Privacy policy Datakvalitet AS
Updated 07.03.2024
Version 2.2
This Privacy Policy aims to explain what we collect from personal data, how it is stored and processed in DataKvalitet AS, as well as what kind of legal basis we have for this use.
The policy has been prepared with regard to compliance with applicable data protection legislation (Personal Data Act-2018-12-20-116).
Responsible for the processing
971 511 710 Datakvalitet AS
Storgata 74, 9008 TROMSØ
www.datakvalitet.no
emil@datakvalitet.no – Emil Rakoczy
This is the contact information you can use if you have any questions or inquiries regarding the processing of your personal data.
What personal data do we process?
In contact with our customer service, or via our website, we ask you to provide the following information in many cases:
- Name
- Billing address
- E-postal address
- Mobile phone number and/or landline
Informance above is necessary to comply with the contractual obligation to you as a customer. We use this to invoice you, as well as document technical solutions and customer relationships. On the same basis, the contact information will be used to contact you with information about Datakvalitet AS, associated products and other information that may be relevant to your customer relationship. This will primarily happen by e-mail. In order to assist you with complaints, as well as meet legal requirements for bookkeeping and accounting, the information will be kept in the accounts in order to comply with the authorities’ legal requirements at all times.
As of today, this is a minimum of 5 years cf. Section 13 of the Bookkeeping Act. The legal basis for this storage is Article 17 3-b).
Notes on customer relations
When you contact customer service regarding your customer relationship with Datakvalitet AS, we take notes on the cases you bring to us. We keep these notes throughout the customer relationship and for up to 36 months after the customer relationship has ended. This is to be able to assist you with questions or other aspects after the customer relationship has ended.
Email communications
General communication:
What you choose to submit of information to one of our publicly operated email boxes will be stored for up to 12 months. We store job applications for up to 24 months in case vacancies occur at a later date.
E-mail to employees:
E-mails you send to our employees we normally do not have access to as they are protected by the individual employee’s privacy. However, we may request access to these under special circumstances cf. the Working Environment Act and associated regulations. However, in the event of a request for access, we as a company will not be able to review our employees e-mails.
Backup:
All emails also end up in our backup rotation that can entail storage for a longer time, up to 36 months, but normally seen after 30-45 days. If you request that your information be deleted or corrected, we will ensure that this also occurs in the event of a backup recovery. Beyond this, your data will be deleted automatically by natural rotation in backup.
Protection against legal claims:
We will need to preserve relevant communications in order to defend ourselves against any future legal claim cf. Article 17 3-e). For simple monetary claims, the statement period is 3 years, while in cases of injury, the statption period can be 20 years. Different period of limitation apply, but at a minimum 3 years apply cf. Section 2 of the Obsoles Act. This means that all information and communications you send us may be considered for storage for a minimum of 3 years.
Competitions and promotions
If you participate in competitions and promotions, information will typically be collected as above, depending on what is requested in the activity in question. Participation in these types of activities is voluntary and consent-based.
Seminar, workshop og events
If you attend seminars, workshops or events held in collaboration with named suppliers, these providers will have access to your registration information as you sign up. The co-hosts are the joint controller of the data and, where applicable, will be referred to the parties’ privacy policy.
Basis for processing personal data
The basis for processing is primarily that Datakvalitet AS shall fulfil the agreement with you as a customer cf. Article 6 b), but also the company’s legitimate interests in Article 6 f).
Datakvalitet AS is also subject to obligations as a result of Norwegian legislation. This may include, for example, the Bookkeeping Act and the Accounting Act:
https://lovdata.no/pro/#document/NL/lov/2004-11-19-73
https://lovdata.no/pro/#document/NL/lov/1998-07-17-56
This gives the basis of Article 6 c)
Activities beyond agreement fulfillment and legal requirements will be based on your consent.
What do we use your personal data for?
We process your personal data for the following purposes:
Fulfilment of contractual obligations related to customer relationships
When you are a customer with us, we use your information to invoice for purchased goods and services, as well as assist employees of our customers with assignments, support and complaints.
