Privacy Policy

Westervik Invest is required to process personal data in an open manner (cf. Articles 12 and 13 of the Privacy Policy). This Privacy Statement contains information about your rights in the storage of personal data through a customer relationship and general information on how we process personal information in accordance with applicable privacy laws.

We reserve the right to change or update our declaration. All changes are valid from the time they are posted, and will include information collected from that date as well as existing information. We encourage you to review the statement on a regular basis. If major changes are made that significantly alter our privacy practices, we may also notify you in other ways such as: via e-mail, or on the company's website or social media.

This statement was last updated 02.18.2019.

We are responsible for the processing of our personal data and have the highest responsibility for ensuring that all processing and handling of personal data is in accordance with applicable law. We do not share personal information with others or use the information for any purpose other than that specified.

This Privacy Statement applies to all users of our website. We require users to agree to abide by the Declaration as part of our relationship. By using our website, you agree that your personal data may be processed in accordance with this Privacy Statement, including transferred to data processors and third parties as set forth in this Statement.

We are subject to Norwegian law. You agree that any disputes shall be dealt with by the court in accordance with the laws of Norway, unless otherwise provided by the presidential local law.

We link to websites that are owned and operated by other businesses. We do not have access to and process personal information entered on these sites unless otherwise specified in this statement. We also have no responsibility for the content or processing of personal information on other websites.

We have all intellectual property rights to content on our websites, and reproduction of the contents thereof is only permitted with the written consent of us.

Overview of content

1. When we collect personal information?

2. Your rights

Transparency in own information

Personal data correction

Deletion of personal data

Limitation of processing of personal data Protest against processing of personal data

You can complain about our processing of personal data

3. What is registered when you use our website?

Web analytics

Cookies

4. What is registered when you contact us?

Telephone

E-mail

5. Processing of information when you are in contact with us

Offers and guidance Anonymous surveys Identifiable investigations

6. Information about employees and job seekers Employees

Jobseekers

7. Information security and data processors

Logging

Transfers of personal data outside the EU / EEA

1. When we collect personal information?

You have applied for a job with us

You have requested access or deletion

You have requested quotes, guidance or sent a complaint

We also get information indirectly for the following reasons:

A complaint contains information about you

A job seeker has specified you as a reference

An abnormality message contains information about you An employee has indicated you as the closest relative

2. Your rights

You can exercise your rights by sending an email to sales@fjord-trout.com. You are entitled to a reply without undue delay, and at the latest within 30 days.

   Transparency in own information

You can request a copy of any information we process about you. The information is provided / transferred in a secure manner. Unless you request something else, the information should be provided in a regular electronic form and sent encrypted.

Read more about the right to access

Personal data correction

You can ask us to correct or supplement any information that is incorrect or misleading.

Read more about the right to correct or supplement information

Deletion of personal data

In given situations, please ask us to delete information about yourself. It is possible that we are obliged to keep the information in accordance with applicable law or other obligations.

The Accounting Act requires us to store transaction data for 5 years. In order to safeguard customers' rights in connection with the warranty and claim under the Consumer Purchase Act, the Buying Act and our sales conditions, we store purchase history for 10 years.

Read more about the right to cancellation

Limitation of processing of personal data

In some situations, you may also ask us to limit the processing of your information.

Read more about the right to limitation

Protest against processing of personal data

If we process information about you based on our duties or on the basis of a weighing of interests, you have the right to object to our processing of information about you.

Read more about the right to protest

data portability

If we process information about you on the basis of consent or a contract, you may ask us to transfer information about you to you or to another manager. If technically possible, we can send this information directly to new business. If not, we will send the information to you via email. The information is provided in a regular electronic form and sent encrypted.

Read more about the right to data portability

You can complain about our processing of personal data

If you believe that we have not complied with your rights under the Personal Data Act, please contact us here:

sales@fjord-trout.com 98405922

    

You also have the right to complain to the supervisory authority. This is done by sending a complaint to the Data Inspectorate,

Web: https://www.datatilsynet.no/

Email: mailto: postkasse@datatilsynet.no

Telephone: +47 22 39 69 00

Postal address: Postbox 8177 Dep., 0034 Oslo, Norway

3. What is registered when you use our website?

Web analytics

When you visit our web site, we use the Google Analytics tool, Hotjar, to analyze your use of the website. The purpose of this is to compile statistics that we use to improve and further develop the information on the website. Examples of what the statistics answer are how many people visit different pages, how long the visit lasts, which sites the users come from and which browsers are used.

We also collect keywords used through the search engines on the website. This is only for improving the search results and customer experience, and information that cannot be traced back to the user is collected.

The information is processed in an unidentified and aggregated form. By de-identified is meant that we cannot trace the information we collect back to the individual user. We collect the entire IP address, but the IP address is unidentified so that only the first three groups in the address are used to generate statistics. That is, if the IP address consists of the numbers 195.159.103.82, only 195.159.103.xx is used. In addition, the IP addresses are processed at the aggregate level, ie all data is merged into one group and not processed individually.

Cookies

Storing information and processing information from cookies is not permitted unless this is done in accordance with the Electronic Communications Act. We use cookies for different services on our website to work. The basis for this is the Electronic Communications Act § 2-7b.

NKOM is the authority for the Electronic Communications Act and the regulation of cookies.

Read more about the Electronic Communications Act and regulation of cookies.

