Privacy Policy
The company is referred to as “we,” “us,” “our,” or “ours.”
- Data Controller and Contact Information This privacy policy explains how we collect and use (process) personal data in our business. We are the data controller for the processing.
- Your Rights If you wish to exercise one of your rights, you can contact us. You are entitled to a response as quickly as possible, and no later than 30 days. Read more about all your rights on the Norwegian Data Protection Authority’s website.
General Rights:
- Access to and correction of your data: You can request a copy of all the information we process about you and ask us to correct any inaccurate information.
- Deletion or restriction: In some situations, you can ask us to delete and/or restrict the processing of information about yourself.
- Object to processing of personal data: If we process information about you based on legitimate interest, you have the right to object to it.
- Data portability: If we process information about you based on consent or a contract, you can ask us to transfer the information about you to you or another data controller.
- You can file a complaint with the Norwegian Data Protection Authority about our processing of personal data. We hope that you will contact us directly first, so we can try to resolve the matter for you in a satisfactory way.
Who We Process Personal Data About We process personal data about:
- Customers.
- Customers’ customers if the delivery of the service requires it.
- Potential customers.
- Contact persons at suppliers and partners.
- Visitors to the website.
- Job applicants.
- Employees.
- Former employees.
- Customers’ employees if the delivery of the service requires it.
- Customers’ former employees if the delivery of the service requires it.
How We Collect Personal Data
It is voluntary to provide personal data to us. However, to deliver products or services, we need a range of information from you to complete the delivery. We do not rent, buy, or sell personal data from/to others. We do not use automated decisions or profiling in processing your personal data.
We process personal data when someone:
- Enter into an agreement with us for the purchase of products/services.
- Send us an email, SMS, social media message, or other correspondence.
- Signs up for any potential newsletters.
- Orders content from us, free and paid.
- Signs up for events (courses, lectures, workshops, etc.) organized by us, free and paid.
- Uses our website (see the section on cookies).
- Leaves a comment on our website.
- Submits an inquiry via communication tools or contact forms on our website.
- Responds to a survey.
Categories of Personal Data, Purpose, and Legal Basis
We process personal data based on the following legal grounds in Article 6(1) of the GDPR:
- “Consent”: when you have given us your consent.
- “Contract”: to fulfill an agreement that you are a part of, or to take measures at your request before entering into an agreement.
- “Legal obligation”: to fulfill a legal obligation.
- “Legitimate interest”: to protect a legitimate interest that we believe outweighs the individual’s privacy concerns.
We process personal data related to: Inquiries from you, including communication, support, customer service, etc. When you contact us via the website (contact form, communication tools), by email, phone (calls, text messages), or social media, we process personal data. Depending on where and how you send us a message, this may include contact information, IP address, and other information you choose to send us.
The purpose is to respond to inquiries from you, for historical purposes, and to have documentation in case we receive complaints, claims, or legal actions. The legal basis is GDPR Article 6(1)(f), where the legitimate interests are to respond to inquiries from you, for historical purposes, and to have documentation in case we receive complaints, claims, or legal actions.
Inquiries that we are required to keep as documentation in connection with a complaint/dispute case are stored until the deadline for filing complaints has expired (two or five years). Accounting material is kept for up to five years, according to the rules in the Accounting Act.
Purchase of products and services
When you purchase products and services from us, we process personal data such as contact information, order and payment information, and purchase history.
The purpose is to deliver products and services to you upon order/purchase, and to maintain a history of sold products and services. The legal basis is GDPR Article 6(1)(b) contract, or (c) legal obligation.
Accounting material is kept for up to five years, according to the rules in the Norwegian Accounting Act.
Marketing in existing customer relationships When you become a customer, we process personal data as mentioned above. If you have an existing customer relationship with us, we may send you marketing by email and SMS, in accordance with the Marketing Act § 15, as well as the guidelines from the Consumer Authority.
The purpose is to provide good customer service. The legal basis is GDPR Article 6(1)(f), where the legitimate interests are to offer you relevant products and services. The legal basis may also be GDPR Article 6(1)(a), where you have given us your consent. You can unsubscribe from marketing by email and SMS at any time.
Information on how to unsubscribe is provided in all emails and SMS messages we send related to marketing. The information is kept until the registered person requests to be deleted.
Newsletters We may send newsletters via email, with articles, blog posts, discounts, offers, free templates, checklists, and similar.
The newsletters may occasionally also contain information about our products and services. When you subscribe to newsletters, we process personal data such as contact information and IP address.
The purpose is to inform you about relevant news and offers, as well as to provide good customer service to potential and existing customers.
The legal basis is GDPR Article 6(1)(a) consent. It is voluntary to subscribe to newsletters, and you can withdraw your consent (unsubscribe) at any time by clicking “unsubscribe” or “unsubscribe” or “unsubscribe” at the bottom of one of the emails. The information is kept until the registered person requests to be deleted.
