How we process your personal data
What personal data does the City of Oslo process?
The type of personal data processed by the City of Oslo depends on the services you receive. For example, if you use a health service, the City will process the personal data necessary to provide you with this service.
Where do we obtain this data?
The City of Oslo collects data directly from you, from public records and, in some cases, from third parties. For example, the City collects data from the National Population Register (Folkeregisteret), run by the Norwegian Tax Administration (Skatteetaten), and the Contact and Reservation Register (Kontaktregisteret), run by the Norwegian Digitalisation Agency (Digdir) In those cases where the data is not obtained directly from you, it is collected with your consent or as authorised by laws or regulations.
How is your personal data protected?
The City of Oslo has a strong focus on data security and protects your personal data by means of access control, encryption, backup copying and tracing, for example. In addition, the City performs regular in-house audits, audits of its suppliers and risk and vulnerability analyses.
Do we disclose your data to third parties?
The City of Oslo may disclose your data to a third party when it has a statutory obligation to do so.
In addition, your data may be processed by the City’s ICT service providers. In such cases, the City will have entered into data processing agreements with the suppliers in order to ensure that they process the data in compliance with the Norwegian Personal Data Act.
Who is the Data Controller?
The Data Controller is the entity that decides the purpose for which your personal data will be processed. For the City of Oslo, the City Council has overall responsibility for the municipal processing of personal data and is therefore the Data Controller. Day-to-day responsibility for data processing is delegated to the City’s various entities and agencies.
How is data stored and deleted?
The Norwegian Personal Data Act requires the City of Oslo to delete all personal data that it does not have a statutory obligation to store and that is no longer needed.
Examples of such statutory obligations include the requirement to store personal data under the Norwegian Archives Act and the storage of data on income and assets under the Tax Act.
You will find information and details of services applicable to you. Here, you will also find letters you receive from the City of Oslo and application forms you have submitted. You also have the opportunity to reply to queries, submit information in arrears and continue to edit your application forms. My Page collects information about you concerning the areas you request and shows the information only to you.
Electronic dialogue with the City of Oslo
The City of Oslo can send letters to your private e-mail address or your digital mailbox. In certain circumstances, we will also send you a text message (SMS) to notify you of important matters. For example, you may receive an SMS notifying you of a ban on open fires and barbecues in the forests around Oslo (Marka), or a domestic hosepipe ban.