OSINT Analytics’ data protection declaration
This data protection declaration explains how OSINT Analytics collects and use personal information.
Osint Analytics, by managing director, is responsible for how the business handles personal information. Information of areas where the daily responsibility has been delegated to a member of staff, will be informed in detail in this declaration. The delegated tasks concerns only the tasks described, but the responsibility will always stay with the managing director. The declaration contains information you have a right to know about, when we collect personal information about you and also general information how we use and store this information. This is to make sure we compile with the EU General Data Protection Regulation (GDPR).
Processing personal data in OSINT Analytics
The basis for processing personal data is by an agreement from each user (unless anything else specified).
To be able to make use of the services of Osint Analytics’ products such as Tilskuddsportalen and Dr Tide, each user will have to give the following personal information (as a minimum):
- First name and last name
- Valid email address
- The organisation they represent
It is possible for the user to add more personal information on his/hers userprofile. This is completely voluntarily and has no significance for the use of the services.
Information that is being collected in conjunction with running and operating services are being saved on servers owned and operated by OSINT Analytics, and the servers physically stored in OSINT Analytics’ premises. It is only OSINT Analytics and their sub contractor CaddieSoft which have access to the information that is being collected. A data agreement regulates what information Caddiesoft has access to and how the data must be treated.
Statistics
OSINT Analytics collects un-identified information about visitors on their services and products. The aim for collecting these data is to prepare statistics which will then be used to improve and develop the services OSINT Analytics offers. Examples of what OSINT Analytics will look at includes number of visitors, the duration and also time of the day, popular search words and which browsers the visitors use.
The data will be treated as non-identifiable and aggregated form. When using the phrase «non-identifiable», this means that we can’t trace the data we collect back to each individual user.
We use Google Analytics as our analytical framework. The information received from Google Analytics will not be shared from OSINT Analytics to anyone outside of the organisation.
Cookies
Cookies are small textfiles which are places on your computer when you download a website.
To store and use the information collected from these cookies is not allowed unless the user has been informed about this and given his/her approval to the used.
The following information cookies are being used in OSINT Analytics’ web based products:
http://tilskudd.scan4news.com
PHPSESSID – session cookie
__utma – Used to distinguish users and sessions. The cookie is created when the javascript library executes and no existing __utma cookies exists. The cookie is updated every time data is sent to Google Analytics.
__utmb – Used to determine new sessions/visits. The cookie is created when the javascript library executes and no existing __utmb cookies exists. The cookie is updated every time data is sent to Google Analytics.
__utmc – Not used in ga.js. Set for interoperability with urchin.js. Historically, this cookie operated in conjunction with the __utmb cookie to determine whether the user was in a new session/visit.
__utmt – Used to throttle request rate.
__utmz – Stores the traffic source or campaign that explains how the user reached your site. The cookie is created when the javascript library executes and is updated every time data is sent to Google Analytics.
_ga Used to distinguish users.
http://*.tilskuddsportalen.no
PHPSESSID – session cookie
_ga Used to distinguish users.
_gid Used to distinguish users.
cw_locale_language users selected language
cw_locale_timezone users timesone
https://www.osintanalytics.com
NID – The NID cookie contains a unique ID Google uses to remember your preferences and other information, such as your preferred language (e.g. English), how many search results you wish to have shown per page (e.g. 10 or 20), and whether or not you wish to have Google’s SafeSearch filter turned on.
AEC – AEC cookie ensure that requests within a browsing session are made by the user, and not by other sites
CONSENT -Google uses the ‘CONSENT’ cookie, which lasts for 2 years, to store a user’s state regarding their cookies choices. Another cookie, ‘SOCS’, lasts for 13 months and is also used to store a user’s state regarding their cookies choices.
_ga Used to distinguish users.
_gid Used to distinguish users.
http://tilskuddsportalen.no
NID – The NID cookie contains a unique ID Google uses to remember your preferences and other information, such as your preferred language (e.g. English), how many search results you wish to have shown per page (e.g. 10 or 20), and whether or not you wish to have Google’s SafeSearch filter turned on.
PHPSESSID – session cookie
__cfduid – cookie is used to identify individual clients behind a shared IP address and apply security settings on a per-client basis. For example, if the visitor is in a coffee shop where there are a bunch of infected machines, but the specific visitor’s machine is trusted (e.g. because they’ve completed a challenge within your Challenge Passage period), the cookie allows us to identify that client and not challenge them again. It does not correspond to any user ID in your web application, and does not store any personally identifiable information.
_ga Used to distinguish users.
_gat Used to throttle request rate. If Google Analytics is deployed via Google Tag Manager, this cookie will be named _dc_gtm_<property-id>.
_gid Used to distinguish users.
Slik administrerer du informasjonskapsler (nettvett.no)
Search
OSINT Analytics saves the information about what keywords and search words visitors use in the free text search field. The aim with storing this information is to improve the information and search option on the products’ websites. The information is being saved in a separate database, and only saved in an aggregated form. It is only the search terms that are being saved, and cannot be connected to any other information about the users, for example IP addresses.
