This statement explains how SIOS-Svalbard AS, hereafter called SIOS, collects and uses personal information.
The SIOS website is free and open to any user. Most of the functionalities can be used without registration. However, for some services, registration is required:
- to be able to provide the correct information to the user that requested the information
- to be able to manage required processing and storage capacity properly
- to serve members with an intranet
User registration is usually required for data transformation services or other services that actively utilise the basket functionality in the data search. This user registration will allow users to use other functionalities in the website, like commenting on articles where this is possible.
The user has full access to the user profile that has been created on the website and can manage his/her own account. Only authorised personnel have access to the user accounts and no profiling of users is done based on the information provided by users when registering. SIOS manages an internal person catalogue with contact information of people involved in SIOS during the interim and operational phase which is used to operate SIOS and its activities. Only SIOS Knowledge Centre (SIOS-KC) staff and website administrators have access to the catalogue.
In addition to the website SIOS has several services that require registration of user data:
- Funding calls (SESS report, access to RI, airborne remote sensing, SIOS core data curation, etc.). In order to process applications to funding calls and other opportunities, SIOS needs to collect personal information from the applicants and participants in the application. Such information may include name, phone number, e-mail address, affiliation, employment status, CV, and a motivation statement. All information is collected through a webform filled in by the principal investigator. When information about someone is entered by the principal investigator, SIOS-KC will ensure all parties involved in the project are informed about the information that is registered about them.
- Events, both online and physical (workshops, webinars, online conference, the annual meeting Polar Night Week). Participants are asked to register up front, in order to allow planning of the workshop, e.g. room size, number of breakout groups, catering etc. Participants must consent to specific conditions during registration. Information collected may include name, e-mail address, affiliation, and (for physical meetings) date of arrival/departure and dietary needs.
- Newsletter to inform those who have subscribed to this service about news on upcoming calls, training courses and other opportunities and activities within the SIOS community. Subscribers have to consent to a separate GDPR declaration.
Application of cookies
SIOS is only using cookies for functional purposes (to maintain an authenticated user session). These cookies do not contain any personal information and will disappear after 23 days. SIOS is not using Google Analytics or similar in the central service (www.sios-svalbard.org). Users of the SIOS Data Access Portal are directed towards dataset landing pages served by data centres hosting the actual data. SIOS has no control of services used by these data centres.
Analysis of web server logs
The SIOS website and data portal is running in the infrastructure of the Norwegian Meteorological Institute (MET). Network traffic in and out of MET’s network is logged by different infrastructure components. These logs can include information that can be associated with individuals, such as IP addresses. The purpose of the logs is to prevent the misuse of MET’s services, deal with cyberattacks and evaluate usage of the services (only information from the web servers running user-oriented services like the website and data search interface). The logs are stored on servers operated by MET with access restrictions to ensure that only authorised use is possible. Analysed results are always presented in aggregated form when an evaluation of usage is done.
In addition, the data management part of the SIOS website contains information about datasets. These datasets are hosted by a number of data centres that have their own logging of traffic. SIOS has no influence on how these logs are used and refers to the GDPR statements of these data centres.
Sharing of information
SIOS does not share information on individual users with third parties (except for our data processors) if not explicitly stated otherwise in the respective application or registration form.
You have the right to basic information on the processing of personal data in an organisation. SIOS has provided this information in this statement and will refer to it upon any requests.
We do not process or store personal data longer than deemed necessary for intended purpose or required according to agreements made, and never beyond limits imposed by law. If you are a registered user of any of our services, you are entitled to access your own data. You have the right to correct and delete personal data and data portability. Even if you have previously consented to storage of your personal data, you have the right to change your mind. You have the right to complain to the Norwegian Data Protection Authority if you believe the processing is contrary to regulation.