Search result

User roles

The relevant employees in a research project must be created as users in Denmark’s Data Portal. You have different options when using Denmark’s Data Portal, depending on which user role your institution assigned to you. Below you can read which rights the different roles have. In Denmark’s Data Portal, you can see your role under ‘My overview’ next to your institution. If a specific role has not been indicated, you are a ‘User’., There are seven different roles in Denmark’s Data Portal:, Responsible for authorisation, Substitute, Administrator, Contact person with powers, Signatory, Contact person, User, Below you can read which rights the different roles have. You can also read more about how the roles are assigned.,  , What can the different roles do? , Responsible for authorisation, This role is responsible for the institution’s authorisation under microdata schemes with Statistics Denmark and approves association agreements under the authorisation. The person responsible for authorisation is legally responsible for the users associated with the institution complying with the current guidelines for use of data. This person is the only one who can assign the roles as substitute, administrator and signatory. See how under ’How to assign roles?’ below., Substitute, A user who can approve association agreements on behalf of the person responsible for authorisation. It is highly recommended that you appoint one or more substitutes. In the dropdown menu ‘Assigning roles’ below, you can read how to select substitutes in Denmark’s Data Portal. Note that the person responsible for authorisation cannot be his/her own substitute., Administrator, It is the institution administrator who must approve and submit all of the institution’s project proposals to Statistics Denmark via Denmark’s Data Portal. The administrator works as an internal approver, whenever a project proposal is to be submitted or resubmitted. The administrator is thus charged with quality assuring the content of the project proposals from the institution, making sure that the proposals meet requirements to form and GDPR. This means that an administrator should be available and is expected to be a regular user of Denmark’s Data Portal., The administrator must contact Research Services if the institution wishes to have a new user created. An institution must have at least one administrator, and we recommended that you appoint at least two administrators. This is because some tasks in Denmark’s Data Portal can only be carried out by an administrator, and because a given administrator is not allowed to administer him- or herself. It is possible to appoint up to 10 administrators in one institution., Contact person with power, An institution can choose that a contact person can have powers corresponding to those of an administrator on the projects for which the user is a contact person. If a contact person has powers, the role is delimited to the institutions that the user is associated with. If you - as the person responsible for authorisation - want this solution for a user, you must contact Research Services., Signatory, On behalf of the institution, persons with the signatory role can sign to pledge that a project proposal is conforming to Article 6 of the General Data Protection Regulation. , When your project proposal has been approved, an employee in Research Services will sign it. After that, the person who submitted the proposal, i.e. the contact person for the project, the administrator or the contact person with powers, as well as the chosen signatory will receive an email with information indicating that the project proposal has been approved and signed. Subsequently, you need to sign the project proposal. Only users who have been assigned the role of signatory can sign project proposals., The role as signatory is assigned by the person responsible for authorisation or a substitute. Remember that it is a requirement that people with a signatory role are formally employed by the institution where they have the signatory role. There is no limit on the number of signatories. , Contact person, A user with access to a project has the role as contact person for the project. The contact person has the dialogue with Research Services regarding the project proposal. A project can only have one contact person. Administrator can change the project contact person., User, This is the basic role for users. The role gives access to information on the entities with which the user is associated, and the user can edit his or her own information. When a user is associated with a project in Denmark’s Data Portal, he or she also gets access to the project data on the researcher machine. Contact an administrator or the person responsible for authorisation, if you want to be created as a user under an authorised institution., Project owner at Statistics Denmark, When you submit a project to us, we will assign a project owner in Research Services to you with whom you will have direct contact. We do our best to answer your enquiry as soon as possible. , See the average response times under Contact Research Services, Who can edit user information in Denmark’s Data Portal?, The individual user can update his or her own user information in Denmark’s Data Portal. This could be relevant, e.g. if a user changes workplace and therefore wants to update his or her email address., If an association agreement must be terminated, this must either be done by the user him- or herself, the institution administrator, the person responsible for authorisation or a substitute hereof. In our , video guides, , you can see the respective tasks and responsibilities of a user, an administrator and a person responsible for authorisation in Denmark’s Data Portal. , How to assign roles, The person responsible for authorisation at the institution is the only one who can assign the roles as substitute, administrator and signatory., To do so, you must as the person responsible for authorisation log into Denmark’s Data Portal and select ‘My overview’. Click the institution where you are responsible for authorisation, and then click the three dots to the right of the institution name. If you want to assign/discontinue the role as administrator, you must click ‘Administration of administrators’. If you want to assign/discontinue the role as substitute, you must click ‘Administration of substitutes’, etc. Now a list appears of all users associated with the institution. Click ’Select’ next to the user you want to make either a substitute, an administrator or a signatory., The administrators of the institution can create new association agreements for the institution and attach users to projects., See table of the rights of user roles in Denmark’s Data Portal (pdf, in Danish)

