Notice regarding the processing of personal data at Statens Serum Institut

Statens Serum Institut (SSI) processes personal data in the course of carrying out its tasks as a public authority. The purpose of this notice is to describe how we collect, process, and protect personal data, as well as the circumstances under which it is shared.

SSI is an institute under the Ministry of the Interior and Health. The primary tasks of SSI are regulated by Section 222 of the Danish Health Act. These tasks include:

  • Preventing and combating infectious diseases, congenital disorders, and biological threats.
  • Acting as a central laboratory for diagnostic analyses, including reference functions.
  • Performing tasks in accordance with international obligations related to crossborder health risks.
  • Ensuring the supply of vaccines for public vaccination programs and emergency preparedness products through procurement, storage, and distribution.
  • Participating in the operational preparedness against infectious diseases, biological terrorism, and veterinary emergencies.
  • Conducting scientific research.
  • Providing advice and assistance in areas relevant to SSI's responsibilities.
  • Operating and managing the Danish Microbiology Database (MiBa).

Additionally, SSI is tasked with managing the Danish Vaccination Register (DDV), as stipulated in Section 157a, Subsection 1, of the Danish Health Act.

If you have been in contact with SSI, or if fulfilling one of our official tasks has made it necessary, we process personal data about you. SSI is the data controller for the processing of your personal data. At this site, you can learn how SSI collects, processes, protects, and, if applicable, discloses personal data about you, as well as your rights under data protection regulations.

You have various rights under the GDPR

Have you been in contact with SSI?

Have you been vaccinated or invited for vaccination?

Has a sample from you been analyzed at SSI?

Have you had a newborn blood spot test?

Have you been tested for an infectious disease that SSI is responsible for monitoring, preventing, and combating?

Has your test result been reported to the Danish Microbiology Database (MiBa)?

If residual material from you is stored in the Danish National Biobank

If information about you is included in a research project at SSI

Have You Applied for a Position at SSI?

Have You Visited Our Website?

If SSI Analyzes a Sample from Your Livestock

If You Have Requested an Unregistered Vaccine or Autovaccine for Veterinary Use from SSI

Have You Been Tested for COVID-19?

If the Coronapas App Is Installed on Your Mobile Device

Data Processors and Confidentiality

SSI utilizes various data processors to perform tasks on its behalf. This is done in compliance with data processing agreements to ensure that the processing of data occurs strictly according to SSI's instructions and in adherence to the General Data Protection Regulation (GDPR) and the Danish Data Protection Act. A data processor does not use the data for their own purposes but solely for performing a specific task for SSI. Once the processor’s task is completed, the data is deleted and/or returned to SSI.

Responsibility for basic IT operations within the Ministry of the Interior and Health, including SSI, was transferred to the Ministry of Finance through a Royal Resolution on September 8, 2021. Statens IT was assigned responsibility for basic IT operations as per this resolution. Consequently, Statens IT will, in many cases, act as a data processor for SSI and process personal data on behalf of SSI. The Royal Resolution has been published in Executive Order No. 1845 of September 23, 2021.

All personal data accessed by SSI employees must be treated confidentially. This includes compliance with the rules on confidentiality under the Danish Public Administration Act and the Penal Code. Confidentiality obligations apply both during and after employment. Violations may, depending on the circumstances, result in disciplinary or criminal sanctions.

Our Contact Information

Statens Serum Institut
Artillerivej 5
2300 Copenhagen S
CVR No.: 46837428
Phone: +45 3268 3268
Email: serum@ssi.dk
If you have questions regarding our processing of personal data or your rights, you can contact SSI’s Data Protection and Information Security Department by sending an email to ssidatabeskyttelse@ssi.dk, where you can also request a callback.
If your inquiry contains confidential information about yourself or another person, you should always send your inquiry via Digital Post.
Read more about secure communication with SSI (Danish language)

Data Protection Officer (DPO)

The joint DPO for the Ministry of the Interior and Health is Helle Ginnerup-Nielsen. The DPO can be contacted by sending an email to databeskyttelse@sum.dk.
For more details on how to contact the DPO, please visit the Ministry of the Interior and Health's website.

Complaints

If you wish to file a complaint about SSI’s processing of your personal data, you should contact the Danish Data Protection Agency:

Danish Data Protection Agency
Carl Jacobsens Vej 35
2500 Valby
Phone: +45 3319 3200
Email: dt@datatilsynet.dk