Privacy protection declaration

This individual privacy protection declaration explains how NIVA collects and uses personal information. The intention is to give you general information about our processing of personal information. The Norwegian Institute for Water Research (NIVA) is responsible for the processing of private information which we collect and store.

When does NIVA collect personal information?

We primarily process information which you have provided us for one of these reasons:

  • You are (employed with) a potential or active customer
  • You are (employed with) a potential or active partner in cooperation
  • You are (employed with) an authority related to our activities
  • You have signed up for a seminar, course or workshop
  • You subscribe to our newsletter
  • You have applied for a job here
  • You have an employee relationship with NIVA

NIVA can also receive information indirectly by:

  • An employee has submitted your name as their closest relative
  • A job applicant has named you as a reference

We use cookies

NIVA uses information capsules (cookies) to analyse patterns in the use of needed functions on the page. A cookie is a small data file which is placed in your web browser to supervise what occurs under your visit to the website and to recognize your computer. We use Google analytics on the collected data to improve functionality and user friendliness of the page.

We collect statistics about how the website is used to gain insights into what works, what can be improved or could be deleted. Examples of statistics that get collected are: numbers of hits (visits) on a page, how much time you spend on it and which components of a page are used.

Google Analytics uses cookies which start with _ga. These are erased after 2 years. Received information is subject to Googles guidelines for privacy. We have also switched on the function which anonymizes the IP-address before information is stored and processed by Google. Therefore, the stored IP address cannot be used to identify the individual user.


During page searches, information is stored via Google Analytics regarding which search words get used. The purpose of this storage is to improve our presentation of information. Only search words are stored, and these cannot be linked to other information about the users.  

Sharing of content via AddThis

addthis meny

All the web pages at give visitors the opportunity to quickly share the content on social media or email by using the AddThis toolbar (the left side menu).


Information about tipoffs is not logged by us. They are used there and then to send the pointers to the web society. However, we cannot guarantee that AddThis does not log information about use.  Read the AddThis privacy protection declaration here. Nor can we provide a guarantee for privacy considerations given by the social media you have used to share content from



Declining cookies

Most browsers are designed for acceptance for of cookies. You can set your browser to reject these. But this can bar you from the opportunity to use certain functions on other websites. Read more about how you administer cookies in your browser at

What is registered when you are in contact with us?

Email and telephone

Email to is reviewed and prospectively relayed to relevant receivers. We ask you to refrain from sending sensitive personal information or information needing protection via email, unless the information is in a password protected/encrypted enclosure. Email to is stored for a maximum of 5 years.

Telephone conversations (telephone numbers of caller and recipient, as well as the time of the conversation) is logged in a telephone central. This log is necessary for the administration and operations of the system. The information is erased after 3 months.  


Visitors who are allowed on their own to NIVA premises must sign a confidentiality statement and when necessary obtain an access card for visitors. The list of visitors’ access cards and signatures committing them to confidentiality is stored for two years after the end of a visit.   

Other visitors register themselves in a digital log at the entrance/reception, where the information is erased after 3 months.

Scientific discipline and customer system

Various elements of personal information in NIVA’s system for the documentation of project work and financial data are registered. This is basic data such as name, telephone number, email, residential address and billing address. The registration and storage are in accordance with archiving laws. The information that is stored is needed to fulfil the interests of the principal (tendering offers, entering customer contracts, invoicing) or following up obligations to partners in cooperation, authorities, etc.  


NIVA published newsletters as email to those who wish this service. In order to send you a newsletter we need to register your email address. The email address will be used to send out newsletters and possibly user surveys about the newsletter to obtain feedback about what the readers need and what they think interesting. The email address is stored in a dedicated database, is not shared with others and is erased when a user cancels the subscription. An un-subscribe link is always available in the emails we send out.


When NIVA issues questionnaires we will always inform about their purpose and whether they are anonymous. NIVA will not share the information with others or use the information for other purposes than named. If the survey is anonymous, NIVA will not collect information that can be linked to you. If it is not anonymous, NIVA can identify those who have answered the questionnaire. The processing of such data is in compliance with the privacy regulation article 6, no. 1a, where you agree to our processing of your information.  

When obtaining and processing personal information in research, NIVA has an agreement with NSD (Data Protection Services). NSD helps in securing and demonstrating that personal information for research purposes complies with the privacy regulations and the Personal Data Act.  

Seminars, conferences, courses

When people sign up for courses, conferences, etc., we usually require names, email addresses and similar contact information. Personal information is not used for other purposes than the form/registration is designed for.  


Information is registered in NIVA’s webstores which are needed for payment and postage. This information is not used for any other purposes.

Information about job applicants and employees

Job applicants

We need to process information about you if you are applying for a job at NIVA in order to consider your application. Contact information, CV, education and testimonials are registered and stored in an electronic portal. Information about jobseekers is erased after 1 year.


NIVA processes information about employees in order to administer salaries and work conditions. Such treatment is necessary to fulfil our contract with the employee.  Information is only disclosed in connection with salary payments and other legal releases. Information about names, positions and fields of work can be published on our webpages.

Assignment based employment/ contractual work

Agreements about assignment based contractual work or employment are made directly NIVA’s projects. Information about salary payments are stored with a limited access, but the person’s name and contact information are stored in the project documentation for the individual project. Such information is needed to fulfil the contract to which the registered person is a party. 


All who request such have a right to basic information about the processing of personal information in a business according to the Personal Data Act § 18, 1st section. We will ensure that registered persons can count on their rights being respected on our part. This includes the right of access to information, the opportunity to correct mistakes, have certain data erased, etc. A person can also make complaints about NIVA to the Norwegian Data Protection Authority.

We shall answer requests from registered persons without undue delay (within 1 month). Requests should be sent to:

Information security

NIVA has an ICT operations model in which the operations of certain systems have been delegated to external partners. All our ICT suppliers must sign a data processing agreement which regulates which information the supplier has access to and how it is to be secured and treated.

Last updated 27.01.2020