Privacy notice

Duty of disclosure

In certain cases, the Danish National ID Centre must inform you when your personal data is collected or received. The types of cases covered by the Duty of Disclosure can be found in the privacy notice for each case area and can be accessed by using the links in the left-hand menu. For instance, the centre collects your email address when creating a login or subscribing to newsletters.

Right to rectification (correction)

The National ID Centre must process accurate and up-to-date information. Should it turn out that the centre is processing information about you that is not correct, you have the right to have the information corrected. However, the centre is only able to correct information in its own files and registers. If you wish to exercise your right to have your personal data corrected, please contact the centre to request a correction.

Right to deletion

In special cases, you have the right to have your personal data deleted before the time of the centre's general deletion deadline. However, as a public authority, it should be noted that the centre is subject to rules that mean that in many cases the centre will not be able to delete the data that is being or has been processed before the time of the centre's general deadline for deletion.

Read more about your rights in the Danish Data Protection Agency’s guide

Contact us

If you wish to excercise your rights in accordance with the Danish Data Protection Regulation, or if you need further information about your rights, please contact the Danish National ID Centre. You can contact the centre in the following ways:

Nationalt ID-center
Birkerød Kongevej 2-4
3460 Birkerød
Telefon: 61 98 39 00
E-mail: nidc@nidc.dk

In order to process your enquiry, the National ID Centre must be able to uniquely identify you. For example, in addition to stating your full name, you can also refer to a case number, write your full address or state your CPR number.

The Danish National ID Centre has a data protection officer (DPO)

The Danish National ID Centre has a data protection officer who advises the centre on the rules for processing personal data. If you have any questions about the centre's processing of personal data, please contact the centre's data protection officer.

You can contact the data protection officer in the following ways:
• E-mail: dpo@hjemst.dk 
• Telephone: +45 30 65 78 00
• Mail: Hjemrejsestyrelsen, att. Databeskyttelsesrådgiver, Birkerød Kongevej 2-4, 3460 Birkerød.

Right to object 

A) Requests for access to documents

In order to answer the requests for access to documents, the Danish National ID Centre will process personal data.

When NIDC receives requests for access to documents, the NIDC will process your or your representative’s personal.

In accordance with the Danish Data Protection Regulation, NIDC must provide you with certain information when the centre receives personal data from you. You will receive a notification explaining how the centre processes the submitted data.

Purpose and legal basis

The purpose of processing personal data is to be able to answer requests for access to documents.

The legal basis for requests for access to documents is The Public Administration Act, while the legal basis for inquiries about the rights of registered individuals is the Danish Data Protection Regulation chapter 3 and 6.

Categories of personal data

The National ID Center The agency processes the contact information of the individual who contacts the centre with a request for access to documents. It may also be necessary to process other types of personal data in order to answer the request. This may be standard personal data, but may also be sensitive information.

Transfers of data

In some cases, the Danish National ID Centre will pass on personal data about the individual who sent the inquiry or the person/persons the inquiry relates to. Personal data may be passed on to the following authorities:

1. The Danish Parliament (usually when answering a request for access to documents from a committee in the Danish Parliament)
2. Immigration authorities (e.g. to confirm the identity of an applicant or in a letter of information for the immigration authorities concerning the outcome of a request for access to documents)
3. Other ministries (e.g. in connection with a consultation of other ministries)

Storage of personal data

Requests for access to documents are recorded and logged in NIDC’s case and log system. Personal data is recorded in compliance with the rules set forth in the Danish Public Administration Act. The recorded documents are deleted after 15 years in accordance with established deletion procedures.

B) Processing of personal data in connection with newsletter subscription and user login creation

The Danish National ID Centre collects and processes your personal data in the form of your e-mail address, for the purpose of sending the centre´s newsletter or for providing you with access to the centre’s website.

Your e-mail address is also used by the Danish National ID Centre to record statistics concerning logins and for monitoring which pages of the website are visited most often. If you subscribe to the centre’s newsletter, the Danish National ID Centre will also use your e-mail address to manage your subscription and to ascertain how many subscribers open the newsletter or click on the active links in it.

By creating a subscription to the centre’s newsletter or by creating a user login, you must consent to the collection and processing of your e-mail address in order to allow the Centre to perform its services. Your e-mail address is disclosed to the centre’s website provider, which is TWODAY (www.twoday.dk).

Legal basis

Your e-mail address is processed according to article 6(1), a) and e) of the General Data Protection Regulation. This means that the legal basis for processing your data is by your consent, and if you work for one of the authorities covered by section 40 (1) of the Immigration Act (Udlændingeloven) it is a legal obligation.

Only employees of the authorities covered by section 40 (1) of the Immigration Act are automatically approved to create user profiles on the centre’s website. Other persons may apply for a user login by sending an e-mail to nidc@nidc.dk.

The Danish National ID Centre will store your e-mail address as long as it is necessary to give you access to the website or to be able to send the centre´s newsletter to you. You can withdraw your consent at any time by clicking on the unsubscribe link or by sending an e-mail to nidc@nidc.dk. If your user login has not been used for six months, your e-mail address will automatically be deleted.

C) Processing personal data contained in the documents that are subject to an authentication assessment

The Danish National ID Centre processes personal data contained in the documents that are subject to an authentication assessment or data received as part of the centre’s other services, e.g. facial images and fingerprints.

Categories of personal data

The data stored may be standard personal data, but may also be sensitive information. The following standard personal data is recorded in the centre’s case and log sensitive:

1. Name of the document owner
2. Facial image or fingerprints of the persons to be examined
3. Case number of the authority requesting the examination
4. NIDC’s case number
5. Record number in NIDC’s case and log system
6. An electronic copy of the document to be examined

In document examinations, sensitive data is temporarily stored in NIDC’s case management system while the case is being processed and then transferred to the centre’s case and log system once the case is closed. However, the period may be extended if necessary to fulfil relevant administrative and legal security considerations. Sensitive information related to facial photos and fingerprints is registered and processed in the centre's case and log system.

Basis for processing

Standard personal data is processed in accordance with article 6(1), e) of the Danish Data Protection Regulations, while sensitive personal data is processed in accordance with article 9(2), g) of the Danish Data Protection Regulations.

Transfers of data

The Danish National ID Centre returns the examined documents to the authority requesting the examination once the case is closed. In cases involving facial images or fingerprints, the result of the centre’s comparison and assessment of the submitted images will be forwarded to the authority requesting the examination.

Depending on the circumstances, data on the persons whose documents, facial image, or fingerprints are being processed may be passed on to the following authorities:

1. The Danish Parliament (usually when answering a request for access to documents from a committee in the Danish Parliament)
2. Other ministries and subordinate agencies (e.g. in connection with a consultation of other ministries)
3. The Danish Police and prosecution authorities
4. Danish embassies and representations

Storage of personal data

The Danish National ID Centre stores an electronic copy of the examined document as well as any related information and documents in the centre’s case and log system. Similarly, digital copies of examined facial images or fingerprints are stored in the centre’s case and log system. The data is stored for as long as necessary to fulfill relevant administrative and legal security considerations. However, the data is stored in the centre’s case and log system for a maximum of 15 years before deletion.