https://www.dst.dk/en/TilSalg/data-til-forskning/brugeradgang/brugerroller

IFI01R: Investment survey in manufacturing industries

industry (DB07), calculation (time of collection), assessment and time
2010-2026 (Per cent)

https://www.statbank.dk/IFI01R

Tables in StatBank

NKSO1: 1-2.1.1 Production and generation of income (summary table)

transaction, sector and time
1999Q1-2025Q2 (m DKK)

https://www.statbank.dk/NKSO1

Tables in StatBank

KAS302: Average number of employed

region, industry (DB07), socioeconomic status, age, sex, period and time
2008-2024 (Number)

https://www.statbank.dk/KAS302

Tables in StatBank

RAS312: Employed 13-70 years (end November)

industry (DB07), age, sex and time
2008-2024 (Number)

https://www.statbank.dk/RAS312

Tables in StatBank

RAAV1: Manufacturing industry

commodity group (2digits), industry (DB07), unit and time
2002-2023 (-)

https://www.statbank.dk/RAAV1

Tables in StatBank

StatBank API

With Statistics Denmark's API, you can use our StatBank's open data directly in various own applications.

https://www.dst.dk/en/Statistik/hjaelp-til-statistikbanken/api

Sanction rules

It is important that you familiarise yourself with and comply with Statistics Denmark’s transfer and data security rules. If you do not comply with the rules, you risk suspension of you or your entire institution with Statistics Denmark. Read about our sanction rules and case processing in case of data breach., Users of Statistics Denmark’s researcher machines are responsible for complying with our transfer and data security rules. This means that you, as a user, are responsible for: , Your work on the researcher machines being compliant with Statistics Denmark’s data security rules. , Read more under Rules for working with microdata,  , Transferring analysis results and materials in compliance with Statistics Denmark’s transfer rules. , Read more under Rules on transfer of analysis results,  , Notifying Research Services immediately if you realise that you have failed to comply with Statistics Denmark’s data security or transfer rules., For more details, read Statistics Denmark’s guideline material:, Rules for data safety under the microdata schemes (pdf), Breach of the rules? This is how you handle it, If you have broken Statistics Denmark’s rules or suspect that you have, you have a duty of notification. Complying with the duty of notification in relation to breach will be considered a mitigating circumstance., Please notify both the person responsible for authorisation in your institution and Research Services; the latter by sending an email to , FSEHjemtag@dst.dk, with the following: , Your ident and the authorisation number of the institution you are associated with, Project number, if any, A description of the breach or where you suspect a breach, Date and time of the breach , If the breach involves files, for example files you have transferred, image files on your computer, in your mail box or similar, you must delete them immediately from your PC, Denmark’s Data Portal, mail folders etc. and inform about this in your email to Research Services.,  , Statistics Denmark’s sanction rules, If there is a breach of Statistics Denmark’s transfer rules or data security rules, Statistics Denmark can sanction users and, worst-case-scenario, entire institutions. Statistics Denmark’s sanction rules will be deployed if: , A user breaks the rules for working with microdata on Statistics Denmark’s researcher machines, for example by taking a screendump or transcribing from the researcher machine, , or, A user has transferred data with microdata, for example transferred a file with pseudonymised key variables from BOPIKOM, Note, : An isolated breach of the rules of statistical disclosure control will not result in sanctions. In case of repeated non-compliance, however, it can result in sanctions for the institution., Sanctions in case of breach - Assessment of severity and scope, Statistics Denmark makes decisions about sanctions. We distinguish between less severe and severe breaches: , Less severe breaches, : Thoughtless action or accident – for example identification in connection with troubleshooting, Severe breaches, : Conscious action – for example