Privacy Notice
The IDI is committed to protecting your privacy. Where we ask you to provide us with any information by which you can be identified, you can be assured that it will only be used in accordance with this privacy statement, and in line with EU General Data Protection Regulation 2016/679 (“GDPR”).
On this page
- Who we are and how to contact us?
- Why and what personal data we collect from you?
- How do we collect the personal data from you?
- How do we share your personal data with other parties?
- How do we use Cookies?
- How to refuse cookies
- Security of your personal data
- How long do we keep your personal data?
- We keep your information up to date
- Your rights related to the personal data we collect
- Other websites
- Changes to our privacy notice
Who we are and how to contact us?
The INTOSAI Development Initiative (IDI) is a non-profit organisation based in Norway. We support Supreme Audit Institutions in developing countries in sustainably enhancing their performance and capacities. Note that in our engagement with you, we are responsible for the usage of your personal data. If you have any questions, please feel free to send an e-mail to Jianhua Qian, Coordinator with GDPR Compliance Responsibility: [email protected]
Why and what personal data we collect from you?
In short, IDI collects your personal data in order to meet our goals in supporting SAIs with performance enhancing and capacity building.
Personal data collected for all initiatives:
- Name, gender (for reporting purpose), language, designation
- SAI/organization, office address, postal code, e-mail address
Personal data collected for initiatives with qualification requirements:
- Educational background
- Working experience
In addition to the above, some personal data is collected based on how a specific event is organized:
Onsite events – for travel, accommodation and meeting arrangements
- passport copy
- mobile phone numbers (airport pickups)
- departure city/arrival city
- food restrictions (for meals arrangement)
- needs of persons with disabilities
- next of kin contact details
- banking details (only when you are entitled to reimbursements)
- itineraries/air tickets
- hotel check in/out information
eLearning courses (IDI Learning Management System)
- Username
- Users logs
- Assignments you submit
- Discussion forum records
- Test records
Webinars, online meetings and another online synchronous activities
- Audio
- Video
*Normally all webinars are recorded. If you have been sharing your audio or video during the sessions, such data will be collected.
Publications: articles, training materials, GPGs, reports
- photos taken during onsite events
Reporting and archiving
- name, SAI/organization, gender, e-mail address
- photos taken during onsite events
- result of tests *
- eLearning course grades, completion rate *
- record of certificates/diplomas *
- course/event attendance record
* not in all eLearning courses.
When you contact us by email, letter or on the phone, we may also store such information to help us process your request efficiently.
How do we collect the personal data from you?
We collect your personal data through the following channels:
- Online registration forms (Google Forms, Microsoft Forms, Limesurvey, and other online tools)
- Nominations from your Supreme Audit Institution (SAI) via e-mail or other means
Security of your personal data
We have implemented appropriate controls to protect your personal data against unauthorized access or accidental loss.
How long do we keep your personal data?
We do not keep your information for longer than necessary.
Retention period of your personal data depends on the purpose of which the information was collected. Specific time span is indicated in each data consent form. Once your personal data is no longer needed, or you withdraw your consent, we will delete your personal data.
IDI will regularly delete users who have not been active in IDI LMS for more than two years.
In the meantime, users can also remove their own personal data by deleting their user account at any time. A video tutorial on how to delete user account is available at: https://drive.google.com/file/d/1KVXh8Mm7nUyzWqvDUzYdeVnZ3FMn8Cqq/view
Documents and records stored in IDI financial system follow the Norwegian State Regulations in Financial Management. They are to be stored for 3 years and 6 months to 10 years after the end of the financial year, depending on the nature of the documents. (source: https://www.regjeringen.no/globalassets/upload/fin/vedlegg/okstyring/reglement_for_okonomistyring_i_staten.pdf )
However, personal data collected for “archiving and reporting” purpose will be stored for as long as our organization exists. Proper security measures will be taken to ensure the safety of your data.
We keep your information up to date
We want to make sure that any personal information we hold about you is accurate and up to date. Please contact us to correct or remove information you think is inaccurate.
Other websites
Our website contains links to other websites which are not run by IDI. This privacy notice only applies to IDI website. Therefore when you link to other websites, we advise you to read their own privacy policies.
Changes to our privacy notice
We keep our privacy notice under regular reviews and we will place any updates on this web page. This privacy notice was last updated on 18 December 2020.