Skip to main content
Last updated: 04 June 2024
Created date: 04 July 2023

Privacy policy


Askøy municipality's privacy statement

The privacy policy of Askøy municipality describes how we process personal and health information that the municipality collects, and what rights the registered have.

Privacy and information security are important to us!

Askøy municipality must process your personal data in a legal and secure manner. On this page you can read about how we process your personal data, and what rights you have as registered in our systems.


What do the new data protection regulations (GDPR) mean?

In July 2018, Norway got a new personal data law. The law consists of national rules and the EU's personal data protection regulation (GDPR - General Data Protection Regulation). The regulation is a set of rules that apply to all EU/EEA countries.

There will be stricter requirements for documentation and risk assessments for businesses, and the rights of the registered have been strengthened in several areas.

The new rules include, among other things:

  • More transparency around the collection and use of personal data. The person who requests consent to use information must provide clear and unambiguous information about how the personal information is to be used.
  • Use of personal data must be justified and limited. It will not be permitted to collect or store personal data that you do not need. Information that is no longer needed must be deleted. Incorrect or incomplete information must be corrected.
  • Under certain conditions, you may have a right to take personal data from one business to another.
  • In certain cases, the data subject has a right to object to the processing of their personal data.
  • The registered person can avoid important decisions being made about him or her based on fully automated processing of personal data.
  • It will be possible to impose a significantly higher fee in the event of a breach of the rules than before

Suggestions for further reading: Article 5 of the Personal Data Act and the Personal Data Protection Ordinance

Why do we process personal data about you?

Askøy municipality collects and processes personal data that we need to carry out our statutory tasks and other services, as well as to be able to process applications we receive from you.

When we "process personal data", this means, for example, that we collect the data, register it, put it together, store it or hand it over to necessary parties who are part of the processing.

If Askøy municipality wishes to process personal data that is not necessary to carry out our statutory tasks, you will be informed that it is voluntary to provide the information and what the purpose of the processing of the personal data is (for example a survey).

The Personal Data Act og Articles 6 – 11 and 21 of the Personal Protection Regulation provides additional information.

What is the legal basis for processing your personal data?

In order for Askøy municipality to be able to deliver municipal services to you as a resident, it is necessary to process personal data. This also applies in relation to the municipality's employees, associations, businesses and other partners.

Here are some key laws and regulations that regulate the municipality's processing of personal data:

  • The European Data Protection Regulation (GDPR) regulates the municipality's processing of personal data.
  • The new Personal Data Act complements the Personal Data Protection Regulation (GDPR) in certain areas.
  • The Publicity Act with regulations contains the rules for when a document is publicly available to the public, and when a document is exempt from public access. Askøy municipality practices more openness (transparency). This means that the municipality, as far as possible, strives for documents to be public.
  • The Administration Act contains procedure rules for how your case will be handled. As a party to the case, you have special rights, including access to the case document
  • The Archives Act contains, among other things, rules for how and for how long documents are stored, as well as handing them over to an archive institution.
  • The Education Act contains rules on, among other things, the collection, use and storage of information for use in primary and secondary schools
  • The Health Register Act contains rules on how health information that is collected will be processed, as well as how it is secured, who has access and whether it can be disclosed to others.

Other relevant laws that give the municipality the opportunity to process personal data in order to fulfill its statutory tasks:

  • The Municipal Act
  • The Working Environment Act
  • Kindergarten Act
  • The Child Protection Act
  • The Social Health Services Act
  • The Health and Care Services Act
  • The Health Personnel Act
  • The Health Register Act
  • The National Insurance Act
  • The Nav Act
  • The Accounting Act
  • E-come the law

Consent

In some cases, the municipality can process personal data about you based on your consent. In such cases, you will be informed about what the processing entails, and actively asked to consent to the processing of your personal data.

You can withdraw your consent at any time. You must be informed of how you withdraw your consent when you give it.

Where do we get the information from?

We primarily collect information from you directly when you apply for municipal services.

When we offer statutory services to our residents, we can, if necessary, obtain information about you from other public authorities or public registers, for example tax assessment information or other information from the Tax Administration, NAV or the Folkeregisteret. We may also ask you to provide other types of information when, for example, you apply for a service.

You always have the right to know where we obtain information about you in connection with your services in the municipality. The individual service area must be able to inform you of this when you apply for a service.

What information do we process?

Askøy municipality processes personal data such as:

  • Identity (for example name, social security number, d-number)
  • Place of residence and contact information (for example postal address, residential address, e-mail address and telephone number)
  • Relationships with others (for example, marital status, spouse, cohabitant, children)
  • Information relating to the services that you as a resident use, for example daycare, school, health, building matters, renovation etc.

