Version 1.6
This privacy notice for MitID describes how the Danish Agency for Digital Government processes your personal data in relation to the use of MitID, and your rights in that regard.
If you are a business user and is using a separate MitID for business, you are referred to the privacy notice for MitID Erhverv at mitid-erhverv.dk
The Danish Agency for Digital Government is the data controller for the processing of your personal data. You will find our contact information below:
The Danish Agency for Digital Government
Landgreven 4
1301 København K
CVR no..: 34 05 11 78
Phone: +45 33 92 52 00
Mail: digst@digst.dk
The Ministry of Digital Government and Gender Equality has appointed a Data Protection Officer who provides guidance on the data protection regulation within the area of the Ministry of Digital Government and Gender Equality. The task of the Data Protection Officer is to support the Ministry of Digital Government and Gender Equality’s compliance with the rules on the processing of personal data.
The Data Protection Officer can guide you on your rights in relation to the processing of your personal data within the area of the Ministry of Digital Government and Gender Equality.
If you have questions about our processing of your personal data, you are always welcome to contact our Data Protection Officer. You can contact our Data Protection Officer in the following ways:
The purpose of the Danish Agency for Digital Government's processing of your personal data is:
The legal basis for our processing of your personal data is based on:
The Danish Agency for Digital Government does not process your personal data for purposes that are not related to the issuance, administration and use of MitID.
We are processing the following categories of personal data about you:
We transfer or hand over your personal data to the following recipients:
In certain cases, the Danish Agency for Digital Government may be obliged to transfer information to other public authorities. The transfer will be limited to the personal data necessary for the exercise of authority.
Nets DanID A/S is the data processor for the Danish Agency for Digital Government and the supplier of the MitID solution.
The Danish Business Authority is the data processor in relation to handling support.
RA’s are Registration Authorities and data sub processors in the MitID solution.
In certain situations, MitID Brokers are also data sub processors in relation to the MitID solution.
The Danish Agency for Digital Government transfers information about risk data and authentication responses about the specific and individual transaction to a public authority or a company in the role of MitID Broker for validation and securement of appropriate level of security.
The Danish Agency for Digital Government hands over your personal data to the data processors of the Danish Agency for Digital Government, who assist with the operation and administration of IT systems related to the MitID solution.
The Danish Agency for Digital Government discloses IP addresses, URL for visited websites including timestamps (related to an IP address), geographic location based on IP addresses and information about browser version/engine, and operating system version/engine to Akamai Denmark (Akamai Technologies Denmark ApS, CVR number 36 02 66 50) for the purpose of Akamai's traffic and security analysis of traffic to MitID, aiming at continuous improvement of their overall solution to prevent cyber attacks on MitID and for problem resolution and support. This is carried out, in particular, to ensure that Akamai can deliver its service correctly.
In general, we do not transfer your personal data to recipients outside the EU and the EEA.
Please notice, if your MitID is issued in Greenland or the Faroe Islands: When transferring personal data to Greenland or the Faroe Islands, the legal basis is standard data protection clauses pursuant to EU General Data Protection Regulation Article 46, paragraph 1, litra c).
The Citizen Service unit or bank, where you request the registration of MitID, collects your personal data directly from you.
If you are ordering an authenticator online prior to, or in connection with, your registration as MitID user, your personal data is collected directly from you. Your personal data is also collected directly from you if you use the MitID app to complete the verification of your identity.
In relation to the administration of your use of MitID, your basic data is synchronized with your CPR information or by your own update of optional additional information such as an alternative address, mobile number, and email address.
As part of the processing of your personal data, information is also obtained from central public registries like the passport/driver’s license registry, CPR registry, and the Danish Address Registry.
The Danish Agency for Digital Government stores and processes your personal data for as long as it is necessary in relation to the issuing, administering, and using MitID for accessing digital services.
When verifying an identity through the MitID app, personal data from registration of liveness and 3D face recognition, as well as personal data from the photo page in a passport (or other ICAO compatible identification) that has not been issued in Denmark, is stored encrypted for a maximum of one day, after which the data are deleted. Personal data from the photo page in a passport issued in Denmark is stored encrypted in temporary memory while the session is active, and for a maximum of one hour, after which the data is deleted.