Read more about how to manage cookies (nettvett.no)

Cookies are small text files that are placed on your computer when you download a website. These are usually used to enhance your user experience and remember who you are, so you stay logged in. If you want to avoid using cookies, you can set your browser to not accept them. See the browser's help pages for settings. Please note that if you choose to exclude cookies, several of the features of the website may cease to function.

Cookies used can be found on this link: https://www.fjord-trout.com/cookies
Explanation of some terms used in the overview.

The person responsible for the treatment is: the person who determines the purpose of the processing of personal data and

which aids are to be used.

Data Processor is: the person who processes personal information on behalf of the person responsible for the treatment.

Consent is: a voluntary, express and informed statement by the data subject that he or she accepts the processing of information about himself.

First-party cookies: are required for the website to work.

Third Party Cookies: Used for analysis, marketing and personalization of the website.

4. What is registered when you contact us?

Telephone

When you call us, your phone number will be stored along with details of when you called and how long the call lasted. If a phone call is linked to a single case, a note may be written that is recorded after the call. No other systematic registration of telephone calls is made where callers can be identified.

E-mail

The basis for this is the Article 6 (1) f Privacy Act, which allows us to process information that is necessary to safeguard a legitimate interest that weighs heavier than the individual's privacy. The legitimate interest is to secure our ICT infrastructure.

5. Processing of information when you are in contact with us

Offers and guidance

When you contact us for quotation and guidance, we will process information to answer your question. We store information that is needed to respond to your inquiry. If you call us, we will store your phone number and the time of the call. If you contact us by email, we will store your inquiry, our reply and your email address.

Anonymous surveys

If the survey is anonymous, we will not collect any information that can be linked to you. Identifiable investigations

If the survey is not anonymous, we can identify those who have answered the survey. The processing basis for this is the article 6, no. 1 a), the Privacy Regulation, in which you consent to our processing of information about you.

We use to conduct surveys.

6. Information about employees and job seekers

Employees

We process information about employees and to manage salaries and working conditions. Necessary information is recorded for the payment of wages, such as basic data, salary level, time registration, tax rate, tax municipality and union affiliation. Other information about employees is related to his / her work instructions and adaptation of his / her work.

The basis for processing this is the personal data protection regulation article 6 no. 1 b), the processing is necessary to fulfill an agreement the data subject is party to.

In addition, information related to key administration of entries and exits, and information on access management in the IT system are recorded. The information is obtained from the employees themselves. The information is only disclosed in connection with salary payments and other statutory deliveries. Plain routines for personal information follow the Accounting Act and the Archives Act. Information about the name, position and work area is considered to be public information and can be published on our website.

All previous and current employees have a personal folder in our archive system.

Here, among other things, the job application is filed / stored. Personnel folders must be preserved (ie the job application is not deleted or shredded). Personal folders will be cleared upon expiry of employment.

Jobseekers

If you apply for a job with us, we need to process your information to evaluate your application.

The basis for processing this is the Privacy Regulation Article 6 (1) (b) - the processing is necessary to fulfill an agreement the data subject is party to, or to implement measures on the data subject's request prior to the conclusion of a contract. If your application contains specific categories of personal data, the processing basis is our privacy regulation, article 9 no. 2 b) and h).

All job applications will be filed. These are stored in our electronic archive for 6 months before being shredded. All other documents, such as search lists and settings, as well as all job-level job applications, are retained.

7. Information security and data processors

We have good routines and extensive measures to ensure that unauthorized persons do not have access to your personal data and that the processing of data takes place in accordance with the requirements of the applicable legislation. Examples of such measures are risk assessments, implementation of organizational and physical measures, access management and filing routines, as well as routines for managing data and following up requests for access, correction and deletion rights.

For example, we use strong passwords, data encryption, access control, backup, and two-factor authentication to secure the data and prevent any unauthorized person from accessing, modifying, deleting, or in any way affecting the data we hold, including personal information.

Only reputable providers of IT and administration services such as web hosting, web site security and PC, virus software, email provider, backup, and more are used. We only allow others to access and / or process your personal information according to our instructions and only where strictly necessary.

We have established routines for handling breaches of data security, and we will, by nonconformity, send a non-conformance report to the Data Inspectorate within 72 hours after the detected breach. If the breach entails a high level of privacy risk, we will also notify affected persons

We may use the information we collect about you when we have reason to believe that it is necessary to identify, contact, or take legal action against individuals or companies that may harm you, us, or others. We can also disclose your information when we believe the law requires it

Logging

We have general security logs in the professional systems, and the security officer has been delegated responsibility for this. It is the employees' use of the professional system that is registered here.

The basis for this is the Article 6 (1) (f) Privacy Regulation, which allows us to process information that is necessary to safeguard a legitimate interest that weighs heavier than that of the individual's privacy. The legitimate interest is to secure the Authority's ICT infrastructure.

Transfers of personal data outside the EU / EEA

We may transfer certain personal data outside the EU / EEA, for example where we use suppliers outside the EU / EEA to handle the sending of newsletters, to process customer information, to make available products and services on our website, to enable payment, for security on Our website and otherwise to be able to run our business safely and efficiently.

The transfer of personal data to outside the EU / EEA is only permitted to countries approved by the EU Commission or under the necessary guarantees under the Privacy Policy. This may be the Privacy Shield for suppliers we use in the United States, the use of EU standard contracts, or binding business rules. If you want to know which suppliers we use outside the EU / EEA and get access to documentation of necessary guarantees, please contact us by e-mail.