conscious attempt to identify individuals or enterprises in data , Statistics Denmark decides whether a breach is categorised as less severe or severe. In the assessment of the severity of a breach, we take the following into account:, Was it a thoughtless or conscious action?, Has the user detected the breach himself, and if so, observed his duty of notification?, In connection with transfer, : How large a volume of microdata has the user transferred?, In connection with transfer, : Has the transfer tool in Denmark’s Data Portal been used for the transfer, and if so, has the user ignored the transfer module’s warning? , In case of isolated, less severe breaches, the sanction will target the user and the project where the breach has happened. This means that the project where the breach took place will be temporarily closed for everybody and the user’s access temporarily closed, so that he or she cannot access his or her projects. In case of severe or repeated breaches, i.e. where breaches have previously been registered on the institution number, the sanctions will be more rigorous. See the overview of sanctions below., Note, : If Statistics Denmark has previously registered a breach for an institution, breaches dating back more than 2 years will not be taken into consideration. This means that any new breaches will be handled as first-time-breaches., Overview of sanctions , Sanction system for the researcher scheme,  , Sanction against user and project, Access is closed for user and access to the project is closed , Sanction against institution, Access is closed for all users and access to all projects is closed , Occurrence, First time, Second time, in 2 years, Third time, in 2 years, Fourth time, in 2 years, Less severe , breach, Until report can be approved*, 1-month suspension*, 3-month suspension*, Concrete, assessment*, Potential termination of the institution’s authorisation agreement, Severe breach, 3-month suspension*, 3-month suspension*, Potential termination of the institution’s authorisation agreement and/or specific user agreement, 6-month suspension*, Concrete evaluation of the institution’s authorisation agreement and potential termination of the institution’s authorisation agreement*, Sanction system for the authority scheme,  , Sanction against user , Access is closed for user , Sanction against scheme, Access is closed for users of the scheme, Occurrence, First time, Second time , in 2 years, Third time , in 2 years, Fourth time , in 2 years, Less severe , breach, Until report can be approved*, 1-month suspension, 1-month suspension, Concrete assessment, Potential termination of authorisation agreement, Severe breach, 3-month suspension, 3-month suspension, Potential termination of authorisation agreement and/or user agreement, 3-month suspension, 6-month suspension, Potential termination of authorisation agreement, * When Statistics Denmark detects a breach that comes under the sanction rules, the user and the project where the breach occurred will be temporarily suspended, until Statistics Denmark has processed the case and made a decision. This applies regardless if it is an isolated breach or repeated breaches within two years. , Statistics Denmark makes a decision based on a report and a plan that must be presented to Statistics Denmark by the institution with which the user is associated. Statistics Denmark will not commence the processing of the case, until we have received an adequate report and plan. Statistics Denmark estimates whether the report and plan of an institution is adequate or should be rewritten.  , You can read more about Statistics Denmark’s case processing and the requirements to the report and the plan under ”Statistics Denmark’s case processing in connection with breach of rules - guide”.,  , Statistics Denmark’s case processing in connection with breach of rules - guide, When Statistics Denmark receives a notification, or we find out ourselves that a user has not complied with Statistics Denmark’s data security and transfer rules, the user in question and the project where the breach has taken place will be temporarily suspended. The suspension lasts until Statistics Denmark has received an adequate report about the incident and a plan for prevention of similar breaches in future, and Statistics Denmark has processed and decided the case., The case processing step-by-step , The process takes place in the following steps:, Step: Presentation and demand for report and plan, When Research Services receives a notification, or find out themselves that a user has not complied with Statistics Denmark’s rules, the user in question and the person responsible for authorisation in the institution will be notified by email., Research Services informs about the date of the suspension of the project and of the user in question, and they will request an adequate report about the incident and the scope of the breach as well as an adequate plan for preventing similar breaches in future. Both the report and the plan must be completed in the standard template provided by Research Services., The person responsible for authorisation in the institution is responsible for the report and the plan being prepared and sent to Research Services., Presentation and plan – demand for “adequacy”, With the demand for adequacy, Research Services asks for an adequate report about the incident and the scope of the breach. By an adequate plan is meant a report and any documentation for appropriate technical, organisational and/or staff-related measures the institution has implemented in the light of the breach. The plan can consist of e.g.:, A brief account of the current rules and practice in the institution that may be relevant for the case, A presentation of what the institution has done in connection with the breach, for example, which consequences it has had for the user, A plan for what the institution is going to do to prevent similar breaches in future, It is important that it is not statements of intent. This means that the institution must account for the initiatives that they have already implemented or will implement, and describe the process behind it. Examples could be:, Has the person responsible for authorisation held a meeting with relevant stakeholders in the institution about the breach? (Indicate: Who? When? Which proposals/decisions were made?). Attach any resolution minutes., Has the person responsible for authorisation made proposals or suggested solutions to a relevant committee, the executive board, the governing body or similar? (Indicate: Who? When? What is/was on the agenda? What was decided?). Attach the agenda and/or resolution minutes., Has a decision been made in the institution to enhance for example the communication, instructional materials, code of conduct or similar? (What? How? When? Who is the target group?)., Has the institution adopted or made any other efforts to prevent similar breaches in future? (What? How? When? Who is the target group?)., If Research Services estimates that the report, plan or both are inadequate, Statistics Denmark will notify you about it and request a new one., Step: The case processing in Statistics Denmark, When Statistics Denmark estimates that the report and plan we have received are adequate, Research Services will prepare the case for Statistics Denmark’s Supervisory Board and Director General. You can expect the case processing to take approximately 8 working days from we receive the adequate report until we send our decision., Step: Decision, When Statistics Denmark has made a decision of the case, we send a decision letter by email to the person responsible for authorisation. The letter contains the final decision from Statistics Denmark’s Director General, including the reason for the decision and information on whether the temporary suspension of the project and the user is lifted or whether further sanctions are imposed on the user or the institution., Guides, agreements and documents in relation to data security and responsibility, Statistics Denmark’s data security rules under the Microdata schemes, Rules for data safety under the microdata schemes (pdf), Statistics Denmark’s information security and data confidentiality policy , Information security and data confidentiality policy – Statistics Denmark, Agreements (in Danish), Autorisationsaftale (pdf), Databehandleraftale (pdf), Tilknytningsaftale (pdf), Brugeraftale (pdf)

