Privacy policy – Conference store

Overview

This document describes how the National Library collects and processes personal data in accordance with the general data protection regulation (GDPR) (2018).

At the bottom of the page you will find information about your rights as a registrant together with general information about how the National Library processes your personal data. Do not hesitate to contact the library if you have any questions about personal data processing that you cannot find answers to in this document.

Contact information

Data controller: National Library of Norway

Data protection officer: Pål Rosseland Tvedt

Queries about privacy should be addressed to personvern@nb.no

Processing of personal data relating to individuals participating in events organized by the National Library of Norway

1) For audience members

Systems: Questback
System: WordPress

Purpose: To manage event registrations.

Processing activities: Collection and storage of personal data.

Categories of personal data:
Email address, name, workplace/institution, food allergies (if food is served in connection with the event).

Legal basis:
GDPR Article 6(1)(a) and Article 9(2)(a) – consent
GDPR Article 6(1)(b) – performance of a contract

Retention period:
Personal data will be deleted once the event has been completed.

2) For participants on stage during events

System: Wowza Flowplayer

Purpose: Live streaming and permanent recording of events (audio/video).

Processing activities: Storage and making personal data available.

Categories of personal data:
Name of the participant on stage, audio/video recordings.

Legal basis:
GDPR Article 6(1)(a) – consent

Retention period:
The livestream is only available during the seminar/event. However, the recording is stored for as long as it remains relevant or for as long as retention is required for historical, statistical, or scientific purposes.

Processing of Personal Data for Those Who Wish to Pay by Bank Card in the National Library’s online Conference Store

System: Nets (Easy), payment by bank card

Purpose: Facilitate users to pay by bank card in the National Library’s online store.

Data processing:

• Sharing, storage, and collection of contact information
• Sharing, storage, and collection of order information
• Sharing, storage, and collection of payment information

Personal data categories:

• Name
• Address (billing address)
• Email address
• Phone number
• Payment information (account number, card number, expiration date, security code, cardholder’s name, amount spent, transaction date, and payment method)

The information is collected directly from the users in the online store, using a form that the user fills out. The information is sent to Nets when the user completes the payment.

Basis for processing: Article 6 (1) b – Processing is necessary for the performance of a contract.

Limitation: The information shall not be processed for other purposes.

Period of storage: All information is deleted when it is no longer necessary to fulfil the agreement.

The Freedom of Information Act, archiving legislation and the Public Administration Act:

The National Library is subject to the Freedom of Information Act. The Freedom of Information Act and associated regulations stipulate when a document should be made accessible to the general public and when it should be exempt from public disclosure. This means that your communication with the National Library may be placed in the public domain.

The Public Administration Act contains provisions on processing, including rules on confidentiality. As party to a case, you are granted certain rights, e.g. access to the case documents.

The Archival Act, the Archives Regulations and the regulations issued by the Director General of the National Archives all contain rules on how the National Library should treat and store case documents and transfer them to institutional archives.

How does the National Library keep your personal data safe?

The National Library has adopted the necessary technical and organisational security measures to ensure the safety of your personal data in compliance with the GDPR.

Please note that we are unable to guarantee the safety of personal data being transferred over the internet. Communications sent over the internet, e.g. emails, are not secure, although security can be improved by encrypting them. We therefore advise you not to send personal data to us via the internet unless you accept the security risk it poses.

Breaches of the terms

A breach of the terms for the use of materials provided by the National Library’s services may result in temporary or permanent expulsion from the service.

Contact information

If you would like to request rectification, erasure or access to data we hold on you or if you have any other questions about how we process your personal data, please contact us by email: personvern@nb.no

Complaining to the Norwegian Data Protection Authority

You are more than welcome to contact us if you object to the way we process your personal data. You may also complain to:

The Norwegian Data Protection Authority
Postboks 458 Sentrum
0105 Oslo
postkasse@datatilsynet.no