Last modified: 01.11.2023
Content:
KA Admin is a study administrative system developed for colleges and vocational schools. When you apply for admission and study at the Norwegian School of Leadership and Theology, your personal information will be registered, processed, and stored in KA Admin. Several applications are linked to the study administrative system KA Admin. This means that data recorded in these applications is also stored in KA Admin. Data in KA Admin is reported in various contexts to several enterprises.
This privacy policy describes how the Norwegian School of Leadership and Theology manages your personal information in the KA Admin data system. The purpose of this privacy policy is to inform you about which personal data is processed, how it is processed, who is responsible for the processing, what rights you have, and who you can contact.
Personal information encompasses all forms of data, information, details, and assessments that can be linked to you as an individual. The crucial factor in determining whether a piece of information is personal data is whether the information can identify a specific person. Information that cannot be linked to an individual on its own may, in cases where the information appears together with other data, constitute personal information.
Purpose:
The purpose of processing personal data in KA Admin is to safeguard your rights as an applicant, student, or course participant, and to fulfill the institution’s tasks and duties according to the university and college law. For instance, the processing of personal data in KA Admin is necessary for Norwegian School of Leadership and Theology to:
Legal Basis:
The legal basis for processing personal data in KA Admin is the necessity of processing for the performance of a contract to which you are a party, or to take steps at your request prior to entering into a contract. This applies, for example, when you apply for admission to studies or courses. Additionally, processing may be based on a legal obligation, such as the duty of the institution to document your educational results. In some cases, the processing may be based on the institution’s legitimate interests, provided that your privacy interests do not override these interests.
KA Admin processes a variety of your personal information. This includes:
Your personal information can be obtained from:
Voluntary registrations
It is voluntary for you to register personal information in AdmissionWeb and SelfService, but without your personal information, it may be that we are unable to process your applications. In AdmissionWeb, you can register information about yourself related to applications for studies/registration for courses and documents you upload. This information may be necessary for us to be able to process your applications.
In SelfService, you can register your contact information such as address, telephone, and email address. This information may be necessary for you to be able to study at the Norwegian School of Leadership and Theology.
If a Norwegian educational institution has made a decision about sanction(s) for you which also affects your applicant/student relationship at other Norwegian educational institutions (pursuant to the university and college law §§3-7(8), 4-8(1) to (3) or 4-10(3)), the Norwegian School of Leadership and Theology will receive personal information about you through RUST. Only a select few individuals at the Norwegian School of Leadership and Theology will have access to this personal information. Please see the privacy statement for RUST.
Registrations made without your explicit consent:
In some cases, it is necessary for case workers at the Norwegian School of Leadership and Theology to register information about you related to your studies. Examples of this could be assessments related to admission applications, reasons for appealing grades, and registrations related to the completion of studies.
When you apply for admission to, and complete a program at the Norwegian School of Leadership and Theology, several processes in the handling of your application and your studies will be performed as manual and automated case processing. This applies in the following cases:
Manual:
Automated:
These processes are integral to ensuring that all necessary aspects of your educational journey are adequately and fairly managed.
As a general rule, all of your personal information is stored in Kong Arthur Admin (KA Admin) indefinitely. There are some exceptions:
If the Norwegian School of Leadership and Theology receives information that you have passed away, we will delete your contact information. Any applications for admission, registrations for teaching, courses, exams, etc., will be withdrawn.
isclosure or export of data is defined as any provision of data other than to one’s own system/processing or to the registered individual themselves or someone who receives the data on their behalf.
The Norwegian School of Leadership and Theology may disclose or export data containing personal information to other systems, i.e., external data processors, in cases where it is deemed necessary.
Your personal information will not be disclosed to countries outside the EU/EEA, or to any international organizations.
Your personal information may be disclosed to the following parties/entities:
If you are a customer of The Norwegian State Educational Loan Fund, information about you will be sent to them as soon as it is registered that you are a student. The following personal information is transferred to The Norwegian State Educational Loan Fund daily: National ID number/D-number (11 digits) and which university/college you have been admitted to as a student.
If you have completed an examination, information about you will be sent to The Norwegian State Educational Loan Fund. The following personal information is transferred to The Norwegian State Educational Loan Fund once a week: National ID number/D-number (11 digits), which university/college you have taken the exam at, exam result (passed/failed/not graded, if passed: also grade).
We transfer your personal information to The Norwegian State Educational Loan Fund so that you do not have to document your student status and completed education.
The Norwegian School of Leadership and Theology uses Moodle for teaching and sometimes also for exams. This means that eFaktor, the developer and operator of Moodle, will have access to your personal information. The following personal information is transferred to Moodle 12 times a day: student number, name, date of birth, email address, phone number.
The Norwegian School of Leadership and Theology uses the scheduling system TimeEdit to plan teaching and exams. TimeEdit AB, the developer and operator of TimeEdit, will have access to your personal information. The following personal information is transferred to TimeEdit on command: student number, name, and email address.
In order to use systems such as Moodle and TimeEdit, personal information is transferred from KA Admin to the mentioned systems. NetNordic Norway AS, which develops and operates such integration services that transfer data between systems, will have access to your personal information.
