Privacy Policy

Privacy Policy

PRIVACY POLICY PURSUANT TO ART. 13 REGULATION (EU) 2016/679 (“GDPR”)

STORies WEBSITE

The STORies website was developed under the 2PS project which has received funding from the European Union’s Horizon Europe Programme under grant agreement No. 101073949 and is coordinated by the Polish Platform for Homeland Security (“PPHS”).

The STORies website (“Website”) is maintained by the University of Bergen (UiB). This policy applies to all website users and its goal is to communicate how we collect and process your personal data.

INFORMATION ABOUT THE DATA CONTROLLER

The data controller of your personal data (“Controller”) is the the University of Bergen (UiB) with its registered office in: [University of Bergen, P.O.Box 7800, 5020 Bergen, Norway], having organizational number: [874 789 542].

The Controller can be contacted in writing, by post at the following address: [University of Bergen, P.O.Box 7800, 5020 Bergen, Norway], or by e-mail at the following address: [post@uib.no].

THE DATA PROTECTION OFFICER

The Controller has designated a Data Protection Officer, who can be contacted by post at the following address: [University of Bergen, P.O.Box 7800, 5020 Bergen, Norway], or by e-mail at the following address: [personvernombud@uib.no].

TYPE OF DATA PROCESSED

In the Website, data of the end users, processed by UIB, are the following:

• IP address
• Event logs related to the use of the website. The logs don't automatically link or track users across different sessions. The server logs containing IP addresses are processed by GoDaddy as the hosting provider. GoDaddy maintains these logs primarily for technical purposes like troubleshooting and security.

Data can be provided to UIB by both the end users themselves and their organisation.

PURPOSES OF THE PROCESSING AND LEGAL BASIS

Your personal data is processed manually (in paper format) or automatically (in electronic format). Data is used by UIB for the following purposes:

• Ensuring the security and the proper use of the website. UIB processes data of the end users to the extent necessary to ensure the security of the Website, as required also by relevant legal provisions on information security.

The legal basis of this processing is both the compliance with legal requirements, under Art. 6(1)(c) GDPR, and the legitimate interest of UIB and the organisation using the Website to protect it and the information here processed, according with Art. 6(1)(f) GDPR.

• Performance of statistical, analytical, and aggregated purposes and customer satisfaction level.

The legal basis of this processing is Art. 6(1)(f) GDPR since the statistical activities are conducted to improve the service on the Website as well as to improve the customer satisfaction level.

RECIPIENTS AND PROCESSORS

The data may be communicated to the following recipients:

• Third-party providers, when the communication of data is necessary for the operation of the Website and the activities related.
• Public entities when the communication of the data is necessary to fulfil legal requirements.

Regarding the possible transfer of data to countries not belonging to the European Economic Area (“EEA”), the related processing will take place according to one of the methods permitted by relevant laws, therefore by relying on adequacy decisions adopted by the European Commission or through the use of the Standard Contractual Clauses (“SCC”).

PERIOD OF DATA PROCESSING

We process and store personal data as long as it is necessary. When this data is no longer necessary for the above purposes, it will be regularly deleted. 

UIB may retain data to fulfil regulatory and/or contractual and tax obligations or in case of legal claims. Subsequently, when the reasons for the processing will cease, the data will be anonymized, deleted, or destroyed.

WHAT ARE YOUR RIGHTS?

As a data subject, you are entitled to exercise the following rights before UIB, at any time:

• Access your Personal Data being processed by UIB (and/or a copy of that Personal Data), as well as information on the processing of your Personal Data.
• Correct or update your Personal Data processed by UIB, where it may be inaccurate or incomplete.
• Request erasure of your Personal Data being processed by UIB.
• Request the restriction of the processing of your Personal Data.
• Exercise your right to portability: the right to obtain a copy of your Personal Data provided to UIB, in a structured, commonly used and machine-readable format.
• Object to the processing of your Personal Data.