https://www.dst.dk/en/TilSalg/data-til-forskning/regler-og-datasikkerhed/sanktionsregler

FAQ

We have gathered the most frequently asked questions about Denmark’s Data Portal on this page. If you cannot find an answer to your question, you are welcome to contact Research Services at , forskningsservice@dst.dk, or by telephone +45 39 17 31 30. , We respond to emails within 2 working days, and our telephone hours are Monday from 1 p.m. until 3 p.m. and Tuesday through Friday from 10 a.m. until 12 noon.,  , See video guides on how to use Denmark’s Data Portal (in Danish),  , Login to Denmark’s Data Portal, I have entered my password incorrectly and have been locked out - how long will I be locked out?, Wait for 30 minutes and then try again., I have technical issues in Denmark’s Data Portal - who should I contact?, If you have technical issues or encounter errors in Denmark’s Data Portal, we would appreciate hearing about it, so that we can take corrective action. You can write directly to , DDVsupport@dst.dk, . Indicate your user, the relevant institution number and project number, if any, and describe the problem – preferably with a brief step-by-step explanation and matching screendumps. Then Denmark’s Data Portal Support will deal with the problem as soon as possible., I have problems logging in via remote.dst.dk - who should I contact?, If you have problems logging in via www.remote.dst.dk, please contact IT support in Statistics Denmark at , servicedesk@dst.dk, or telephone +45 39 17 38 00., Which browsers support Denmark’s Data Portal?, Google Chrome: Version 98 and upwards, Microsoft Edge: Version 97 and upwards, Firefox: Version 97 and upwards, IOS_Safari: 14 and upwards, Safari: Version 14 and upwards, Internet Explorer is not supported., Read more about Login in Denmark’s Data Portal, User roles, Allocation of project owner in Statistics Denmark, When you submit a new project to Research Services, a project owner will be allocated to you with whom you will have direct contact. We do our best to answer your enquiry as soon as possible., See the average response times,  , Who can edit user information in Denmark’s Data Portal?, The individual users can update their own user information in Denmark’s Data Portal. This could be relevant, e.g. if a user changes workplace and therefore needs to update his or her email address., If an association agreement must be terminated, this must be done either by the user, the institution administrator, the person responsible for authorisation or his or her substitute., Read more about user roles, Project proposal and data ordering, How do you make a project proposal in Denmark’s Data Portal?, Read how to make a project proposal in Denmark’s Data Portal, and find out which information should be included in a project proposal under , How to create a project proposal, ., Should I add all users to the project one by one?, Yes, all new users must be added one at a time., Where do I sign the project proposal?, Read how to sign a project proposal under , Signing the project proposal, ., Can I make changes in the project proposal after it has been sent to the administrator/Statistics Denmark?, No, once you have sent the project proposal to your administrator or to Statistics Denmark, you can no longer edit it. If your project owner in Statistics Denmark has questions or comments for the proposal, you have the opportunity to edit it, before you re-submit it., Can I associate users when the proposal has been sent to the administrator/Statistics Denmark?, No, once you have sent the project proposal to your administrator or to Statistics Denmark, you can no longer associate users. When the project proposal has been returned to you, either as approved or for revision, you can associate users again., Where can I get an overview of registers and see when they are updated?, In Denmark’s Data Portal, under ’Data content’ or at , danmarksdatavindue.dk, (does not require login), you can see all the registers that are part of the databank of basic data in Statistics Denmark. Here you can see when the registers were created (and will be closed, if relevant), and how often they are updated. Moreover, you can see which variables the register includes and find links to the variables documentation., Can I order not yet released data in Denmark’s Data Portal?, It is only possible to order not yet released data for project databases and the main and sub-projects of authority schemes., How do I get our own data added to my project?, Data that does not come from Statistics Denmark’s Database of basic data must be described broadly under ‘Additional data’ in the project proposal. Furthermore, a variable description is uploaded with an indication of the variables that must be pseudonymised. Read more about the requirements data must meet and how you upload data in practice under , Linking of additional data, ., Where in the process is my project proposal?, A project proposal changes status depending on where in the process the proposal is. Note that your project owner or the customer team in Statistics Denmark is not notified of your proposal until the administrator has sent it to Statistics Denmark., A proposal can have the following statuses:, Created, A project proposal has been created and is being prepared., Sent to administrator, The project proposal is ready for the administrator to read it., Sent to Statistics Denmark, The project proposal is ready and the administrator has sent it to Research Services. At this stage, a project owner is allocated, if a new project is concerned or a project with a previous employee in Research Services., Under