Privacy Notice
Birralee International School Trondheim adheres to the following legislation
Lov om behandling av personopplysninger (personopplysningsloven)
GDPR Data protection
Rules for the protection of personal data inside and outside the EU.
Privacy Notice for Students and their Families
Who processes your information?
Birralee International School Trondheim AS is the data controller of personal information about students and their families. This means the school determines the purposes for which, and the manner in which, any personal data relating to students and their families is to be processed.
Why do we collect and use your information?
Birralee holds the legal right to collect and use personal data relating to students and their families. We may also receive information from other authorities such as previous schools, kindergartens or city councils.
We collect and use personal data in order to meet legal requirements and legitimate interests set out in Norwegian law and in accordance with GDPR, including those in relation to the following:
▪ Article 6 and Article 9 of the GDPR
▪ Norway’s Act of Private Schools (Frikoleloven)
▪ Norway’s Personal Data Act (Personsopplysningsloven)
The personal data of students and their families are collected and used for the following reasons:
▪ support our students’ learning
▪ monitor and report on their progress
▪ provide appropriate pastoral care; and
▪ assess the quality of our services
Which data is collected?
The categories of student information that the school collects, holds and shares include the following:
▪ Personal information – e.g. names, addresses
▪ Characteristics – e.g. language, nationality, country of birth
▪ Attendance information – e.g. number of absences and absence reasons
▪ Assessment information – e.g. curriculum assessment results
▪ Relevant medical information
▪ Information relating to special needs
▪ Behavioural information – e.g. number of temporary exclusions
Whilst the majority of the personal data students and families provide to Birralee is mandatory, some is given on a voluntary basis. This will be specified when the data is collected.
How long is your data stored for?
Personal data relating to students and their families is stored in line with the school’s Data Protection Policy.
In accordance with the GDPR, the school does not store personal data indefinitely; data is only stored for as long as is necessary to complete the task for which it was originally collected. Certain data may be retained for legal purposes.
Will my information be shared?
Birralee is required by law to provide certain information about our students/families to:
▪ The Norwegian Directorate of Education (Utdanningsdirektoratet)
▪ The Municipality the child is registered in (Kommune)
▪ The Norwegian Tax Administration (Skatteettaten)
▪ The Norwegian Labour and Welfare Administration (NAV)
▪ The County Council (Fylkeskommune)
Birralee will share the minimum information required to fulfill our obligations with the following third party processors:
▪ The School’s Accountant (Accountor AS)
▪ The School’s Auditor (Orkla Revisjon)
▪ The School’s Student Database Systems (Vigolo, CPOMS)
▪ Digital Learning Tools (Google Apps for Education)
What are your rights?
Families and students have the following rights in relation to the processing of personal data.
Families and students have the right to:
▪ Be informed about how Birralee uses personal data.
▪ Request access to personal data that Birralee holds about them.
▪ Request that their personal data is updated if it is inaccurate or incomplete.
▪ Request that their personal data is deleted where there is no compelling reason for its continued processing.
▪ Request that the processing of their data is restricted.
▪ Object to their personal data being processed.
Where the processing of data is based on consent, families/students have the right to withdraw this consent at any time.
Students or parents/guardians who have a concern about the way Birralee is collecting or using personal data, can contact the Principal or our Data Protection Officer. They can also raise the concern with the Norwegian Data Protection Authority (Datatilsynet).
More information?
Wilco van der Kaaden is the Data Protection Officer. His role is to oversee and monitor the school’s data protection procedures, and to ensure they are compliant with the European Union’s GDPR, as well as Norway’s Personal Data Act (Personopplysningsloven). For questions, our data protection officer can be contacted on 73 87 02 60 or w.vanderkaaden@birralee.no