Nordic Fitness Education (NFE) is committed to ensuring the reliability, confidentiality, and security of the personal information that is provided and handled by its staff, students, and customers. On that basis, NFE has established the following privacy policy:

Scope and Purpose: NFE seeks to comply in all respects with the privacy legislation that is in force at any given time and this policy is based on the Privacy Act no. 90/2018 from 15 July 2018. With this policy, NFE emphasizes the importance of ensuring that all processing of personal information within NFE takes place in accordance with the provisions of the Personal Data Protection Act. The privacy policy applies to all processing of NFE’s personal information, but when NFE is referred to in this policy, it also refers to all study programs run within this arm of NFE Academy. This privacy policy describes NFE’s processing of personal information. NFE will also seek to provide the individuals who process personal information with further information about that processing.

Personal information processing: Personal information refers to all information that can be linked or traced to specific individuals directly as well as indirectly. It could be in written text, electronic information system or on a picture. Examples of this are names, ID numbers, addresses, e-mail addresses, study programs and even health information of various kinds. Various records of information are necessary, both for the services provided by the school and for its operation. Without this registration, it would not be possible to provide the quality services that NFE’s clients expect to receive or to manage the operations efficiently. The term processing covers all use of personal information, such as collection, registration, storage, dissemination and destruction.

Collecting personal information: All NFE’s processing of personal information is carried out for a clear purpose and is based on a lawful basis in accordance with the Data Protection Act. Care is taken to ensure that personal information is not further processed in such a way that the processing is incompatible with the original purpose of the processing. NFE emphasizes that the processing of personal information is not taken further than necessary, in order to achieve the goal that is aimed at with the processing. In order to ensure that personal information is processed in accordance with the principles of the Personal Data Protection Act,NFE provides its employees with education and training in how to handle such information.

Whose information is collected? During the operation of schools, various personal information about different groups of individuals inevitably is collected and the processing of such information is necessary so that NFE can provide statutory services as an educational institution.

NFE collects and processes personal information about:

Students
Staff
Customers and individuals who communicate with NFE and contacts of customers, suppliers, contractors, consultants, institutions and other legal entities with which NFE has a contractual relationship.

What information is collected? NFE collects and stores various personal information about the above categories of individuals, but only information that is necessary and relevant with regard to the purpose of the processing at any given time. Thus, different personal information is collected about different categories of individuals and the processing and collection of personal information depends on the nature of the relationship between NFE and the individual in question. Thus, for example, more extensive information is collected about NFE’s students and staff than other groups.

Under certain circumstances, NFE collects sensitive personal information, such as health status and ethnic origin. Special care is taken in the processing of such information. NFE mostly collects personal information directly from the individuals to whom the information relates. In certain circumstances, however, the information may come from third parties, such as INNA or marketing partners. When information is obtained from a third party, NFE will inform about this, as appropriate.

Basis for collecting information: The purpose of information gathering is to ensure the operation and service of NFE’s fitness students. The utmost confidentiality is maintained in the handling of all personal information.

Information about students is registered within our student database. All student records are defined as personal information. Only relevant NFE employees have access to the student database in accordance with NFE’s rules on access rights for employees. Information is only disseminated outside NFE in accordance with the law.Upon graduation, NFE is obliged to disseminate information to, among others, EuropeActive. All students are given minimum instruction in the admission process about the process of personal information they provide for processing.

According to the Data Protection Act, a student or his / her agent has the right to access his or her own student register in whole or in part and to receive a copy of it if requested. The Student Register Act and the Public Archives Act stipulate that information in the student register shall be stored permanently.

NFE collects personal information primarily to be able to fulfill its obligations on the basis of laws that apply to operations and services. NFE also collects personal information regarding a contractual relationship that NFE has, for example with employees or contractors, or to establish such a contractual relationship.

Retention period: As NFE is a party subject to delivery on the basis of Act no. 77/2014 on public archives, it is not permitted to discard or discard any document that falls within the scope of the Act, except with the permission of the National Archivist. In general, the personal information that NFE processes is therefore handed over to the National Archives after thirty years.

Information security: NFE applies appropriate technical and systematic measures to protect personal information through strong access control within its archiving system, taking into account its nature. These measures are intended to protect personal information from being accidentally lost or altered and from unauthorized access, copying, use or disclosure. NFE promotes active security awareness of employees with appropriate education and training regarding security in the processing of personal information.

Information dissemination: NFE may share personal information with third parties for various reasons. Thus, third parties that provide NFE computer and internet IT services may have access to personal information, but NFE may also be obliged by law to provide personal information to third parties. Students are always guaranteed a certain level of education about who the parties in question are, as stipulated in the Privacy Act.

NFE only enters into agreements with external parties who ensure the security of the personal information they process on behalf of NFE, and an appropriate processing agreement is then made. NFE will not share personal information outside the European Economic Area unless this is permitted on the basis of relevant privacy legislation and or with the permission of students.

Individual rights under the Privacy Act: Individuals have the right to know what personal information NFE processes about them and may, as appropriate, request a copy of the information. Individuals can also have incorrect personal information about themselves corrected and in individual cases personal information about themselves deleted. Furthermore, in certain cases, individuals may object to the processing of personal information and request that its processing be restricted. If an individual wishes to transfer information about himself to another party, for example to another school, the person in question may also have the right to have his personal information handed over to him personally in computerized form or that it be transferred directly to the relevant third party.

In cases where NFE’s processing is based on consent, the person who granted the consent can always revoke it. NFE respects the above rights of individuals under the Privacy Act. Efforts are made to respond to all requests within 30 days of receipt. In the case of an extensive or complex request, NFE will inform you of such delays and seek to respond within three months of receipt of the request at the latest.

Liability: Responsibility for the processing of personal information that takes place within NFE may vary depending on the school’s areas and departments to ensure that the information is not personally identifiable. Every NFE employee has a legal obligation to ensure that your information, whether you are a student or an employee, is stored securely and that confidentiality is maintained, and this is confirmed in each individual’s employment contract.

NFE website: The website nordicfitnesseducation.net and connected data handling entities handle personal information in accordance with the law on personal protection and handling of personal information.

In cases where personal information is recorded, for example due to inquiries, requests or course applications, where you need to register your name, address, e-mail address or other personal information, NFE undertakes to store the above information in a safe and secure manner and will not pass on information that has been registered to a third party without the consent of the party in question or following a court ruling.

When visiting our website, various necessary information about accessibility and use is listed. This information may contain the user’s IP addresses. This information is only collected for safety reasons and for troubleshooting. This site also uses website cookies for the necessary functionality, collection of statistical information and for sharing on social media.

Data processing takes place as long as the user has given his consent to the processing of the information. If a user wishes to comment on the handling of personal information or requests that their personal information be deleted from the database, comments should be sent to NFE by e-mail at info@nordicfitnesseducation.net

Inquiries or complaints: If individuals have questions about this Privacy Policy or how NFE stores or processes personal information, they can always contact NFE’s Privacy Officer who will seek to answer questions and guide individuals about their rights under this Privacy Policy and the Privacy Act. If an individual is dissatisfied with NFE’s processing of his personal information, he can also send a message to the Data Protection Authority .

Contact Information: NFE Privacy Officer is Guðmundur Arnar Guðmundsson, who oversees the follow – up of NFE privacy policy and the enforcement of privacy laws. You can contact NFE Privacy Officer by sending him an email here .

Policy Audit: NFE may from time to time change this Privacy Policy in accordance with changes in relevant laws and regulations or due to changes in how NFE handles personal information. If changes are made to this policy, this will be announced on NFE’s website. Any changes to the policy will take effect after the updated version is published.