review, The administrator or the project owner in Research Services has questions or comments to the submitted proposal and has therefore returned it to the users of the project. Questions and comments are shown in the proposal or sent via email., Sent for signature, The project owner in Research Services has sent the project proposal to the signatory group., Approved, The project proposal is approved by the Head of Division for Research Services, and it is now possible to move on with the order (for example drafting of contract, data delivery)., Data delivered, The assignment is completed and will subsequently be invoiced., My project proposal has not been approved - what can I do?, Your project owner in Research Services may have comments or questions for the project’s contact person, and this is why your project proposal is returned for revision. , When you have edited the project proposal, you can re-submit it via Denmark’s Data Portal., How do you make a re-proposal in Denmark’s Data Portal?, Read how you make a re-proposal of a project under , Specifically about re-proposals, ., My project was approved before Denmark’s Data Portal was created. Should I add the previously approved registers and variables when I make a re-proposal?, Yes, you should. Only one project proposal will be valid, and all data must be documented on the valid project proposal. This is why you must enter all details in the re-proposal., Do I have to create a new population whenever I make a re-proposal of my project?, You only need to create a new population segment if the population changes significantly, for example if it is created based on changed criteria, or if a submitted population is defined differently from the previous one. If you need to extend the population and the population must have the same register extraction as the original population, you can add this as an appendix to the description of the original population. You can do the same under ‘Additional data’, if additional data from other sources than Statistics Denmark must be added., How do I change the deletion date of my project?, If you are the administrator, you can change the deletion date of projects. When you have clicked into the relevant project, you must click the three dots to the right of the project title. Now you are able to indicate a new deletion date for the project by clicking ‘Edit project’. You should not approve the deletion date, as this means that you cannot create re-proposals in future., I have created a project under the researcher scheme, but is should have been created under the project database scheme. What can I do?, Create a new project under the project database scheme with the same information. Then the administrator for your institution can approve the deletion of the ‘incorrectly’ created project under the researcher scheme., How do I approve the deletion of a project?, If you are the administrator, you can initiate the deletion process for a project. Click the project, click the three dots to the right of the project title and select ‘Edit project’. You are now able to approve deletion of the project., The project owners in Research Services do not have rights to approve a deletion., Project owner, delivery times and price, When will a project owner be allocated to my newly created project?, A project owner will be allocated to you when your administrator sends the project proposal for approval with Research Services. If you have questions at an earlier stage in the process, you can send an email to , forskningsservice@dst.dk, , indicating the project number in the subject field. In your email, you can ask the questions you may have. , How long can I expect it to take for me to get my data?, See the average delivery time under , Contact Research Services., You are always welcome to ask the project owner in Research Services how long he or she expects that it will take. The delivery time depends on the individual project., How do I see the price of my data order before I order?, When the administrator has sent the project proposal and data order to Research Services via Denmark’s Data Portal, the project owner in Research Services will be able to prepare a price quote. This quote is sent via email to the contact person for the project. It is not possible to see the price in Denmark’s Data Portal. You are welcome to ask for a price estimate at any time., Physical token, A token is a physical unit used for two-factor login. With two-factor login, you first log in to www.remote.dst.dk with your three/four character IDENT (without figures) and PIN code. Then you are required to confirm your identity by means of the unique security code shown on your token. When you request a physical token, you must indicate a delivery address (e.g. the institution address) and full name of the person to which it must be sent (att.)., Note that we do not send it to addresses abroad., If you choose a physical token, you are not associated with the project until you have received your token in the mail., Guidelines for using physical token versus SMS token, Users without a Danish mobile number can get a physical token mailed to them., Users who are travelling to a foreign destination where it takes a long time for a Danish SMS to get through (for example African countries or New Zealand), can get a physical token., Users travelling to a European country or USA with a Danish mobile phone can still use SMS token., Users who would like a physical token simply as a matter of convenience, generally have to use SMS token instead. The costs of a physical token are far higher than the costs of SMS token.