The Danish Agency for Digital Government also acts as the data controller regarding any personal data processed about you if you contact MitID Support. MitID Support helps users find information about MitID and how to use the MitID solution. With MitID Support, users can receive help via phone, e-mail, screen sharing, and live chat. As a user, you also have the option to receive a customer satisfaction survey in connection with your contact with MitID Support. If you give consent, the call is also included in an anonymized survey of trends in the phone calls that MitID Support receives.
The purpose of The Danish Agency for Digital Government’s processing of personal data when users contact MitID Support is: Provision of support in relation to the use of MitID and improvement of support services.
The legal basis for our processing of your personal data is based on:
In relation to screen sharing, the supporter will be able to see the personal information that may appear on the page where you need support.
In relation to the customer satisfaction survey and/or screen sharing, you can withdraw your consent at any time. If you choose to withdraw your consent it does not affect the legality of our processing of your personal data based on your previously given consent up to the time of withdrawal. If you withdraw your consent, it will be in effect from the time of withdrawal.
E-mails that are misdirected to MitID Support are, to the extent that is possible, forwarded to the appropriate authority/unit.
You have a number of rights under the data protection regulation regarding our processing of data about you.
If you want to make use of your rights, you need to contact us.
You have the right to access the information we process about you, as well as additional information.
You can send a request to the Danish Agency for Digital Government in one of the following ways:
You can also at any time view the personal data that the Danish Agency for Digital Government has registered about you. This is done through self-service on MitID.dk. Here, you can also generate an automatic GDPR report, where you can see the information registered in MitID about you.
You have the right to have incorrect information about yourself corrected.
You can change your email address and mobile phone number at any time via self-service on MitID.dk. The same applies if you have provided an address as an alternative to the CPR address. For the correction of other information that may be incorrect, such as errors in CPR information, you should contact Citizen Service.
The Danish Agency for Digital Government stores and processes your personal data for as long as it is necessary for the purpose of issuing, administering, and using MitID to access digital services.
However, you can always request the deletion of information about your email address, alternative address, and/or mobile number. If you use the MitID app, please note that if you delete your mobile number, you will no longer be able to use the MitID app.
In certain cases, you have the right to have the processing of your personal data restricted.
However, restricting the processing of your personal data may mean that you cannot use MitID.
If you want to request restriction of the processing of your personal data, you should contact the Danish Agency for Digital Government. See contact information below.
In special situations, you have the right as a user to object to the processing of the personal data that the Danish Agency for Digital Government has registered about you.
You can contact the Danish Agency for Digital Government in one of the following ways:
This right does not apply to MitID, as the processing takes place as part of the exercise of authority, which the data controller is required to by law.
The right to withdraw consent is relevant in relation to support. When you request support, you may be asked to consent to the processing of your personal data for customer satisfaction analysis, screen sharing, and call analysis. If you choose to withdraw your consent, it does not affect the legality of our processing of your personal information based on your previously given consent and up to the time of withdrawal. If you withdraw your consent, it only takes effect from that point forward.
Please note that there are exceptions to these rights, and you may not always be able to exercise all of your rights. This is because, as public authorities, we often process personal data as part of our exercise of authority, and certain exceptions apply.
You have the right to file a complaint with the Danish Data Protection Agency (Datatilsynet) if you are dissatisfied with the way we process your personal information. You can find the contact information for the Danish Data Protection Agency at www.datatilsynet.dk
You are also welcome to contact the Danish Agency for Digital Government.
Vi bruger en cookie for at gemme dit sprogvalg, så næste gang du åbner MitID.dk, vil siden vises på det sprog du har valgt. Du kan altid ændre dit sprogvalg.
Hvis du vælger ”Gem ikke” vil du ikke modtage en cookie.
We use a cookie to save your language selection, so the next time you open MitID.dk, the site will open in the language you selected. You can always change your selected language.
If you select “Do not Save”, you will not receive a cookie.