Job Applications and Employment When you apply for a job with us, we process personal data such as contact information, CV, and other information we need to assess your application. The legal basis is GDPR Article 6(1)(b) contract, and possibly Article 9(2)(b) and (h) if your application contains special categories of personal data. The information is stored as long as it is relevant to the purpose and is then deleted.
For employees, we process personal data as mentioned above, in addition to information necessary to pay salaries and otherwise administer the employment relationship. The legal basis for this is GDPR Article 6(1)(b), and possibly Article 9(2)(b) and (h) for special categories of personal data. Information about employees is generally deleted when the employment relationship ends, unless special reasons (such as disputes about termination or dismissal) make it necessary to keep them longer. Information related to payroll administration is kept for up to five years, according to the rules in the Accounting Act.
Events, including Digital When you participate in free events with us, we collect and process personal data such as contact information. For paid events, we also collect order and payment information. The purpose is to offer customers and potential customers relevant courses, lectures, and workshops.
The legal basis is GDPR Article 6(1)(a) consent or (b) contract. The information is kept until you withdraw your consent and possibly request that it be deleted, or, in the case of a contract, up to five years according to the rules in the Accounting Act.
Surveys We always inform about the purpose of surveys we conduct and whether they are anonymous or not. We do not share the information with others or use it for purposes other than what we have specified. In anonymous surveys, no personal data is collected.
The legal basis for surveys that are not anonymous is GDPR Article 6(1)(a) consent. The information is stored as long as it is relevant to the purpose, or until you withdraw your consent and possibly request that it be deleted.
Suppliers, Partners, and Data Processors When you enter into an agreement with us either as a supplier, partner, or data processor, we process personal data such as contact information. Other information is normally related to a business, and thus not personal data.
The purpose is to enter into such agreements, and the legal basis is GDPR Article 6(1)(b) contract. Information is kept for up to five years, according to the rules in the Accounting Act.
Use of the Website When you use our website, we process personal data such as IP addresses and other technical data, collected through cookies and analytics tools.
The purpose is to provide you with good user experience and to create statistics to improve and develop our website and service offerings. The legal basis is GDPR Article 6(1)(f), where the legitimate interests are to provide you with a good user experience, as well as the improvement of our website and service offerings.
Who We Share Personal Data With
To operate our business, we sometimes need to share your personal data with parties such as:
- Data processors: Providers of various services and products who process your personal data on our behalf (e.g., for IT and administrative services, accounting, cloud storage, web hosting, email distribution, and similar).
- Professional advisors from industries such as legal, finance, accounting, auditing, and insurance.
- Support for IT and administrative systems.
- Public authorities to whom we are obligated to report.
We require all parties with whom we share your personal data to secure your data in accordance with good information security practices and the requirements of the GDPR. We enter into data processing agreements with all suppliers.
Transfer of Personal Data Outside the EU/EEA
In some cases, your personal data may be transferred outside the EU/EEA, for example, when we use suppliers outside the EU/EEA for newsletter distribution, handling customer data, making products and services available on our website, enabling payments, securing our website, and otherwise operating our business safely and efficiently.
Transfers of personal data outside the EU/EEA are only permitted to countries approved by the European Commission or under necessary safeguards as per the GDPR. This could include the Privacy Shield for suppliers we use in the USA, the use of EU standard contractual clauses, or binding corporate rules. If you want to know which suppliers we use outside the EU/EEA and access documentation of necessary safeguards, you can contact us.
Security
We take information security seriously and will always do our utmost to protect your personal data in the best possible way. This includes using strong passwords, data encryption, access control, backups, and two-factor authentication to secure our data and prevent unauthorized access, alteration, deletion, or any other impact on the data we store, including your personal data.
We only use reputable providers of IT and administrative services such as web hosting, security for the website and PC, antivirus software, email providers, backups, and more.
We allow others to access and/or process your personal data only in accordance with our instructions and only when strictly necessary (e.g., for IT support).
We have established procedures for handling data security breaches, and in the event of a breach, we will report the incident to the Data Protection Authority within 72 hours after the breach is discovered. If the breach results in a high risk to personal privacy, we will also notify the affected individuals.
Cookies and Analysis Tools on This Website
What are cookies?
A cookie is a text file that is stored in your browser when you visit a website. Below, we describe how we use cookies and analysis tools on our website in accordance with the Electronic Communications Act, specifically the “cookie section”: 2-7 b Use of cookies.
Disabling or Deleting Cookies
You can turn off and/or delete cookies in your browser settings. On the website nettvett.no, you can learn how to do this for most browsers. There, you can also learn more about safer internet use. However, if you disable or delete cookies, it may alter your user experience on a website, and some services may no longer function properly.
Affiliate Links / Sponsored Links
We may recommend various products and services through affiliate links (sponsored links) that are uniquely created for us. When you click on such a link, a cookie is stored in your browser, allowing any potential purchase to be tracked. We always clearly inform about the use of such links.
Consent to Cookies
We use cookies. We may use cookies to personalize content and ads, provide social media features, and analyze our traffic.
Your consent applies to this website.