Within health and care, child protection and similar services, we also process information about health and personal circumstances.

We also process certain information about pupils' use of the municipality's digital tools as part of everyday school life.

Cookies

Our websites use cookies to offer you customized online services and give you a good user experience. A cookie is a small text file that is stored on your computer: cookies ("cookies")

How do we collect your personal data?

You provide your personal information via an online form on our website and other professional systems. The information in the form is sent electronically to Askøy municipality. We sometimes use paper forms to collect information.

The information you submit enables the municipality to carry out the proceedings.

Askøy municipality responds to citizens' applications digitally. This requires us to be sure that the recipient is the right person. You will therefore be asked to fill in your personal identification number in some forms. All personal data will be treated confidentially and will only be used for processing the case in question.

We collect the personal data from other public agencies, such as the Folkeregisteret, the Contact and Reservations Register, the Directorate of Labor and Welfare (NAV), the Directorate of Immigration (UDI), the Brønnøysund Registers and the County Commissioner.

How do we process your personal data?

In the municipality, we use electronic professional systems when we process cases or document that we provide services.

If you have provided information to the municipality, it will be transferred to an electronic specialist system. They are then used in case management. This applies regardless of whether you have submitted the information electronically or by post.

The information we have registered about you is active as long as we provide you with services or process your case. After this, the information is normally transferred to the archive. We must be able to document which services we have provided you or what has happened in your case. It is the legislation that determines how long we must keep this information.

Who has access to your personal data?

Employees in Askøy municipality shall only process your personal data when necessary for the solution of the task.

Processing of information takes place within strict legal frameworks. These must ensure privacy by providing predictability in what information is collected, who can use it and what it can be used for.

All employees in the municipality are subject to a statutory duty of confidentiality.

How do we take care of your personal data?

We protect the information in our registers in various ways. We have technical security solutions to ensure that:

  • unauthorized persons must not gain access to your information
  • the information about you is available when it is needed
  • the information cannot be changed or manipulated after it has been registered
  • notices in case documents, journals, etc. is logged.

We have also established routines and measures (internal control and internal audit) to ensure that only approved persons in the municipality have access to your information and that personal information is processed correctly.

Said duties appear from the Personal Information Act og Articles 24 and 25 of the Personal Data Protection Regulation.

To whom do we disclose personal data?

All employees in the municipality have a duty of confidentiality, and we can only disclose your personal data if you consent to it, or if the law requires us to do so.

This includes, among other things, delivery to:

  • Tax collectors
  • Higher academic authority (tax office, Directorate of Taxation, Ministry of Finance)
  • Other public agencies
  • Private financial institutions

When your personal data is processed in professional systems held by external suppliers, the municipality has a data processing agreement with the supplier to regulate the security surrounding the processing, and ensure that privacy is safeguarded in line with the law and regulations.

How long do we keep your personal data?

We store your personal data with us for as long as is necessary for the purpose for which the personal data was collected.

This means, for example, that personal data that we process on the basis of your consent will be deleted if you withdraw your consent. Personal data we process to fulfill a statutory duty is stored for as long as the legal authority requires it.

Note that the municipality will often have a duty to be able to document which services we have provided you or what has happened in your case, and that it is then the archive legislation that determines how long we must preserve this information.

Who is responsible for processing?

The municipal director in Askøy municipality is responsible for the processing of your personal data. The day-to-day responsibility is delegated to the municipality's business managers and/or ICT system owners.

What rights do you have?

If you are registered in our systems, you have certain rights under the Personal Data Act. This can you can read more about at the Norwegian Data Protection Authority, if you wish, or see this in brief below:

Information:

Transparency around the collection and use of personal data. The person who requests consent to use information must provide clear and unambiguous information about how the personal information is to be used.

Restriction

Use of personal data must be justified and limited. It will not be permitted to collect or store personal data that you do not need.

Data portability

Under certain conditions, you may have a right to take personal data from one business to another.

Right to protest

In certain cases, you have the right to object to the processing of your personal data.

Automated decisions

You can avoid important decisions being made about you based on fully automated processing of personal data.

Correction of errors, deletion of unnecessary information

If you discover that we have registered incorrect, out-of-date or incomplete information about you, you can request that this be corrected or updated. You can also request that information that is no longer necessary for the purpose for which it was collected be blocked or deleted. However, this does not apply if the information is to be stored in accordance with other legislation, for example the Archives Act. For requests for correction, deletion or blocking, you can use the same form as when you request access.