Aside from the above means, you can always exercise your rights described above by sending a written request to UIB at the following address: [personvernombud@uib.no]. Please note that you may be asked to provide additional information for the purpose of verifying your identity.

In any case, please note that, as a data subject, you are entitled to file a complaint with the competent supervisory authorities for the protection of Personal Data, if you believe that the processing of your Personal Data carried out through the Website is unlawful. In Norway, the Data Protection Authority is the President of the Norwegian Data Protection Authority.

Using a VPN

For your additional privacy, you may wish to use a Virtual Private Network (VPN) when accessing this website. The topics discussed here can be of a sensitive nature, and a VPN can help reduce the exposure of your browsing habits to your internet provider, network administrator, or others who may monitor internet activity. This is an optional step for your protection; our own systems are designed to process only the minimal data necessary and are in full compliance with applicable data protection laws.

Cookie Policy

COOKIE POLICY PURSUANT TO ART. 13 REGULATION (EU) 2016/679 (“GDPR”)

This policy integrates the Privacy Policy pursuant Art. 13 GDPR available at: Article 13.

Cookies are small text files which are placed on your computer when you visit our website. Cookies help us to do different things, such as enabling certain features on our website.

WHO ARE “WE”?

In this cookie policy, “we” refers to the University of Bergen (UiB). According to the 2PS project's Grant Agreement, UiB is the institution responsible for maintaining the STORies website.

UIB is the data controller for the personal data processing occurring on the website, including the use of cookies. You can contact us at: [University of Bergen, P.O.Box 7800, 5020 Bergen, Norway], or by e-mail at the following address: [post@uib.no].

Whenever you have a question, a request, or an issue with the processing of your personal data, you can address that question, request or issue via e-mail to the UIB’s DPO at: [personvernombud@uib.no].

WHAT ARE COOKIES?

Cookies are small text files sent and stored on the user’s computer, smartphone or other device from which it connects to the Internet. Cookies are downloaded via the web browser during the first visit to the website.

Cookies do not change the configuration of the device used by the User, the files help to adapt the content of the website to the expectations, facilitate navigation on the pages and ensure the effectiveness of security procedures. Cookies also allow to assess what the Users’ preferences are, and how the website can be improved.

WHICH COOKIES DO WE USE AND WHY?

In general, we use two types of cookies, each with a specific purpose:

• Necessary cookies: these are cookies, which are strictly needed for the proper functioning of the website; and
• Anonymised statistical cookies: these are cookies, including from third-party providers, which help us analyse your use of the website, and that of other users, so we can optimize the site for a better browsing experience. While these cookies may contain personal data at the collection, we use the anonymization feature of Google Analytics to anonymize your IP address immediately after collection.

When you use our website, we will place the following cookies:

• Essential cookies (necessary for the website to function):

  1. _scc_session – maintains the user session (e.g., login, cart).
  2. _tccl_visit – identifies a user’s visit within the session.
  3. _tccl_visitor – identifies a returning visitor.
  4. intercom-device-id-q4y62t6c – device ID for Intercom chat functionality.
  5. intercom-id-q4y62t6c – user ID for Intercom chat functionality.
  6. cookieyes-consent – stores the user’s cookie consent preferences (technical).

  Non-essential cookies (analytics / marketing / tracking):

  1. _ga – Google Analytics, user identification for statistics.
  2. _ga_JHY6QRJHCW – Google Analytics, detailed tracking.
  3. _gcl_au – Google Ads, conversion measurement and advertising.
  4. _clck – Microsoft Clarity, behavioral analytics.
  5. _hjSessionUser_904797 – Hotjar, behavioral analytics.
  6. _uetvid – Bing Ads, remarketing and advertising.
  7. _cat – tracking ID, used for analytics/marketing purposes.
  8. tap_vid – user/session tracking ID.

You can view the list of cookies used on our website by clicking the blue cookie icon located at the bottom left or bottom right corner.

