeguard your rights as an applicant, student, course participant, or doctoral candidate, and to fulfill the institution's tasks and obligations under the Universities Act, the Public Administration Act, and the Freedom of Information Act.
Processing personal data is necessary for UiS to:
- Process your application for admission to studies/exams/courses
- Perform necessary administration related to your studies and you as a student
- Document your educational results
The legal basis is either that the processing is authorized by the Universities and University Colleges Act § 4-15, that the processing is necessary to safeguard your interests as a student in the best possible way, or that we have a legitimate interest in the processing that outweighs any privacy disadvantage for you.
In some cases, we have also chosen to supplement the legal basis with consent declarations. For example, a student may need to give their consent if they require special arrangements in connection with exams, teaching, or leave.
Personal information is all forms of information and assessments that can be linked to you as an individual.
Information that is processed is: profile information (such as your name, birth number / D-number / S-number (11 digits), gender, contact information, information about your background, mother tongue, photo), application information, consent you have given, status ( such as residence permit and police certificate where applicable), semester registration information, invoice information and information related to your studies and courses.
In principle, sensitive personal information about you will not be stored or processed. Exceptionally, such information may be stored if necessary to facilitate your study situation. Examples of this can be health information in connection with absence, leave or accommodation.
Personal information comes from systems where you have entered the information yourself as well as from public systems such as the National Diploma Database or other universities / colleges. It is information that is necessary to safeguard your interests as an applicant and as a student.
Examples of systems:
- Applicant portal for Coordinated Admissions
- Application Web
- EVUweb
- Student Web
- Common Student System (FS)
- Student ID
- LMS (Canvas)
- Nomination
- UNIT4 ERP (finance and accounting system)
- National Diploma Database (NVB)
- Other universities/colleges
- Contact and Reservation Register
- Central Population Register (Folkeregisteret)
- Student Loan Fund
- Digital Exam Systems
- Faculty Web
- User Administrative System
- Card System (access cards)
- TP (timetable system)
- Kada (calendar data)
UiS may hand over or export data that contains personal information to other systems, ie an external data processor in those cases where it is deemed necessary. Your personal information will not be disclosed to countries outside the EU / EEA, or any international organizations.
Exceptions are for exchange students where UiS must share personal information about you to the partner institution abroad during the application process. UiS will strive to transfer as little information as possible, but the type of information our partner institutions require in connection with the nomination process will vary from country to country, from institution to institution and will also depend on the partner institution's technological adaptation.
UiS has assessed that UiS has a legal basis and a basis for transferring personal data to partner institutions. The privacy ombudsman has been consulted and supports UiS's assessment.
Personal information may be disclosed to the following parties / companies:
- SIKT – Knowledge Sector Service Provider (formerly NSD, Uninett, and Unit)
- USIT - University Center for Information Technology at the University of Oslo (UiO) (operates FS)
- Student Welfare Organization in Stavanger (SiS)
- Central Population Register (Folkeregisteret)
- Student Loan Fund
- Bouvet (provider of consulting services for the user administrative system)
- Instructure (provider of LMS)
- Watermark (provider of course evaluation module in LMS)
- Inspera Assessment (provider of digital exam system)
- Service Now (Sopra Steria provider of help-desk system)
- University of Oslo (provider of timetable system)
- ARX (provider of access control system)
- UNIT4 ERP (finance and accounting system)
- Other universities and colleges
- NOKUT - Norwegian Agency for Quality Assurance in Education
- BIBSYS / other library system provider
- Statistics Norway (SSB)
- REK – Regional Ethics Committee
- NIFU - Nordic Institute for Studies in Innovation, Research, and Education
- Directorate of Health
- Watermark (provider of student evaluation system)
- Tieto Evry (provider of case and archive system)
- Student Organization in Stavanger (SToR)
- Collaborating practice institutions
- Puzzlepart AS (provider of alumni system)
- TurnItIn (provider of plagiarism detection system)
- Lovdata (provider of digital legal source tool for teaching and exams)
- HK-dir - Directorate for Higher Education
- National Archives
- MOSO
- Notice of Attendance (attendance registration system)
- Other parties entitled to access your personal data under the Freedom of Information Act
UiS assures that your personal information is stored in accordance with the privacy regulations' rules for geographical storage. Any storage in third countries is done legally through the EU's accepted transfer mechanisms. If it is desired with specific information about where the individual personal information is stored, you can contact the privacy representative, see contact information given under the item "Contact".
Your personal information related to admissions and studies is basically stored forever in UiS 'databases. There are some exceptions:
- Documents for applicants who apply through Coordinated Admissions, and who do not get a study place, will be deleted when the admission is completed.
- Personal information related to sanctions, cf. the Universities and University Colleges Act §§3-7 (8), 4-8 (1) to (3) or 4-10 (3) is automatically deleted from FS six months after the sanction period has expired.
- If UiS receives information that you are dead, we will delete your contact information. Any applications for admission, registration for teaching, courses and exams, etc. will be drawn.
- We also store information about which logins and actions you perform in web applications, as well as your IP address. This is to have documentation of your registrations. This personal information is stored in FS and deleted after 12 months.
UiS conducts regular risk and vulnerability analysis to secure your personal information. In addition, security measures have been implemented, such as access controls to prevent more employees than necessary from gaining access to your personal information. All registrations are logged.
The Privacy Policy gives you a number of rights related to your personal information:
- Although this privacy statement provides a lot of information, you can request more in-depth information about how we process information about you and you have the right to access your personal information.
- If your personal information is incorrect, you have the right to have it corrected.
- Personal data we may not have a basis for processing must be deleted and you can demand that this be done if we have not provided it on our own initiative.
- You can request that we limit the use of your information.
- You have the right to so-called data portability and to request that your personal information be transferred to you or to another company in a structural, commonly used and machine-readable format.
- You may object to our use of your information. You can also oppose being the subject of fully automated individual decisions of a legal nature.
- If you believe that we process your personal data without a legal basis, you can complain to the Data Inspectorate, but we ask you to contact us so that we can partly take a position on your objections and partly that we can clear up any misunderstandings.
The privacy regulations have extensive provisions to the aforementioned and exceptions from certain rights may apply. If you wish to make use of the rights, please contact us, and we will respond to your inquiry as soon as possible, and normally within 30 days.
UiS has a privacy representative who will look after the privacy interests of both students and employees at UiS. Privacy representatives for administrative processing of personal data at UiS can be reached via:
•E-mail: personvernombudet@uis.no
• Address: University of Stavanger, PO Box 8600, 4036 Stavanger.