Your privacy is important to Bertel O. Steen Power Solutions (hereinafter Bospower), and we are committed to protect the confidentiality, integrity and availability of your personal data. All processing of personal data in Bospower shall comply with current privacy legislation, including the General Data Protection Regulation and the Norwegian Personal Data Act (personopplysningsloven).
The Managing Director of Bospower is responsible for all processing of personal data by Bospower. The responsibility for the daily follow-up of our compliance with privacy legislation is delegated to the CFO.
Bostek determines the purposes and means of the processing of personal data. For this reason, Bostek shall be considered as data controller for the processing of personal data as set out below.
Our processing of personal data
Bospower processes personal data for the following main purposes:
- Processing of personal data as part of customer management To fulfil agreements with our customers, it will be necessary for us to process name, contact information and e-mail. Furthermore, it is required of us to disclose employee personal data in connection with tenders where security clearance is required.
- Processing of personal data as part of supplier management In order to fulfil agreements with our suppliers, it will be necessary for us to process name, contact information and e-mail. Furthermore, it is required of us to disclose employee personal data in connection with tenders where security clearance is required.
- Processing of personal data for marketing purposes Like most other businesses, we have a legitimate interest in marketing our services. If we have an existing customer relationship with you, we will send you relevant information related to our services. This could include sending event invitations, information about current products and newsletters. In this context, we will process contact and participant information. Marketing beyond this will be based on your consent.
- Processing of personal data as part of control measures To protect and prevent unauthorized persons from gaining access to Bospower’s property, we have installed outdoor camera surveillance on our premises. The log from the surveillance system can, under certain conditions, be used to investigate / resolve security breaches on our premises.
Legal basis for processing personal data
The legal basis for processing personal data in connection with customer and supplier management is GDPR Article 6, paragraph 1, letter b, the processing is necessary for the execution of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
The legal basis for processing personal data in connection with security clearance is GDPR Article 6, paragraph 1, letter c, the processing is necessary for compliance with a legal obligation to which the data controller is subject.
The legal basis for the other processing of personal data as mentioned above is the GDPR Article 6, paragraph 1, letter f, the processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.
How long do we retain your personal data?
We will only retain your personal data for as long as it is necessary to fulfil the purposes we collected it for. For example, the Bookkeeping Act (bokføringsloven) requires us to keep accounting documentation for five years.
Furthermore, we will delete personal data about you if you request us to do so, unless we have a legal basis or a statutory obligation to retain your personal data.
Do we share your personal data?
We will share your personal data with government authorities to the extent it is necessary to fulfil our legal obligations. Beyond this, we will not share your personal data with other businesses unless you consent to this.
Use of processor
Personal data processed by Bospower is stored on servers in Norway and Europe. We do not store personal data in countries outside the EU / EEA. Information security
We take information security seriously and have established appropriate security measures to protect the confidentiality, integrity and availability of your personal data. Access to your personal data is limited to employees who have a need for such access. We will provide training to employees and third parties where it is relevant to promote awareness of our privacy policies and practices.
You have a right to access, request rectification and erasure of personal data, and to restrict processing, as well as the right of data portability. In addition, you may withdraw your consent to processing of personal data at any time. You have the right not to be subject to decisions based solely on automated processing, which may produces legal effects concerning you or similarly may significantly affects you.
If you have any questions or requests for access to the personal data about you, please contact us by e-mail email@example.com or by post to Bertel O. Steen Power Solutions AS, Post box 6098, N-5892 Bergen,Norway.
If you believe that our processing of personal data is in breach of the privacy legislation, you can complain to the Norwegian Data Protection Authority (firstname.lastname@example.org).