This privacy statement provides information about how Norges Bank collects and uses personal data concerning members of the public, including visitors to the Bank's website and to the Bank's premises.
The privacy statement contains information you have a right to under the Personal Data Act when personal data are collected, and general information about how we process personal data you share with us.
Norges Bank works continuously to ensure that your personal data are processed in an appropriate and secure manner. Personal data refers to any information or assessment that can be directly or indirectly linked to you as an individual. Norges Bank treats information about you in accordance with the Personal Data Act and other relevant rules and regulations.
Norges Bank, as represented by the Governor, is the controller for the Bank's processing of personal data. The controller is responsible for ensuring that the processing of personal data complies with current privacy rules. The controller also decides the purpose of, and technical aids used for, the processing of personal data.
2. Processing of personal data
When you visit the Bank in person, register your e-mail address or visit the Bank's website, or contact the Bank in some other manner, the Bank receives various kinds of personal data from you. You can read more about this below. In some cases, personal data are collected from third parties. You will be informed of this, unless otherwise specified by law.
There are a number of legal bases for Norges Bank to process your personal data. These may include consent or a statutory authorisation.
Norges Bank may only disclose personal data if the Bank has a legal basis for doing so under the Personal Data Act or the General Data Protection Regulation (GDPR).
3. The purpose of processing personal data
The purposes for which Norges Bank processes your personal data may vary. The Bank processes personal data for the compilation of statistics and preparation of analyses, for sending out e-mail news alerts, for processing enquiries and receiving visits by the general public, for administrative purposes and to protect the security of Norges Bank.
4. The Bank processes personal data in the following manner:
As part of its effort to make its website user-friendly, Norges Bank collects data on page visits. The purpose is to compile statistics in order to improve the website and its editorial content.
Norges Bank uses Google Analytics' tracking code, which anonymises your IP address before the data are stored. The Bank is therefore unable to link information about your website usage to you as an individual and you cannot be identified.
By visiting the Norges Bank website, you consent to cookie storage on your computer. Although most modern browsers accept cookies automatically, you can change your browser settings to choose not to accept cookies. You can also delete existing cookies. You may experience reduced functionality if you choose to delete or not to accept cookies.
4.2. News alerts and RSS feeds
Visitors to the Bank's website may, if they choose, disclose their e-mail address in order to receive news alerts from the Bank. E-mail addresses are used only for sending out news alerts linked to selected topics, and news alerts may be stopped at any time. Your e-mail address is then erased from our database. The legal basis is your consent.
RSS (Really Simple Syndication or Rich Site Summary) may be used to subscribe for news about publications on the Bank's website. You will be alerted about new publications on the topics you have selected via an RSS feed. Norges Bank does not store information about the RSS feed you subscribe to. You administer the subscription yourself and can unsubscribe from the feed at any time.
If you are applying for a vacant position at Norges Bank, the application documentation is registered. Norges Bank uses this information during the application process as a part of processing your application after you have submitted it.
4.4. Debtor's right of discharge by deposit
Norges Bank processes personal data received by post or e-mail in connection with depositing cash or securities with Norges Bank and with the rules in the Act relating to a debtor's right of discharge by deposit as legal basis. This may be the name, address, account number and other information about the depositor and claimant(s).
4.5. Exchanging withdrawn banknotes and coins
Norges Bank processes personal data received when exchanging withdrawn banknotes and coins. These data may include name, address, e-mail, telephone number, account number, and in some case, a copy of a valid identification and/or certificate of probate. These data are collected pursuant to the Norges Bank Act.
4.6. Ordering informational material
To order informational material for banks and retailers, a user account must be set up with the user's name an e-mail address. Personal data are used to administer orders.
The legal basis for obtaining and processing this information is consent.
4.7. Security measures
For visits in person to the Bank's premises, we register your name and the company you work for, if any. You are also requested to identify yourself with a passport or driving licence.
Norges Bank's security measures include video surveillance of the Bank's premises and the recording of calls made to some phone lines. If a call is being recorded, this will be disclosed at the beginning of the call. Video surveillance and recording of phone calls are authorised by the Security Act and Norges Bank Act.
4.8. Research and analysis
Norges Bank collects personal data from third parties used for research and analyses that form the technical basis for the Bank's decisions connected with the conduct of monetary policy and with providing advice in the area of financial stability.
5. Information security
Norges Banks processes your personal data in a secure and appropriate manner, and personal data are protected against unauthorised access or unlawful use and against unintentional loss, destruction or damage. Access to your personal data is restricted to personnel with a job-related need for this.
Norges Bank has concluded data processing agreements that regulate all personal data shared with third parties that process personal data on the Bank's behalf. These third parties may not use personal data for purposes other than those specified in the data processing agreement with the Bank. They are also obliged to comply with the same levels of information security as Norges Bank.
7. Your rights
You have the right of access to your personal data that the Bank is processing and the manner in which it is processing your personal data.
Rectification and erasure
It is important that your personal data in the Bank's possession is correct. You may request rectification and/or erasure of personal data if it is incomplete or incorrect.
Erasure of personal data
Norges Bank erases personal data when retaining such data is no longer necessary for the purpose for the data were collected or for complying with statutory requirements. Norges Bank archives personal data that are subject to being archived under the rules of the Archive Act.
If you have questions about Norges Bank's processing of personal data, please contact the Bank at the following e-mail address: Personvern@norges-bank.no.