While technical cookies cannot be refused by the user of the Website, as they are functional to the Website itself, we require your prior consent as a legal ground for processing this information.

You can give your consent by clicking the “Accept All” button in the cookie banner.

You can withdraw your consent at any time by deleting the cookies stored in your browser. This does not affect the validity of the processing prior to your withdrawal of consent. You can find more information on how to do this on the websites of the respective browser manufacturers:

• Chrome:
  https://support.google.com/chrome/answer/95647?hl=en
• Firefox:
  https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
• Microsoft Edge:
  http://windows.microsoft.com/en-gb/windows-10/edge-privacy-faq
• Opera:
  https://help.opera.com/en/latest/web-preferences/
• Safari:
  https://support.apple.com/guide/safari/manage-cookies-and-website-data-sfri11471/mac

WHAT ARE THE PURPOSES AND LEGAL BASIS OF THE PROCESSING?

By using cookies, the following purposes are pursued:

• To enable the navigation of the Website and its smooth functionality. The legal basis for the processing is the provision to users of services related to the Website and the legitimate interest of UIB to have a functional website;
• To fulfil any obligations under applicable laws, regulations, or EU legislation, or to comply with requests from the authorities. The legal basis for the processing is the obligation of UIB to comply with mandatory legislation.

WITH WHOM DO WE SHARE YOUR DATA?

We will not share your data with anyone but the people working for UIB involved in the management of the website, as well as the service providers who help us process your data. Anyone who has access to your data will always be bound by strict legal or contractual obligations to keep your data safe and confidential.

You understand that our use of analytical and statistical cookies may imply that the third-party provider of those cookies, namely Google, may obtain certain information about you, including about your browsing behaviour.

Anonymised and aggregated statistics about the use of the website will not contain any information that can be traced back to you as a user.

Moreover, personal data may be disclosed to authorities, entities and/or parties to whom the data must be disclosed, pursuant to binding legal or contractual provisions.

TRANSFER OF DATA OUTSIDE THE EUROPEAN ECONOMIC AREA (“EEA”)

As for the possible transfer of data to Countries not belonging to the EEA, the processing will take place according to one of the safeguards prescribed by the GDPR and therefore by relying on adequacy decisions adopted by the European Commission or through the use of the Standard Contractual Clauses (“SCC”).

HOW LONG DO WE KEEP YOUR DATA?

Your personal data are only processed at the first moment of collection. Afterwards, we immediately use the anonymization features of Google Analytics to ensure that any information collected via cookies is anonymized. For more information on this process, please refer to:
https://support.google.com/
analytics/answer/2763052?hl=en.

We may keep reports and aggregated statistical data for up to 5 years after the 2PS project’s duration.

Please note, however, that some of the statistical cookies above, especially the _ga and _gid cookie, remain on your device for the whole duration of the indicated lifespan (unless you delete them manually). Each time you visit our website, these cookies will be collected again.

For the data whose processing is based on the consent of the data subject, it is specified that the same will be kept until such consent is revoked.

WHAT ARE YOUR RIGHTS?

When we collect and use your personal data, you enjoy a right of access, correction, erasure, data portability as well as restriction and opposition to processing your personal data, as well as to obtain in a structured, commonly used, and machine-readable format the data concerning you, in the cases provided for by Article 20 GDPR. In addition, you have the right to withdraw your consent to processing at any time, without affecting the lawfulness of the processing carried out by the Controller before the withdrawal.

Note, however, that where it concerns personal data processed through cookies, we anonymize immediately. We are therefore no longer processing any personal data after that point and hence, no rights can be granted.

If you have any complaints regarding the processing of your personal data by UIB, you may always contact us via the e-mail address mentioned above. If you remain unsatisfied with our response, you may file a complaint with the competent Data Protection Authority. As a natural person using our website, you may lodge a complaint with the Data Protection Authority of the Member State of your habitual residence, place of work or the place of the alleged infringement. In Norway, the Data Protection Authority is the President of the Norwegian Data Protection Authority.