Terms of service - MinID

1. Introduction

MinID is a personal electronic ID, much like an electronic passport. MinID provides access to public services at a medium-high level of security (substantial).

 

2. Binding actions

When using MinID to perform actions, for example signing a document digitally, it is considered a binding action that commits you to the recipient in the same way as when you sign a document physically.

3. Terms and conditions

3.1  Who can be issued MinID

MinID is a widely available electronic ID. The following three criteria must be fulfilled in order for the National Digitialisation Agency (NDA) to issue MinID on request by the user:

·        The user must have a valid Norwegian ID-number

·        The user must be over the age of 13, or turn 13 in the calender year.

For MinID issued online the user must, in addition to the criteria listed above, have a registered address from the National Population Register for issuing of PIN-codes.  

For MinID isued on site the user must, in addition to the critera listed above, be able to produce a valid, recognized proof of ID.  

See this link for information regarding issuing of MinID to people under guardianship. http://eid.difi.no/en/guardianship-and-update-contact-information-contact-and-reservation-register

3.2  Issuance of MinID

When you create a MinID profile, you are obligated to give complete and correct information.

3.2.1        Issuance of MinID profile online

Issuance of MinID online requires you to provide a valid Norwegian ID-number. Your ID-number is used to get your home address from the National Population Register and send you a letter with PIN-codes used to create a MinID-profile. After you have received the PIN-codes, you must register your phone number and e-mail address. For more details: http://eid.difi.no/en/minid/how-register-minid-user

3.2.2        Issuance of MinID profile on site

People without a valid Norwegian ID-number can get MinID by visiting The Norwegian Tax Administration in person. Your case handler will do an ID check and give you an ID-number and a MinID profile.

3.2.3        Issuance of MinID profile by passport reader

Because of the Covid-19-pandemic, we are opening a temporary issuance method of MinID. Users with a Norwegian ID-number who lack a Norwegian electronic ID, can do an ID-check using a passport reader app that reads your passport and compares it to your facial features.

3.3  Keeping your PIN-codes safe

Your PIN-codes are valid until you order new PIN-codes or block your MinID. The PIN-codes can be used to restore MinID and to log in if you do not have your mobile phone at hand. It is therefore imperative that you keep your PIN-codes safe at all time and treat them like you would treat a passport.

3.4  Blocking MinID

It is possible to install a block on your Norwegian ID-number, in order to prevent registration of MinID: http://eid.difi.no/en/blocking-minid

You can also block your PIN-codes from use: http://eid.difi.no/en/how-block-pin-codes

4.  Privacy policy

4.1  Controller

The controller is the Norwegian Digitalisation Agency, Org.nr. 991 825 827. NDA can be reached by phone, e-mail or chat. Phone number: +47 24055603, e-mail: brukerstotte@digdir.no and chat: http://eid.difi.no/nb

Data protection officer can be reached by e-mail: personvernombud@digdir.no.

4.2  Purpose, basis for processing and recipients

NDA processes your personal data in order to issue an electronic ID – MinID, and to use this to authenticate you to services that accept MinID as authentication. The basis for processing data is this agreement pursuant GDPR article 6, letter b. The processing of biometric data in accordance with point 3.2.3 above, requires explicit consent given in “Nets Passport reader app”, ref. GDPR article 9, number 2 letter a.

Your Norwegian ID-number is shared with the services that have the basis for processing data and requires it to secure your identification.  

We remind you of your rights to access, correction, and in some cases deletion of personal data in accordance with GDPR chapter 3.

4.3  Personal data being processed

NDA processes the following data in order to identify you, ref. point 3.1 above:

·        Norwegian ID-number

·        Name and registered address (deleted 30 days after letter with PIN-codes is sent)

·        Mobile phone number (shared with the common contact register)

·        E-mail address (shared with the common contact register)

      As part of the security, NDA keeps a log of when you log in with MinID, your IP-address and other information of the device you are using MinID from. The log is deleted after 13 months.

Infomation regarding security and cookies can be found here: http://eid.difi.no/en/security-and-cookies

4.4  Specific information for issuance of MinID with passport reader (3.2.3)

The following data is processed by NETS as NDAs data processor:

·        OCR passport information

·        Information in the NFC-chip in your passport

·        Biometric facial scan (to link person and passport)

The first two points can contain the following data: document type/number and expiration date, issuing country, full name, nationality, date of birth, gender, national ID-number and photo.

The passport reader apps biometric facial scan reads biometric data and liveliness data. The result of the facial biometric scan is forwarded to NDA by code which specifies the level of certainty that a person and a passport match.

·        Norwegian ID-number is given by the user

·        Mobile phone number (shared with the common contact register)

·        E-mail address (shared with the common contact register)

 

5. Changes in terms of use for MinID

NDA reserves the right to change the terms of this agreement, without notice, when it happens as a consequence of a change in the security requirements for MinID. Changes take effect when they are published on idporten.no. Other changes will be alerted to you by e-mail or SMS at least one month before they take effect.

6. NDAs liability to you as user of MinID

NDAs liability in the event of misuse follows Norwegian law.

NDA is not liable for indirect losses suffered as a result of faults or errors, unless the losses are caused delibaretely by NDA.

NDA is not liable for losses suffered as a result of unwarranted use, for example when others have been given access to PIN-codes, passwords or mobile phones, or you have neglected to alert NDA of irregularities, abuse or suspicion of this. NDA is not liable for losses suffered when the user has failed to comply with the terms of use for MinID.

NDA is never liable for third-party services.

NDAs total liability can never exceed the price of the service provided, and may never exceed 30 000 NOK per damage case.

7. Dispute resolution

Disputes are resolved according to Norwegian law and in Norwegian courts.

8.  Additional information

For more information, please visit: http://eid.difi.no/en