The common contact register (KRR)
The common contact register is a register that enables public agencies, and businesses undertaking tasks on behalf of public agencies, to communicate digitally with citizens. The register has its legal basis in the Regulations concerning electronic communication with and within the public administration (eForvaltningsforskriften) [1] and Clause 6, Parts C and E of the General Data Protection Regulation (GDPR). Norwegian Digitalisation Agency is data controller for the register.
The register may, without the consent of the registrant, contain the following data: [2]
1. name and unique personal identifier
2. the contact information necessary for electronic communication with a registrant
3. information concerning the preferences of a registrant with regard to electronic communication
4. information concerning the legal authority of the registrant
5. other information that is essential for the administration to be able to manage and process their electronic communications.
Examples of information in the register under point 5 of this list are choice of language and an encryption certificate for a digital mailbox. The purpose of the processing is to facilitate secure and efficient electronic communication from the administration to you as a private individual. The data may be used in connection with the processing and execution of administrative tasks, and shall be used for notification pursuant to Section 8, third paragraph of the Regulations concerning electronic communication with and within the public administration (eForvaltningsforskriften), (e.g. notification that a decision regarding an individual has been made and sent to the digital mailbox of the registrant. [3])
The data in the register can be stored for an unlimited period, but inclusion in the register is voluntary. You have the right to modify or delete the data relating to you. You can access and manage your e-mail address, telephone number, choice of language and preferences via www.noreg.no. Requests to be deleted from the register can be submitted via a separate form.
Access and changes to the register are logged for administrative and security reasons. The log data will be deleted after six months.
The common contact register can be used by all public agencies to exercise public authority. Some public agencies have their own copy of the common contact register and have entered into data processor agreements with Norwegian Digitalisation Agency. The copies are kept continuously up-to-date.
• The Norwegian Labour and Welfare Administration (NAV)
• The Norwegian Tax Administration
• Altinn
• The Norwegian State Educational Loan Fund
• Norwegian National Collection Agency
• The Norwegian Armed Forces
• The Norwegian Directorate for Civil Protection (DSB)
• Norwegian Public Roads Administration
Norwegian Digitalisation Agency uses Evry as the service provider for the common contact register, and a processing agreement between Norwegian Digitalisation Agency and Evry has been signed.
[1] Regulation 25 June 2006 No. 988 Regulations concerning electronic communication with and within the public administration.
[2] Section 31 of the Regulations concerning electronic communication with and within the public administration (eForvaltningsforskriften).
[3] Section 29 of the Regulations concerning electronic communication with and within the public administration (eForvaltningsforskriften)