Posts, comments and sharing
All posts and comments on Osint Analytics’ netbased products will be saved in our systems.
Your name will be registered when you add or comment on a post in one of Osint Analytics’ netbased products, and this information will be available for all users as part of the comment thread. If you have published comments or posts that you would like to change or remove, please contact us on support@tilskuddsportalen.no and we can help you. However, please note that you have no right of having posts or comments deleted from the netbased product. If you delete your profile, the post or comment will still be visible, but your name will be removed.
When you create a post, comment on a post or share links in your groups (both closed and open groups) in Tilskuddsportalen, the information is being saved for the group you share it in, and OSINT Analytics saves this information. If you delete your profile, your posts and comments will still be available in the groups, but your name will have been removed from the post/comment.
E-newsletters
OSINT Analytics are sending out newsletters approximately once a month (via email). You have to have actively registered your email address for us to be able to send you these enewsletters, and you can sign up for these on www.tilskuddsportalen.no . OSINT Analytics use Apsis as the datahandler for the e-newsletters. Your email address is being stored in a separate database, will not be shared with anyone else and is deleted from the monthly email list if you cancel your monthly newsletter subscription. Please contact OSINT Analytics if you want us to permanently delete your email address from our systems, and we’ll be happy to do this for you.
Research
If OSINT Analytics are conducting any research, we will always inform about the aim for the research and whether it is anonymous or not. OSINT Analytics will not share the information received in conjunction with the research with anyone else, nor use the information for anything else other than what is informed about.
Anonymous research
If the research is anonymous, OSINT Analytics will not collect any information that can be connected to you.
Research where respondents can be traced/identified
If the research is not anonymous, OSINT Analytics can identify those who have answered the research. OSINT Analytics may also use our supplier Apsis to send out information regarding the research. Your email address will be shared with Apsis to facilitate the communication needed.
Archive
Osint Analytics are registering different types of personal information in their systems. This is information such as name and email address, and further personal information (voluntarily given). If a person would like to know what information Osint Analytics obtain about them, please enquire and the information will be provided. Information which might be required for certain complaints, will be handed over to the appropriate body as and when needed.
There are particular safety rules and routines in place for archiving and accessing very sensitive information, such as sensitive personal information. There are no requirements for giving sensitive personal information to use Osint Analytics’ web based products.
E-mail and phone
OSINT Analytics are using e-mail and phones as part of the daily communication. The manager in the department where the email or phonecall is received has the responsibility for following the set guidelines for handling personal information. The employees in OSINT Analytics also use e-mail as communication tool with internal and external contacts. Each employee is responsible for deleting messages that are no longer necessary, and once a year revise and delete unnecessary content in the email folders. No sensitive personal information will be sent via email. Normal e-mails is uncrypted, so we urge you to not send any sensitive information via e-mail.
When a person leaves working for OSINT Analytics, the person’s email account will be deleted together with all personal information that may have been obtained in the email communication. Some relevant emails may be transferred to colleagues for continued service.
Attendees at seminars and courses
When you sign up for a course or event organised by Tilskuddsportalen or OSINT Analytics, you will need to give your name, contact information and information about dietary or access requirements (if needed). Name and organisation may be published to other course attendees. If you don’t want your name to be published to other course attendees, please let us know when booking the event. Information about dietary or access requirements is only saved internally for OSINT Analytics own use, to ensure a smooth customer service and experience. If the attendee doesn’t want this information to be saved, please let us know when booking your space.
Data Protection Officer
To fully comply to the GDPR regulations, the management at OSINT Analytics have created an internal Data Protecion Officer, and Gunhild Bergene Moss is currently the Data Protection Officer. This is a voluntary position, and the aim is to make sure that OSINT Analytics are following the GDPR regulations.
One of the tasks for the Data Protection Officer is to support individuals’ rights to control the information about them held by OSINT Analytics. Those who may be in need of knowing this, can contact the Data Protection Officer Gunhild Bergene Moss. She can be contacted via email gunhild@osintanalytics.com or via phone on +47 62 52 13 00.
Logging i OSINT Analytics’ fagsystemer
OSINT Analytics have a security log system in place for all their servers and equipment, and the head of technology is responsible for this system. The system only registers the internal employees’ use of the technology.
Constitutional rights
Anybody enquiring about OSINT Analytics data protection policy have a constitutional right to receive information about this policy. OSINT Analytics have in this document given the information that is publicly available. If you are registered in one of OSINT Analytics’ web based products, you have a right to see what type of information that is saved. You also have the right to request that incorrect information about you will be edited or deleted. This request is free of charge and OSINT Analytics will reply with a suggestion of action within 30 days of receipt of the request.
Contact us
E-mail: sales@osintanalytics.com
gunhild@osintanalytics.com
Phone: +47 62 52 17 00
Address: Grønnegata 52, 2317 Hamar, Norway