https://www.dst.dk/en/TilSalg/data-til-forskning/danmarks-datavindue/faq

Authorisation of institutions

Institutions must be authorised in order to get access to data under Statistics Denmark’s microdata schemes. This page has information on the possibilities of obtaining authorisation, educational authorisation or client authorisation and on the application process., Apply for authorisation, To get access to pseudonymised data under Statistics Denmark’s microdata schemes, your institution must be authorised. To obtain authorisation, an institution must have a permanent research/analysis environment, which involves e.g. employing a head of staff and at least three experienced researchers/analysts. To apply for authorisation, you must complete the application form at the bottom of this page., Read more about our requirements to your institution and the application under ‘Types of institutions eligible for authorisation’ and ‘Requirements to application for authorisation’ below., Without authorisation – what are the options?, If your research/analysis environment is not eligible for authorisation, or if you do not want to be authorised, you have the following options:, You can get Statistics Denmark’s Consulting team to perform the analytical task for you. , See how you commission a task with Statistics Denmark Consulting, You can commission a private consultancy that is already authorised to make the analytical task for you. For this, you need a client authorisation. , Note: , This solution is only offered to public institutions and requires that the performing consultancy has access to the data you need, or that you are granted an exemption allowing the consultancy to get access. Find further information under ‘Requirements to application for client authorisation’ below., Apply for client authorisation, To be authorised as a client, you must complete the application form at the bottom of this page. Please note that there are special requirements to the completion of specific fields in the form. Look for guidance under ‘Requirements to application for client authorisation’., Types of institutions that can be authorised, The below environments located in the Danish Realm may be considered for authorisation, if these comply with the application criteria:, The user group is defined under the framework agreement between Statistics Denmark and Danish e-infrastructure Cooperation (DeiC): Publicly funded research and analysis environments (i.e. university departments, government research institutes, ministries, government agencies etc.) as well as charitable foundations in Denmark., In the private sector, the following Danish organisations are eligible for authorisation:, Interest organisations. In this case (and in the case of enterprises), it is relevant to look at the ownership, the staff (education) as well as the tasks solved for public customers in particular. It may be necessary to make inquiries with these customers to get an opinion., Consultancies. However, consultancies cannot get access to business data. The director general may grant an exemption to consultancies allowing them to gain access to business data when carrying out fact-finding or research on business data for a public authority or an interest organisation, provided that this happens with the authority or organisation as data controller., Other enterprises may be authorised but may not get access to data that includes business data., Specifically for Greenland and the Faeroe Islands, According to the General Data Protection Regulation, the Faroe Islands and Greenland are third countries, which is significant in terms of obtaining authorisation:, The Faeroe Islands has obtained an adequacy decision by the European Commission, which means they can be approved as a secure third country. Institutions and enterprises from the Faeroe Islands can thus obtain authorisation on an equal footing with those from Denmark., Greenland has not obtained an adequacy decision, which is why Greenlandic institutions must enter into transfer agreements to obtain authorisation. Until Greenland is approved as a safe third country, authorisation can only comprise public institutions., For both the Faroe Islands and Greenland, the authorised institution must obtain approval from the Danish Data Protection Agency if it wants access to sensitive data according to the Danish Data Protection Act., Requirements to application for authorisation, In order to be eligible for authorisation, your institution must have a high and sustained focus on data security. Statistics Denmark has determined four requirements that you must be able to meet:, In the research/analysis environment, there must be a personnel manager who accepts the responsibility for the authorisation and for overseeing that the rules in the authorisation agreement are kept. This includes continuously ensuring that all persons in need of access are familiar with the rules on access to data and the rules on transfer of results., As a minimum, there must be at least three people in the environment with specific experience in handling large data volumes and solid knowledge of our data security rules. Experience may have been gained, for example, through previous access to pseudonymised data under Statistics Denmark’s microdata schemes, or experience otherwise gained with the handling of register data., For private environments, the research/analysis environment must be at least one year old to be considered for authorisation., The environment must appear from the institution website., If you are a public institution, and your research/analysis environment does not meet the requirements, you can consider commissioning an already authorised private consultancy to solve the analytical task for you. For this, you need a client authorisation. Read more under ‘Requirements to application for client authorisation’., If you have questions about the application for authorisation, please contact , FSEautorisation@dst.dk, . Please write ’Re. application for authorisation’ in the subject field., Requirements to application for Educational authorisation, To