Personvernerklæring for Urkund - Ansatt

Privacy Statement for Ouriginal

Privacy Statement for Ouriginal

This privacy statement describes how OsloMet handles your personal data in the Ouriginal data system. The purpose of this privacy statement is to inform you about what personal data is processed, how it is processed, who is responsible for the processing, what rights you have, and whom you can contact.
Published
Latest update

1. What is considered personal data?

Personal data encompasses all forms of data, information, details, and evaluations that can be linked to you as an individual, according to GDPR Article 4 No. 1. The determining factor for whether a detail is personal data is whether the information can be linked to an identified or identifiable natural person.

Information that alone cannot be linked to an individual may, in cases where it occurs together with other data, constitute personal data if it indirectly identifies a person.

2. About Ouriginal

Ouriginal is a text recognition program that has access to the open internet, our private database, and a shared Ouriginal database. When we upload a document to Ouriginal, it will show how much of the document has text similarity with available documents.

Ouriginal is linked to Inspera and Canvas, which are used as submission platforms for Ouriginal.

OsloMet shares answers with Ouriginal's shared database. This means that we share excerpts of texts with selected universities and colleges in Norway, and that all submissions produced at OsloMet and checked for similarity will thus be available as sources for other educational institutions in Norway.

Full submissions are not available in the shared database – only text excerpts.

3. The purpose of, and legal basis for, processing personal data in Ouriginal

Purpose

The purpose of processing personal data in plagiarism control (Ouriginal) is

  • to uncover cheating in exams or mandatory assignments

  • to detect dishonesty (plagiarism) in research.

Legal basis

The legal basis (grounds for processing) for processing personal data in plagiarism control (Ouriginal) is the General Data Protection Regulation (GDPR) Article 6 No. 1 letter c (legal obligation) and e (performing a task in the public interest), cf. No. 3 letter b.

Several provisions of the university and college law serve as supplementary legal bases, for example § 3-9 (examinations and grading).

4. Which personal data is processed in Ouriginal and how long do we store your personal data?

Ouriginal (Urkund) stores submitted documents in OsloMet's own database, and thus personal data contained in submitted documents is stored. The email used for submitting documents will be stored in Ouriginal (Urkund).

Ouriginal contains assignment identifiers from the exam system, exam and test answers, assignment submissions (including bachelor's and master's theses), and research works (including PhD dissertations).

Ouriginal generates reports showing text similarity between submitted text and reference texts.

Sensitive personal data is not primarily processed in Ouriginal. If uploaded documents contain sensitive personal data, these will be accessible to OsloMet employees and Ouriginal employees with access to Ouriginal.

Uploaded documents are stored in OsloMet's Ouriginal database indefinitely.

5. Automatic case processing  

Exam submissions will automatically be sent to Ouriginal for review from Inspera. Beyond this, automatic case processing is not performed.

6. We disclose your personal data to others

Disclosure or export of data is defined as any provision of data other than to our own system/processing or to the data subject themselves or someone receiving data on their behalf.

Your educational institution may disclose or export data containing personal data to other systems, that is, external data processors where deemed necessary.

Your personal data will not be disclosed to countries outside the EU/EEA, or any international organizations.

Your personal data may be disclosed to the following parties/entities:

Ouriginal

Given that exam submissions contain personal data, Ouriginal employees will have access to these.

7. Security surrounding your personal data

SIKT regularly conducts risk and vulnerability analysis to protect your personal data in Ouriginal. In addition, security measures such as access controls are implemented to prevent more employees than necessary from accessing your personal data. Employees have confidentiality regarding personal data they encounter in their work. System use is logged.

8. Your rights

See page about Your rights

9. Kontakt

See page for Contakt