In cases of sanctions related to behavior
In cases where it is registered that Norwegian School of Leadership and Theology has made a decision on sanctions against you, this decision will in several cases be sent to RUST (Register for Excluded Students). The sanction decision is associated with one or more of the following: use of fake diplomas, disruptive/annoying behavior, dangerous behavior, serious breaches of confidentiality, gross indecency in practice or clinical teaching, cheating, attempted cheating, aiding and abetting cheating, or exclusion following a suitability assessment. If you have applied for admission to another Norwegian university/college during the sanction period, your personal information will be sent to this university/college. A few selected individuals at this institution will then have access to your personal information. In some cases, this also applies if you are registered for an exam. See the privacy statement for RUST.
In several cases, Norwegian School of Leadership and Theology sends personal information about you to NSD and DBH for research purposes and statistics. These are personal information related to:
In cases where Norwegian School of Leadership and Theology receives requests for access in accordance with the provisions of the Freedom of Information Act, the provisions of the Personal Data Act will not be able to restrict this right of access when the inquiry concerns personal information. Therefore, it may happen that Norwegian School of Leadership and Theology sends personal information about you to other parties than those mentioned in this privacy statement.
Norwegian School of Leadership and Theology regularly conducts risk and vulnerability assessments to ensure the security of your personal information in KA Admin. In addition, security measures such as access controls have been implemented to prevent more employees than necessary from accessing your personal information. All registrations are logged.
Right of Information and Access
You are entitled to receive information about how Norwegian School of Leadership and Theology processes your personal data. This privacy statement is intended to provide the information you are entitled to receive.
You also have the right to view/access all personal data registered about you Norwegian School of Leadership and Theology. You are also entitled to receive a copy of the personal data about you if you wish.
Right of Rectification
You have the right to have inaccurate personal data about you corrected. You also have the right to have incomplete personal data about you supplemented. If you believe that we have recorded incorrect or incomplete personal data about you, we ask you to contact us. It is important that you justify and possibly document why you think the personal data is incorrect or incomplete.
Right of Restrict Processing
In certain cases, you may have the right to demand that the processing of your personal data be restricted. Restriction of personal data means that the personal data is still stored but that the possibilities for further processing are limited.
If you believe that the personal data is incorrect or incomplete, or have filed an objection against the processing (see more about this below), you have the right to demand that the processing of your personal data be temporarily restricted. This means that the processing is restricted until we have corrected your personal data, or have assessed whether your objection is justified.
In other cases, you can also demand a more permanent restriction of your personal data. To have the right to demand restriction of your personal data, the conditions in the Personal Data Act and GDPR Article 18 must be met. If we receive a request from you for restriction of personal data, we will assess whether the legal conditions are met.
Right of Erasure
In some cases, you have the right to demand that we delete personal data about you. The right to erasure is not an unconditional right, and whether you have the right to erasure must be assessed in light of applicable privacy laws, i.e., the Personal Data Act and GDPR. If you wish to have your personal data deleted, we ask you to contact us. It is important that you justify why you want the personal data to be deleted, and if possible also specify which personal data you wish to have deleted. We will then assess whether the conditions for demanding erasure in the law are met. Please note that the legislation in some cases allows us to make exceptions from the right to erasure. For example, this will be the case when we are required to store the personal data in order to fulfill a task we are obligated to under the University and College Act and the Vocational College Act, or to safeguard important societal interests such as archiving, research, and statistics.
Right of Objection
You may have the right to object to the processing, i.e., to protest against the processing, if you have a particular need to stop the processing. For example, if you have a need for protection, confidential address, or similar. The right to object is not an unconditional right, and it depends on what the legal basis for the processing is, and whether you have a particular need. The conditions are stated in GDPR Article 21. If you file an objection against the processing, we will assess whether the conditions for filing an objection are met. If we conclude that you have the right to object to the processing, and that the objection is justified, we will stop the processing and you will also be able to demand erasure of the information. Please note that in some cases we may still make exceptions from erasure, e.g., if we are required to store the personal data in order to fulfill a task we are obligated to under the University and College Act and the Vocational College Act, or to safeguard important societal interests.
Right to Complain about the Processing
If you believe that we have not processed personal data in a correct and legal manner, or if you believe that we have not been able to fulfill your rights, you have the opportunity to complain about the processing. You can find information on how to contact us in section 11.
If we do not uphold your complaint, you have the opportunity to submit the complaint to the Data Protection Authority. The Data Protection Authority is responsible for ensuring that Norwegian companies comply with the provisions of the Personal Data Act and GDPR when processing personal data.
Data Controller
Norwegian School of Leadership and Theology is the data controller for personal data in Kong Arthur Admin, cf. GDPR Art. 4 No. 7 and §19 a. If you wish to exercise your rights as described in section 10 above, you can contact us at post@hlt.no. We will process your inquiry without undue delay, and within 30 days at the latest.
Data Protection Officer
Norwegian School of Leadership and Theology has appointed a Data Protection Officer (DPO) to safeguard the privacy interests of both students and staff at the College for Leadership and Theology. The DPO for administrative processing of personal data at the Norwegian School of Leadership and Theology can be reached via email: post@hlt.no
Service Provider
NetNordic Norway (NN) is the service provider for KA Admin. This means that NN develops and manages KA Admin and that NN is responsible for the daily operation of KA Admin. Through this work, selected individuals at NN have access to all personal data registered in KA Admin, including personal data sent to and from KA Admin.
Contact information for NetNordic Norway: NO-GDPR@netnordic.com
