Data management
All personal data is treated confidentially. The data are stored in encrypted and secure form in the University of Bergen’s solution for the secure handling of sensitive personal data in research, SAFE. SAFE is based on the "Norm for Information Security in the Health and Care Services" and ensures that information security regarding confidentiality, integrity, and availability is maintained when processing sensitive personal data.
Datasets provided from the KODEM-panels to researchers will always be modified so that individuals cannot be identified. The information respondents provide in the survey is treated confidentially. Any information that may identify you, such as open-text responses, will be edited or removed before further processing. This is done to ensure that users of the data cannot associate any information with the respondent personally. In addition, all individuals granted access to SAFE must sign a confidentiality agreement and are not allowed to export data from the system.
KODEM adheres to all research ethical guidelines for handling collected information. All personal data and responses you provide in the survey are handled in accordance with national research ethics guidelines and the provisions of the General Data Protection Regulation (GDPR). Data Protection Impact Assessments (DPIA) has been prepared for the panels, in collaboration with the Data Protection Officer at the University of Bergen and Sikt - Norwegian Agency for Shared Services in Education and Research.
The data processor for KODEM (Ideas2Evidence) (external link) uses the survey tool Confirmit to administer and manage the surveys. Confirmit is a globally recognized software system used for conducting online surveys and is used by many major survey organizations. Confirmit has offices both inside and outside the EEA. Data from the Panel of Elected Representatives will always be stored within the EEA and in accordance with European law. In rare cases, data may be processed by technical personnel at Confirmit in the USA. Measures have been taken to minimize this access so that, for the most part, data from the Panel of Elected Representatives in Confirmit remains inaccessible outside the EEA.
Please note that invitations to the survey will be sent from the email address @horizons.confirmit.eu, and will contain a link with the domain cnfrmt.eu or horizons.confirmit.eu.
Data privacy and protection
Storage and data processing related to the KODEM-panels takes place within the SAFE environment. Since the project involves collecting data from (voluntarily participating) respondents via web-based surveys, an address database is generated containing (a) personally identifiable information (name, email, phone number), and (b) personal information provided by the respondent in earlier surveys. This is necessary to conduct data collection.
Directly identifiable personal data (such as name, address, email address) are linked to the response data through a randomly assigned ID. Researchers do not have access to this linkage; it is accessible only to the data processor, and stored on a separate server within SAFE. A non-identifiable ID will follow the data to enable linkage with future surveys.
The data are stored in SAFE, the University of Bergen’s secure environment for the processing of personal data for research purposes. In some cases these data can make indirect identification possible. They will never contain directly identifying information.
Researchers may apply for access to the data in SAFE, and sign a confidentiality statement. They can then analyse the data in SAFE, and not export them.
In addition, an anonymized version of the data, with less information, will be available for use in research and education, distributed by Sikt- the Norwegian Agency for Shared Services in Education and Research. As of 2025, only the citizen panel is available for download from Sikt.
Voluntary Participation
The participation in this project is, of course, voluntary, and participants may withdraw from the panel at any time. If they choose to withdraw, their responses will still be protected as described above, and we will continue to treat them confidentially. If a participant wishes to have their personal data deleted, we will erase all information that could identify them in the dataset.
Rights
As a participant in a KODEM-panel you have the right to:
- access the personal data registered about you,
- have your personal data corrected,
- have your personal data deleted,
- receive a copy of your personal data (data portability), and
- file a complaint with the Data Protection Officer or the Norwegian Data Protection Authority (Datatilsynet) regarding the processing of your data.
What gives KODEM the right to process personal data?
The processing of personal data in KODEM is legally based on Article 6(1)(e) of the EU General Data Protection Regulation (GDPR): "necessary for the performance of a task carried out in the public interest", Article 9(2)(j): "necessary for scientific or historical research purposes", and § 8 of the Norwegian Personal Data Act, as well as your consent to participate.
If you are a participant with questions about KODEM or wish to exercise your rights, you can contact us at kodem@uib.no
If you wish to file a complaint about how your data is handled, you may contact the Data Protection Officer at the University of Bergen or The Norwegian Data Protection Authority (Datatilsynet). (external link)