5. Read the terms for the approval carefully. Sign security agreements.

The agreement is subject to the following terms:


1. The data sets to which access is given are treated as confidential information in accordance with the relevant laws of each country.

2. Data may only be used for the specific project and not used in other scientific contexts or passed on to third parties.

3. Access to data will be granted through a secure on-line remote access to the data hosting National Statistical Institution (NSI).

4. Access to data can only take place from the researcher’s workplace. It is not allowed to access data from a country outside of the Nordic countries.

  • Processing of the data may only be conducted from [Insert the research environment for which the authorisation has been granted] to a computer [linked up to NSI via a secure remote on-line access to NSI-line].

5. Connection must be completely turned off or disconnected, when the computer is not used, i.e. protected against unauthorised use.

6. Passwords, which are supplied by [NSI] for the project, are strictly personal and must not be passed on to any third party.

7. Access is only granted to data with de-identified variables. The data set does not include directly identifiable information, for example, original person identification numbers, names, addresses and CVR numbers (business identification number).

8. Basic data as well as derived data sets shall not, neither directly nor indirectly, be downloaded or printed.

  • All transfers of output (tables, analytical results), etc. for printing or for further statistical processing shall only take place in accordance with the guidelines and methods determined by [NSI].

10. A logging of these transfers is conducted by [NSI] and all outputs are controlled by [NSI] at a regular basis.

11. Confidential data shall not be printed, including data at the level of individuals or firms, and all outputs shall be aggregated in such a manner that identification of individual persons or individual firms directly or indirectly is impossible. Attempts at identifying individual persons or firms are not permissible.

12. If the project is completed before deadline, it is the duty of the researcher to inform the [NSI].

13. No information from the project in which it is possible to identify an individual person or an individual firm may be published.

14. Published information from the project shall be submitted to [all NSIs that have provided data for the project for scrutiny].

15. Access to data will only be given for a maximum of 3 years. The researcher can apply to have the application prolonged.