gain access to the Master’s Thesis Scheme, an Educational Authorisation is required. In order to be approved your educational institution must be affiliated with a recognized public research university in Denmark that offers Master’s degree programs concluding with a Master’s thesis., In addition, your institution must maintain a strong and continuous focus on data security. Statistics Denmark has established three requirements that must be met:, In the research/analysis environment, there must be a personnel manager who accepts the responsibility for the authorisation and for overseeing that the rules in the authorisation agreement are kept. This includes continuously ensuring that all persons in need of access are familiar with the rules on access to data and the rules on transfer of results., As a minimum, there must be at least three people in the environment with specific experience in handling large data volumes and solid knowledge of our data security rules. Experience may have been gained, for example, through previous access to pseudonymised data under Statistics Denmark’s microdata schemes, or experience otherwise gained with the handling of register data., For private environments, the research/analysis environment must be at least one year old to be considered for authorisation., The environment must appear from the institution website., If the above requirements can be met and you wish to create an Educational Authorisation, please include the following in the application form under "Kort beskrivelse af jeres forsknings-/analysemiljø":, “Educational Authorisation requested for educational institution with the following authorisation number at Statistics Denmark .”, For questions or if you wish to establish a shared Educational Authorisation for several educational institutions under the same faculty/department, please contact , FSEautorisation@dst.dk, . Include “Reg. application for Educational Authorisation” in the subject line., Requirements to application for client authorisation, To be considered for client authorisation, you must enter a cooperation agreement with a private consultancy that already holds an authorisation. In that case, the analytical task will be carried out at your/the client’s responsibility, but based on the specialised environment at the consultancy charged with the task., Client authorisations are only offered to public institutions and require that the performing consultancy can get access to the data you need. Please inquire with the consultancy if this is the case before you apply for a client authorisation., Note:, If you need business data with limited access, you can apply for an exemption on behalf of the consultancy. Read about the possibility of applying for an exemption under , Access to business data, ., You cannot apply for an exemption until you have been client authorised., Guide to application for client authorisation, To apply for a client authorisation you must use the same form as for an application for authorisation (bottom of the page)., All fields in the form must be completed as specified, except for these six:, Under ’Name of institution’ you must add ’- Client authorisation’ , [Example: Agency for xxx - Client authorisation] , Under ‘Name of person responsible for authorisation (head of staff)’, you enter the name of the head of staff in your institution who is going to act as the person responsible for authorisation. For the person in question, this involves e.g. assigning roles in Denmark’s Data Portal and acting as data controller without any supervisory obligation. The supervisory obligation lies with the consultancy charged with the task. Read more about the division of roles under , User roles, ., Under ’Brief description of your research/analysis environment’, you must state the name and authorisation number (1-3 digits) of the consultancy charged with the task , [Example: Name of consultancy, 123], Under ’Number of researchers in your research/analysis environment’, you must enter ’0’, Under ’Number of people in the environment who have specific experience in handling register data/large volumes of data, you must enter ’0’, Under ’Link to the environment website’, you must enter your institution website., If you have questions about the application for client authorisation, please contact , FSEautorisation@dst.dk, . Please write ’Re. application for client authorisation’ in the subject field., How Statistics Denmark assesses applications for authorisation and client authorisation, Assessment of application for authorisation, To assess whether you can be authorised, we make a specific assessment based on your research/analysis environment. In doing so, we focus on your competences in data management and your knowledge of the data security rules that apply for access under Statistics Denmark’s microdata schemes., All authorisations need approval from the director general of Statistics Denmark., If you are approved for authorisation, you must enter into a data processor agreement with Statistics Denmark., Assessment of application for client authorisation, To obtain a client authorisation, your research/analysis environment does not need to be assessed by Statistics Denmark. This is because your analytical tasks will be handled by an authorised consultancy., In the assessment of your application for a client authorisation, Statistics Denmark focuses on whether you are a public institution and whether you have appointed a head of staff as responsible for authorisation., If you are approved for a client authorisation, you must enter into a data processor agreement with Statistics Denmark., Other agreements, documents and guides (in Danish), Autorisationsaftale, Databehandleraftale (pdf), Tilknytningsaftale, Brugeraftale, Read about the rules on transfer of analysis results, Please refer to Statistics Denmark’s Data confidentiality policy and Information security policy, If you have questions about the application for authorisation or client authorisation, please contact , FSEautorisation@dst.dk, .

https://www.dst.dk/en/TilSalg/data-til-forskning/autorisering-af-institutioner