Provide you with relevant advice, follow-ups and offers
Datakvalitet AS is a company in constant development. We have to adapt to the market and the wishes of our customers. As a natural part of this development, there will be new products, changes to existing products or other conditions that make us want to contact you as a customer. For this we use your contact information. When we send out information to you, we may use external services and providers for that dispatch.
Establish customer profile
When you become a customer with us, we will establish a customer profile with us based on the information you provide to us. We do this in our customer follow-up system, which is also the system we use for, among other things, invoicing.
If you contact us via customer service
When you contact us by e-mail, phone or sms, the activity and content will be logged in our customer systems. Among other things, we log how long we spend answering the phone and who is hanging up the call. This is to ensure the quality of our customer service so that you are always treated in the best possible way when you are in contact with us. We also take notes during customer care so that it is easier for a new case officer to help you if you call again about the same case.
Electronic marketing after customer relationship has ceased
If you have consented to it, we will retain your information even after you have left our customer. This may be to contact you, if we see changes in products and markets may cause you to be better served by coming back to us. This consent, if granted, may be withdrawn at any time.
At the same time, on a similar basis, we may, with your consent, retain your contact information for the purpose of promoting our products and services to you.
Promotions and surveys
If you participate in promotions or surveys, we may collect your contact information for the purpose of contacting you if you win a prize.
Who can access your personal data?
Companies in the Group.
Partners with whom we have entered into a written data processing agreement will in some cases assist us with business processes such as financial processes, sales and marketing. These will process your data on our instructions, but we will be the data controller and assist you should you have any questions about this. They will not be able to use your data on their own initiative and they will be deleted after the assignment for us is carried out.
The exchange of information between us and these companies is regulated by a data processing agreement and is under our control. For example, if you send us a request for access, rectification or deletion, we will ensure that this request is made with all our subcontractors as well.
Information requested by public authorities pursuant to the Act will also be disclosed at their request. This could be, for example, the Tax Administration through book inspections or other public authorities we are subject to.
Access from abroad
We use some subcontractors that store data outside the Norway. The companies are subject to similar legislation as in Norway. If data is stored outside the EU/EEA, we will secure it with protection similar to those in Norway, through the Privacy Shield (EU vs USA) or similar. Where possible, we will seek to use suppliers who store data in the EU/EEA.
Social media
On social media, we only keep the information you have chosen to provide to us. Either by linking one of your social profiles to our services or by contacting us yourself on social media. If you have any questions about what we keep about you on social media or if you wish to delete, please contact us.
When you remove our access to one of your social profiles, we will automatically lose the information you have made available to us.
We regularly review our social media and delete expired information. Information you control yourself, such as feedback, likes, ratings, and more, you must remove yourself.
Erasure of personal data
In consumer circumstances, Datakvalitet AS routinely deletes the information we store about you 6 months after termination of customer relationships. Please note that we may ask for your consent to keep your contact details longer in order to contact you afterwards.
In business between companies where your personal data is included, these will be subject to retention
We will be required by law to retain certain information for up to 5 years after the customer relationship has ended, cf. the Bookkeeping Act and the Accounting Act.
If it is appropriate, we will also be able to anonymise your personal data so that it can no longer be linked to a natural person, but may still be used by us for, for example, anonymised history or statistics.
Your rights
You have the right to request access to the information we have stored about you.
You have the right to request a correction if information is incorrect.
You have the right to request deletion of information.
You have the right to withdraw your consent.
Read more about your rights at the audit: www.datatilsynet.no
Changes
This privacy policy will be under ongoing internal control and annual internal audit in the company. This may result in changes or clarifications being made. The latest prepared version will be available on www.datakvalitet.no. All amendments will be in accordance with the applicable legislation at all times.
Privacy policy for mobile app
Datakvalitet The APP is a mobile device application used to read published documents and record messages in a quality system.
The application can be configured to request information that can be linked to you as an individual:
- Pictures
To be able to offer uploading attachments to messages. - Position
To be able to record location in messages.
The application requests access to this information at startup, but it is collected only if the user actively enters it in a message.
How is this information used?
No information is sent to Datakvalitet. All the information is sent to the company’s own quality system.
If you have any questions about privacy, please contact us by phone or email.