Personal data is all data that relates to you directly or indirectly as an individual. Everything we do with your personal data, including its collection, registration, compilation, storage and disclosure, is referred to as “processing”.
1. Who is the data controller?
The Storting, through its Secretary General, is the data controller, and is consequently responsible for the Storting’s processing of your personal data. The data controller determines how and why your personal data is processed.
The department or section that processes your personal data in order to carry out its duties is responsible for the day-to-day processing of the data.
2. The Storting’s data protection officer
The Storting has appointed a data protection officer, whose role is to be a professional resource within the field of privacy and data protection. The data protection officer is not subject to the authority of the Storting’s management in the exercise of her duties.
You may contact the Storting’s data protection officer if you should have questions about the Storting’s processing of your personal data. You will find contact details at the end of this privacy notice.
3. Why does the Storting process your personal data?
The Storting processes your personal data so that it can perform the duties and services it is charged with carrying out.
4. How does the Storting collect and record your personal data?
The Storting processes the personal data that is necessary for performing the duties and services it is charged with carrying out. The nature of the duty or service in question will determine exactly which personal data is collected and recorded.
4.1. Security and access
We collect personal data to ensure the security of the Storting.
When you visit the Storting, you must pass through a security control and show proof of identity. All visitors to the Storting are recorded in our visitor system. We record your name, the company or organization you represent, and the name of the person you are visiting. When we receive applications to take part in a hearing, we record the name, telephone number and email of the organization’s contact, and the name and title of all those taking part. Applications and participant lists are archived. The data that is recorded in our visitor system is stored for 90 days.
All the Storting’s buildings are monitored by video surveillance. Photos and video footage from the Storting’s video surveillance is erased automatically after seven days. Video footage of incidents that may lead to a police investigation may be stored for up to 30 days.
4.2. Visits and guided tours
The Storting arranges visits for school parties and other members of the public. On the Storting’s website, you can sign up for such activities as guided tours, educational games, work placements for school pupils, and teacher training courses.
In such cases, the purpose of processing your personal data is so that we can receive and process applications and registration forms as efficiently as possible.
We collect the following personal data:
- Registrations for guided tours and educational games: the name, telephone number and email of the contact.
- Application for financial support (educational games): the name, telephone number and email of the class contact.
- Work placement application for school pupils: the name, telephone number (alternatively of the pupil’s legal guardian), email, school and county.
- Registration for courses and seminars arranged by the Storting: the name, address, telephone number and email. If relevant: the school, county, and information about dietary requirements.
The personal data is stored for up to 18 months.
4.3. Freedom of information requests
The Freedom of Information Act and rules pertaining to access to the Storting’s documents give right of access to documents relating to the Storting’s parliamentary activities and the work of the Storting’s administration.
When we receive a freedom of information request, we record the name, address, email, postcode and postal district of those who have contacted the Storting. All freedom of information requests are archived.
4.4. The press
The public has the right to follow the political activities of the Storting. For this reason, the press must have the necessary access to the political and parliamentary business that takes place in the Storting.
The Storting collects the personal data of the members of the Storting’s Parliamentary Press Club so that we can issue access passes. We collect the following data: name, date of birth, telephone number, email, title, work address and editorial office/company. We also record the home address of retired members.
Members of the press who do not have a press card may apply for a visitor’s pass. In this case, we record the name, date of birth, telephone number, email, place of employment and position.
Press enquiries are recorded and stored in the Storting’s document processing system for the receipt of such enquiries. This system records the name, media company, email and telephone number of those who make enquiries.
4.5. News services
The Storting provides various news services by email. When you sign up for these news services, we collect your email address. The email address will only be used for the specific news service or services you have signed up for. If you would like to terminate a subscription, your email address will be erased.
In our efforts to develop and improve our services, we store anonymous user statistics from the subscription services for the purpose of analysis.
4.6. The Storting’s website and social media platforms
The principal aim of the Storting’s website is to increase public understanding of the work of the Storting, and to enable individuals and organizations to make use of their democratic rights.
The Storting is the data controller for the content of its own social media platforms. Personal data that is published by the Storting’s social media users is not used for other purposes.
These files can only be read by www.stortinget.no and the user herself. Among the reasons for using cookies is to see if a user has visited the website before; if so, when; and which website the user came from. Use of the website cannot be traced back to the individual user.
The Storting and the contractors it uses for maintenance, development, and website searches process this data.
Cookies do not contain personal data. You may block the storage of cookies on your computer by changing the settings on your web browser.
Click here for an overview of the cookies that are in use on stortinget.no (Norwegian only)
4.6.2. Web analytics tools for statistics and surveys
The Storting removes the final digits in the user’s IP address before the data is stored by Google Analytics. This enables the analytics tool to estimate the user’s geographical location, but the address cannot be used to identify the individual user.
All the data collected is subject to Google’s privacy rules.
5. How does the Storting process your personal data?
The personal data we collect is recorded in various systems used by the Storting. Only personal data that is necessary for processing purposes is recorded.
Employees in the Storting’s administration who use the different systems in their work will have access to the recorded data in the system in question. These employees shall only process the personal data when it is necessary for carrying out their work responsibilities. A necessity assessment is used to limit access to the processing of the personal data.
6. How does the Storting keep and store your personal data?
The Storting stores your personal data for as long as it is necessary to achieve the purpose of the processing, or for the time required in accordance with other legislation.
In cases where a third party processes personal data on behalf of the Storting, the data will be stored and erased in accordance with the law and the data processor agreement.
In certain cases, it will be necessary to store the personal data in paper form. This storage must take place properly and securely.
7. How does the Storting share your personal data?
Your personal data will only be disclosed to a third party when it is necessary for performing the duties and services the Storting is charged with carrying out.
The Storting employs external contractors to carry out various duties and services. In such cases, both parties must sign a data processor agreement to ensure that the personal data is processed in accordance with prevailing privacy regulations.
8. Your rights
8.1. Right of access
You have the right to information about which specific personal data the Storting processes about you, and for which purposes the data is used. You have the right to know where your own personal data has been collected from, whether it has been disclosed to others, and, if so, who has received the data.
8.2. Right to withdraw your consent
If your consent is necessary as a basis for processing the personal data, you have the right to withdraw your consent.
8.3. Rectifying and erasing personal data
If you detect that the Storting has registered unnecessary, incorrect, out-of-date or incomplete personal data about you, you have the right to have this data rectified or updated.
8.4. Right to complain about how your personal data is processed
The aim of the privacy regulations is to protect the individual by ensuring that the personal data is not processed in such a way as to violate their privacy. The Norwegian Data Protection Authority (Datatilsynet) is responsible for making sure that the privacy regulations are followed.
If you believe that there has been a breach in the privacy regulations, you have the right to complain. You may do this by sending a written complaint to the Data Protection Authority. The Data Protection Authority will then decide whether the case should be pursued.
9. How does the Storting protect your personal data?
Your personal data will be protected through the Storting’s IT systems. The systems and software that process personal data are protected by access control (username and password). Access to such systems is limited to those with service needs.
10. Contact details
Please direct any questions you may have about privacy at the Storting to Kathrine Martinsen, the Storting’s data protection officer.
Tel: (+47) 23 31 25 37 / (+47) 98 02 11 46