This privacy notice applies for processing of personal data carried out by ISN AS (“ISN”), a Norwegian registered private limited liability company with Norwegian registration number 922 133 905 with business address at Etasje 4 Avd Spaces, Lars Hilles gate 30, 5008 Bergen.
ISN c/o Olav Ludvig Jordal, is the Data Controller, meaning responsible for the manner in which ISN process your personal data.
Personal data means any information concerning a natural person, e.g. name, email address, telephone number or an evaluation that can be linked to a natural person (data subjects).
This privacy notice will provide general information concerning the processing of personal data, including which personal data ISN may process, why ISN may process the personal data and the rights of the data subjects in this regard.
Personal data that may be processed, and our purpose and legal basis for doing so
Generally, ISN only process personal data in relation to contact person of its business customers. The following personal data is processed:
– Name of contact person
– E-mail address
– Dynamic IP-address
– Name of employer
The contact information is necessary in order for our customer’s business representatives to contact us, do business with us and use our website in a secure manner. As the business representatives use our website voluntarily and professionally in the name of their business, we have a legitimate interest according to GDPR Art. 6 (1) f) to collect necessary personal data from the data subjects.
ISN collects personal data directly from the data subjects.
ISN has implemented appropriate organizational and technical measures to protect personal data. We store personal data on servers with limited access located in secured facilities, and our security measures are evaluated on an ongoing basis.
Retention of personal data
ISN has routines that ensures that personal data will be erased in accordance with the General Data Protection Regulation. Generally, we will store personal data as long as the business the data subjects represent are our customer, and the personal data will be anonymized six months thereafter.
If you believe there are grounds for erasure of personal data concerning you, please contact us to request erasure of personal data.
Disclosure of personal data to third parties
Personal data are not disclosed to third parties unless ISN is obligated to disclose such information.
ISN may engage third parties which will process personal data on ISN’s behalf. ISN only engage third parties which has provided sufficient guarantees to implement appropriate technical and organizational measures in such a manner that the processing will meet the requirements of the General Data Protection Regulation and ensure the protection of the rights of the data subject.
Currently, we use
– Microsoft Azure
as a data processors.
Transfer to third countries
We do not transfer any personal data to third countries outside the EEA.
Rights of the data subject
In the event that ISN processes personal data concerning you, you will have the following rights in accordance with the General Data Protection Regulation:
- You have the right to obtain confirmation as to whether or not your personal data is processed by ISN and, where that is the case, access the personal data and information regarding the purpose of the processing, the categories of personal data concerned etc.
- You have the right to obtain rectification of inaccurate personal data concerning you and you have the right to have incomplete personal data completed.
- You have the right to obtain restriction of processing of personal data concerning you.
- You have the right to object to processing of personal data.
- You have the right to obtain erasure of personal data concerning you. ISN will be obligated to erase personal data concerning you unless there are legal grounds for processing the data.
If the legal basis for ISN’s processing is your consent, you have the right to withdraw the consent at any time for any reason.
If you believe that ISN’s processing of personal data is in violation of the General Data Protection regulation, you have the right to lodge a written complaint to your Supervisory Authority. As we are a Norwegian company, our Supervisory Authority is Datatilsynet, which can be contacted on www.datatilsynet.no.
c/o Olav Ludvig Jordal
+47 934 07 912
Lars Hillesgate 30, 5008 Bergen, Norway