Norwegian version of this page

Frequently Asked Questions

Here you can find answers to frequently asked questions related to the termination of access to certain services through UiO Google accounts.

What should I do?

See the step-by-step instructions on what to do if you have received an email about this issue on this page.

What has happened?

It has been discovered that some users at the University of Oslo (UiO) have connected their UiO Google accounts to third-party apps and services that have not been assessed for privacy and IT security, and that are not approved for use within the organization.

This may have led to an information security incident.

As a preventive measure access to these services will now be terminated.

Who is affected?

Users who have connected their UiO Google accounts to unapproved third-party apps or services will receive an email specifying the actions that must be taken.

I wasn’t aware that I had used this service!

It is easy to connect a third-party app to your UiO account without realizing it — for example, when testing an app, clicking “Sign in with Google,” or using a service that requests access to UiO data via Google.

Even if this happened unintentionally, the service may still have gained access to information from UiO.

The connection is therefore being removed to protect UiO data.

How clearly each service requests permission, and what type of data it accesses (such as files, contacts, or profile information), varies.

Many of these services may also be outdated and no longer in active use.

In short: you may have granted access without realizing it, and UiO is now removing this connection to protect your and the university’s data.

I don’t recognize the service mentioned in the email

If you do not recognize the service, you can check it under your UiO Google account here:
myaccount.google.com → Third-party apps & services

Please review whether you recognize the name of the service and whether you have used it.

Will I lose access to my UiO account or Google services at UiO?

No. Removing access for an external app or service does not affect your UiO account or your access to Google services.

You will continue to have normal access to UiO Google services such as Google Drive, Docs, Sheets, and Slides.

What does it mean that I have given consent or permission to a service?

When you log into a third-party app using your UiO Google account, you are granting the service permission to access certain information from your Google account.

The data accessed varies from app to app, but may include, for example:

  • Your user profile

  • Files stored on Google Drive

By granting this permission, the service may read, modify, or use these data in accordance with the consent you provided.

Example: When you click “Sign in with Google,” a window may appear listing which data the app requests access to. That was the consent you gave when connecting the app to your UiO account.

I am a student — does this apply to me?

Yes. Both employees and students may have connected third-party apps to their UiO Google accounts.

Why must I delete data in the services if access is already removed?

Removing access only stops new access to your UiO data — it does not delete any data that has already been stored with the third-party provider.

You must therefore also delete UiO data directly in the app or service to ensure that all university-related data are removed.

I can’t log in to the service to delete my data — why?

Many services are connected to your UiO account via Google login, meaning you do not have a separate username and password for that service.

If you try to log in using a local username/password, it will often not work.

To gain access for deletion:

  1. Choose “Sign in with Google”, “Logg inn med Google”, or a similar option.

  2. Use your UiO account credentials to log in.

  3. Follow the instructions provided in the step-by-step guide.

If you still can't log in to service it might be outdated and no longer in active use, and no action is required.

I used my UiO Google account to log in to a service for a personal purpose. Why is that a problem?

Even if the service was used for private purposes, logging in with your UiO Google account poses a risk:

  • The service gains access to UiO-related data (such as user information or files).

  • UiO is responsible for the security and privacy of data associated with UiO accounts.

  • UiO accounts must therefore not be used for personal services.

  • If your UiO affiliation ends, you will lose access to your UiO account — and thus any data stored there.

If you wish to continue using the service for personal purposes, you should create a new account using your private email address.

Can UiO help me retrieve data from the service?

No. UiO cannot retrieve data from third-party apps or services, as UiO does not have a data processing agreement or administrative access to these services.

You must delete or export the data yourself, or contact the service provider’s privacy contact (Data Protection Officer) for assistance.

How does UiO know that I have used this service?

The UiO Admins at the IT Department maintains an overview of which third-party services have been connected to UiO Google accounts in order to manage and secure UiO’s Google environment.

UiO can see which apps have been granted access, but:

  • Only designated IT security personnel have access to this information.

  • UiO cannot see your content or activity within the service.

When and under what circumstances did I use the service?

UiO does not have detailed information about when or under what circumstances you used the service.

UiO can only see that the service was granted access to your UiO Google account — not how, when, or why you logged in.

Can I get an extension to retrieve my data or delete my account?

No, unfortunately the deadline cannot be extended.

If you do not retrieve your data and delete your account before the deadline, you must contact the service provider’s privacy contact (Data Protection Officer) in writing to request deletion, following the instructions on this page.

Can UiO decide which services I can use?

UiO does not control which services you use for private purposes.
However, UiO is data controller for information processed in connection with work and studies — including personal data, research data, email, and documents.

This means UiO can and must set requirements for which services can be used with UiO accounts, to ensure that:

  • Privacy and information security are properly maintained

  • Data are handled in compliance with legal requirements (GDPR, confidentiality, and security obligations)

  • Necessary agreements are in place with service providers

Why is access being removed?

Users have signed into various external apps or services using their UiO Google accounts. Through these connections, the apps have gained access to information or files available to the user in UiO’s Google services. Because these accesses were not pre-assessed by UiO, UiO cannot guarantee that the data have been handled in accordance with legal requirements for security and privacy.

In some cases, UiO Google accounts have also been used to log into services for private purposes.

Can I request approval of a service I would like to use at UiO?

UiO aims to offer a wide range of digital services that meet users’ needs while safeguarding privacy, information security, and other legal requirements.

All services must be assessed and approved before they can be used, and must be properly managed while in use.

Since this process is resource-intensive, UiO avoids approving multiple services that fulfill the same purpose.

The IT Department accepts requests for evaluation of new services if the need is not already covered by existing solutions. Such requests must be endorsed by a unit leader at UiO.

You can read more about this process on our contact page.

What if the third-party service is no longer active?

If you try to log into a third-party app or service and it is no longer available, or you are notified that the account is inactive, no further action is needed, as there is no active connection or consent remaining to withdraw.

The service I used is approved by UiO — why did I still receive an email?

If you have received an email instructing you to delete your account in a service that is actually approved by UiO, there may be several explanations:

  • You may have used the wrong login method, such as “Sign in with Google” instead of the approved method (e.g., Feide or UiO Weblogin).

  • An error may have occurred, and the connection was incorrectly flagged for removal.

In this case, please contact the UiO IT Department through the official contact channel listed for this incident.

Published Oct. 16, 2025 - Last modified Oct. 16, 2025
E-mail this page