Privacy policy for students and applicants

The University of Stavanger (UiS) is responsible for the processing of personal data that we register, process and store in connection with your student and applicant relationship at UiS. This privacy policy provides you with information about how we process your personal information, what rights you have and who you can contact with inquiries concerning your personal information.

Published Updated on

Personal information is all forms of information and assessments that can be linked to you as an individual.

Information that is processed is: profile information (such as your name, birth number / D-number / S-number (11 digits), gender, contact information, information about your background, mother tongue, photo), application information, consent you have given, status ( such as residence permit and police certificate where applicable), semester registration information, invoice information and information related to your studies and courses.

In principle, sensitive personal information about you will not be stored or processed. Exceptionally, such information may be stored if necessary to facilitate your study situation. Examples of this can be health information in connection with absence, leave or accommodation.

Personal information comes from systems where you have entered the information yourself as well as from public systems such as the National Diploma Database or other universities / colleges. It is information that is necessary to safeguard your interests as an applicant and as a student.

Examples of systems:

  • The application portal for Coordinated Admissions
  • Application web
  • EVUweb
  • Studentweb
  • Common student system (FS)
  • Student ID
  • Nomination
  • Flyt
  • UNIT4 ERP (Finance and Accounting System)
  • National Certificate Database (NVB)
  • Other universities / colleges
  • Contact and reservation register
  • The Central Population Register (Folkeregisteret)
  • The loan fund
  • Digital exam system
  • Professional web
  • User administration system
  • Card system (access card)

Below are the most central purposes for which the personal information is used. The legal basis is either that the treatment is authorized in the Universities and University Colleges Act § 4-15, that the treatment is necessary to safeguard your interests as a student in the best possible way or that we have a legitimate interest in the treatment that exceeds any privacy disadvantage for you. In some cases, we have also chosen to supplement the legal basis with declarations of consent.

The purpose of the processing of personal data is to safeguard your rights as an applicant, student, course participant or doctoral candidate, and to fulfill the institution's tasks and duties under the Universities and University Colleges Act, the Public Administration Act (the Public Administration Act) and the Act on the right of access to documents in public activities (the Public Access to Information Act).

Processing of personal data is necessary for UiS to:

  • process your application for admission to studies / exams / courses
  • perform the necessary administration around your studies and you as a student
  • document your educational results

UiS may hand over or export data that contains personal information to other systems, ie an external data processor in those cases where it is deemed necessary. Your personal information will not be disclosed to countries outside the EU / EEA, or any international organizations.

Exceptions are for exchange students where UiS must share personal information about you to the partner institution abroad during the application process. UiS will strive to transfer as little information as possible, but the type of information our partner institutions require in connection with the nomination process will vary from country to country, from institution to institution and will also depend on the partner institution's technological adaptation.

UiS has assessed that UiS has a legal basis and a basis for transferring personal data to partner institutions. The privacy ombudsman has been consulted and supports UiS's assessment.

Personal information may be disclosed to the following parties / companies:

  1. SIKT - The knowledge sector's service provider (formerly NSD, Uninett and Unit)
  2. USIT - The University's Center for Information Technology at the University of Oslo (UiO) (operates FS).
  3. Studentsamskipnaden i Stavanger (SiS)
  4. The Central Population Register (Folkeregisteret)
  5. Lånekassen
  6. Bouvet (provider of consulting services for user administration system)
  7. Instructure (supplier of LMS)
  8. Watermark (supplier of course evaluation module in LMS)
  9. Inspera Assessment (provider of digital exam system)
  10. Service Now (Sopra Steria supplier of help-desk system)
  11. TimeEdit AB (supplier of timetable system)
  12. Kong Arthur AS (provider of integration services for timetable systems)
  13. ARX (supplier of access cards)
  14. UNIT4 ERP (Finance and Accounting System)
  15. Other universities and colleges
  16. NOKUT - National body for quality in education
  17. BIBSYS / other supplier of library system
  18. Statistics Norway (SSB)
  19. REK - Regional Ethics Committee
  20. NIFU - Norwegian Institute for Studies of Innovation, Research and Education
  21. The Norwegian Directorate of Health
  22. Watermark (supplier of student evaluation system)
  23. Tieto Evry (supplier of case and archive system)
  24. The student organization in Stavanger (SToR)
  25. Collaborating practice institutions
  26. Mira Network AB (supplier of alumni system)
  27. Unoriginal (supplier of plagiarism control system)
  28. Legal data (supplier of digital legal source tools for teaching and exams)
  29. DIKU - The Directorate for Internationalization and Quality Development in Higher Education
  30. CompetenceNorway
  31. The National Archives
  32. Other parties who under the Public Access to Information Act are entitled to access your personal information

UiS assures that your personal information is stored in accordance with the privacy regulations' rules for geographical storage. Any storage in third countries is done legally through the EU's accepted transfer mechanisms. If it is desired with specific information about where the individual personal information is stored, you can contact the privacy representative, see contact information given under the item "Contact".

Your personal information related to admissions and studies is basically stored forever in UiS 'databases. There are some exceptions:

  • Documents for applicants who apply through Coordinated Admissions, and who do not get a study place, will be deleted when the admission is completed.
  • Personal information related to sanctions, cf. the Universities and University Colleges Act §§3-7 (8), 4-8 (1) to (3) or 4-10 (3) is automatically deleted from FS six months after the sanction period has expired.
  • If UiS receives information that you are dead, we will delete your contact information. Any applications for admission, registration for teaching, courses and exams, etc. will be drawn.
  • We also store information about which logins and actions you perform in web applications, as well as your IP address. This is to have documentation of your registrations. This personal information is stored in FS and deleted after 12 months.

UiS conducts regular risk and vulnerability analysis to secure your personal information. In addition, security measures have been implemented, such as access controls to prevent more employees than necessary from gaining access to your personal information. All registrations are logged.

The Privacy Policy gives you a number of rights related to your personal information:

  • Although this privacy statement provides a lot of information, you can request more in-depth information about how we process information about you and you have the right to access your personal information.
  • If your personal information is incorrect, you have the right to have it corrected.
  • Personal data we may not have a basis for processing must be deleted and you can demand that this be done if we have not provided it on our own initiative.
  • You can request that we limit the use of your information.
  • You have the right to so-called data portability and to request that your personal information be transferred to you or to another company in a structural, commonly used and machine-readable format.
  • You may object to our use of your information. You can also oppose being the subject of fully automated individual decisions of a legal nature.
  • If you believe that we process your personal data without a legal basis, you can complain to the Data Inspectorate, but we ask you to contact us so that we can partly take a position on your objections and partly that we can clear up any misunderstandings.

The privacy regulations have extensive provisions to the aforementioned and exceptions from certain rights may apply. If you wish to make use of the rights, please contact us, and we will respond to your inquiry as soon as possible, and normally within 30 days.

UiS has a privacy representative who will look after the privacy interests of both students and employees at UiS. Privacy representatives for administrative processing of personal data at UiS can be reached via:

E-mail: personvernombudet@uis.no

• Address: University of Stavanger, PO Box 8600, 4036 Stavanger.