It is otherwise referred to the Personal Information Act og Articles 12 and 17 of the Personal Data Protection Regulation og the archive regulations.

insight

You can contact any of our departments and ask to know what kind of personal data we hold about you, what it will be used for and where it is obtained from. This applies to both electronic and manual registers.

You have the right to receive information about:

  • which specific personal data we process about you
  • where these are taken from
  • for which purposes and tasks they are used
  • how long the information is to be stored
  • to whom the information has been passed on (if the information has been passed on to someone else)

If you want access, you can use the form below. You must first identify yourself with BankID or similar, and then you can choose which personal data you want access to.

Form for requesting access under the Personal Data Act

If you do not wish to, or do not have the opportunity to use this solution, you can also contact the municipality's customer square at the town hall. There you can fill in a form after having identified yourself. In any case, your inquiry must be processed as quickly as possible, and within 30 days at the latest.

The Personal Data Act og Articles 12 and 16 of the Personal Data Protection Regulation has more detailed rules for this.

Party inspection according to the Public Administration Act

If you contact us with a complaint, we will normally refer to or attach your inquiry when we contact the party complained against. You can request that we do not state who you are when contacting the other party. However, it takes a lot to deny a party access to a case if he/she requests it. The municipality cannot therefore guarantee anonymity in the case of such enquiries.

Public access according to the Public Service Act

The main rule under the Public Administration Act is that administrative bodies' case documents are publicly available. This means that the press or others who ask about it will be able to familiarize themselves with the content of the municipality's case documents. Your inquiry to us will therefore also be public regardless of the form in which it comes.

However, the municipality handles a number of documents that contain confidential information. Such documents are exempt from public disclosure. Internal documents can also be exempted from public disclosure if there is legal authority to do so.

Processing of access requests shall be free of charge

When you request access, correction and deletion, this is basically free. (If access to records is required, the municipality will be able to demand a deductible).

Possibility to complain

If you believe that we do not process the personal data in the manner required by the regulations, you can complain to the Norwegian Data Protection Authority. Information on how you should proceed can be found on the Norwegian Data Protection Authority's website.

Surveys and the citizens' panel

Askøy municipality uses the SurveyXact tool to carry out surveys and look after the Citizens' Panel. Only employees responsible for the individual survey have access to the data.

Surveys

The municipality conducts surveys among users of municipal services (user surveys) and surveys among residents on various topics (citizen surveys).

For some surveys, we use your email address to invite you to participate in a survey. In this way, we ensure that everyone gets an opportunity to answer, and that no one can answer more than once in a desire to influence the result in one direction.

Answering the surveys is voluntary, and by answering the survey, you agree that we can process your answers.

In most surveys, e-mail and any other contact information that can identify you will be deleted when all the answers have been received. It is then no longer possible to link you to the answers you have given.

In some cases, contact information must not be deleted - for example because the survey must be a basis for further dialogue between the respondent and the municipality. Where this is the case, this is clearly explained in the survey invitation.

The Citizens' Panel

Participation in the citizens' panel is voluntary. By registering as a participant in the citizens' panel, you agree that we can send you invitations to participate in surveys, and to participate in workshops or similar events. The invitation will primarily come by e-mail.

Cookies

The purpose of our use of cookies is to obtain statistics and information about how our visitors use our websites, so that we can provide the most relevant information and the best possible user experience in the future.

The seas om informasjonskapsler.

How can you contact the data protection officer?

Askøy municipality has a data protection representative and a data protection group that you can contact if you have questions about the municipality's processing of personal data.

The data protection officer must work to safeguard data protection in a good way, both for employees and residents.

Contact information

Internally in the municipality, we have created a separate privacy group. This can be reached by email: personvern@askoy.kommune.no

You can also contact the Data Protection Officer directly:

E-mail: ombudskommune@bergen.kommune.no

Phone: 90 06 19 58

Letter:
Askøy municipality
v/the data protection officer
Klampavikvegen 1
5300 Kleppestø

As a general rule, all the municipality's case documents are public. Therefore, do not send e-mails to the municipality with information that you do not want to become widely known.

According to the Archives Act, the municipality is obliged to keep public records. All correspondence to and from the municipality must be entered in the journal.

This is a concise privacy statement with main rules. If there is a conflict between it and privacy legislation or other regulations, the latter takes precedence.


Did you find what you were looking for?

That was stupid, can you help us understand what you were looking for?

That was stupid, can you help us understand what you were looking for?

Similar articles

Also check


Lorem ipsum dolor