Skip to main content
SiS

Privacy policy

This is the privacy policy of SiS - Studentsamskipnaden i Stavanger. This privacy policy tells you how SiS collects and uses personal data. The goal is to provide you with overall information about our processing of personal data.

Our webpage is: https://minsis.no – «https» ensures safe communication on our web pages.

Personal data

SiS, through its CEO, is responsible for the processing of personal data. This policy is continuously updated.

Why do we need to store data?

When you, as a student, pay tuition fees to your higher education institution in the region, you get access to our offers. SiS does not currently have an exhaustive overview of which students have paid their tuition fees, so this must be documented by the students themselves. When you interact with our various departments and offers, there are different reasons for our gathering and storing certain information about you. We only collect what is needed to fulfil the processes necessary, and the data is only stored as long as we need it.

Our risk assessment shows that the most sensitive data is that concerning Psychologists, Nurses and Kindergartens. These have special routines to ensure that the information is secure. This is described below.

Below, you can find an overview of which data we handle in our various departments/offers, how it is stored, who has access to it, how it is secured, deletion routines and agreements with external data processors.

Psychologist

a medical record system, in accordance with the Health Personnel Act §§39 and 40, the Patient Records Act chapter 2 and regulations on patient records.

There are legal requirements for patient records regarding which information is to be written down. The journal can, for example, contain contact information, medical history and information about the current life situation. You may also be asked to respond to various mapping forms, these will then also be recorded. We are obliged to keep a record for 10 years before it is deleted from our record system.

We are subject to a duty of confidentiality in accordance with the Health Personnel Act, but with your consent, we can provide personal information to relevant partners, such as GPs, NAV (the Norwegian Labour and Welfare Administration), courts and other public bodies. Exceptions in special situations; in accordance with regulations on patient records, the Health Personnel Act, the Municipal Health and Care Services Act and the Child Welfare Services Act.

In our admissions form, we ask you to consent to us using SMS/e-mail to convey available appointments/changes to appointments. You can opt-out of such use of your contact information.

Your patient rights can give you the opportunity to access the medical record and the possibility to correct/delete medical record content, in accordance with the health legislation's rules on correction/deletion.

Records are kept in a system provided by an external supplier, where the processing of personal data is regulated by a data processor agreement.

School nurse

Personal consultation with the school nurse:

Name, date of birth and health-related matters are stored here.
This is authorised in the Health Personnel Act §4.
Data is stored in a paper-based journal. Only the nurse has access to this journal. Deletion takes place in accordance with the Health Personnel Act.

Self-testing:

Name, social security number and mobile phone number are stored here.
This follows a routine for testing and possible treatment for sexually transmitted diseases, per The Norwegian Directorate of Health.
The client fills out a form with information. The school nurse transfers the data to a requisition form which, together with a sample, is delivered to SUS, medical microbiology.
The information is stored in a paper-based journal. The nurse and SUS have access.
Deletion takes place in accordance with the Health Personnel Act.

In the event of a positive test, the nurse is notified by SUS and distributes antibiotics.
Form with name and social security number is delivered to Apotek1.

Kindergarten

Information about the child

For children enrolled in the kindergarten, the following are registered: name, date of birth, address, allergies, vaccination, nationality. Where necessary, mapping of any physical and/or mental challenges are stored.
This is necessary to allocate space, follow-up of the children, invoicing and HSE.
The information is stored in IST, ESA, children's folders and departmental folders. The general manager, assistant manager and pedagogical managers have access to this information. The data is password protected in the subject systems, and physical papers are stored in locked filing cabinets. There are routines for deletion.
There is a data processor agreement with IST and ESA.

Information about parents

For parents of children in the kindergarten, the following are registered: Name, date of birth, address, mobile number, e-mail address, nationality, income, studies.
This is necessary for the allocation of space, follow-up of the children, HSE, invoicing, communication.
The information is stored in IST, ESA, children's folders and departmental folders. The general manager, assistant manager and pedagogical managers have access to this information. The data is password protected in the subject systems, and physical papers are stored in locked filing cabinets. There are routines for deletion.
There is a data processor agreement with IST and ESA.

Information about interns from UiS

For interns from UiS, the following are registered: Name, e-mail address, mobile number, information about previous internships and strengths/weaknesses.
This is necessary to evaluate the intern during their practice.
The information is stored in student files in the kindergarten and shared with the practice teacher. The general manager of the kindergarten has access to the folders, which are stored in locked filing cabinets.

SiS housing

When applying for housing

The information you provide in your application is used for the prioritization and allocation of housing.
The information is stored in the subject system UniPluss.
Employees in SiS's housing department have access to the data.
The data is stored and deleted in accordance with routines in UniPluss.
SiS has a data processor agreement with UniPluss, Idfy and UniMikro.

When staying with us

Here is a complete privacy statement for persons living in SiS housing.

If you have a parking agreement with SiS housing

We store the name and registration number of the car in order to carry out a check of the parking spaces.
The information is stored in paper format in SiS's reception, and there is an annual deletion routine in place for this.

Event support

The information collected when applying for event support is necessary to be able to process cases and provide financial support. The information is stored in the subject system Freshdesk by Freshworks®.
The Accounting Act and the Bookkeeping Act with associated regulations regulate the storage of the data, as these are financial transactions.
Case officers and some employees in the accounting department have access to the information. Access is regulated by personal passwords. The information is stored on the operating provider's servers in the United States. These are GDPR compliant with Privacy Shield. There is a data processor agreement (DPA) with Freshworks.

Camera surveillance

SiS café has camera surveillance in café Optimisten in Kjølv Egelands hus. The monitoring goes to a closed system. Only the general manager of SiS café has the opportunity to log into the system. SiS café has its own written routine for logging in. Login of the camera system should only be done if there is a suspicion of a criminal act. The police are given access to the system in case of suspicion of criminal acts and by written request for access.

Who we share your data with

SiS will never disclose personal data about students/clients to third parties. The exception is where the legislation requires extradition. For example, the Accounting Act or in connection with insurance cases.

SiS will not publish student/customer data on social media, such as Facebook or Instagram, for processing by them.

Contact information

Inquiries about access and deletion are sent to sis@studentensbeste.no You will receive a response within one week at the latest.

Privacy policy for employees

Here you can find the privacy policy for employees at SiS.