We are committed to safeguarding your personal data and process all data in accordance with the applicable data protection legislation at any time. We take appropriate measures to ensure the security of your personal information. VISCO is ISO-27001 certified. Current regulations include, but are not limited to, the EU General Data Protection Regulation 2016/679 (“GDPR”), the Norwegian Personal Data Act and associated regulations.
Handling of these personal data
a. Whose personal data do we process?
- Persons who use our website www.visco.no
- Contact persons in enterprises that have contacted us.
- Persons who subscribe to our newsletter and other types of information, invitations to seminars, events, etc.
- Contact persons who work for our clients, suppliers and partners
- Our employees
- Persons who have sent us requests.
b. Data processing is restricted to its purpose.
Depending on the purpose above, we may have to process various personal data such as names, telephone numbers, e-mail or other addresses. It may also be necessary to process other information used to identify you indirectly, such as the IP-address that you communicate from. For employees and job applicants, it may also be necessary to process your ID/social security number, CV, certificates, reference letters.
Our personal data processing will always be strictly limited to what is necessary to achieve the purpose of the processing.
If we have no other processing basis, processing will only take place if the data subject has given consent to the processing of his or her personal data (GDPR, Article 6, 1 a).
Data controller – contact information
VISCO is the data controller for all processing of personal data where we decide the purpose of processing the data and the means we use for the processing. If you have any questions about how we process your personal data, please contact us and we will get back to you without undue delay.
Contact information for VISCO AS:
VISCO AS (Organisation Number: 866 792 232)
Address: Ryfylkegaten 22, 4014 Stavanger, Norway
Who do we share your personal data with?
We will never disclose any personal data that would entail a breach of our statutory or contractual duty of confidentiality.
We never process personal data for marketing purposes unless we have obtained the prior consent of the data subject or there is an existing client relationship between VISCO and the data subject. The information processed for marketing purposes includes, but is not limited to names, e-mail addresses, telephone numbers, addresses and considerations related to possible areas of interest.
If the client relationship is existing, marketing will take place in accordance with Section 15 (3) of the Norwegian Marketing Act. In other contexts, marketing is only conducted after express consent from you, cf. Section 15 (1) of the Marketing Act and Article 6, 1 a) of GDPR.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for. If the personal data is used for several different purposes, we will retain such data until the purpose with the longest retention period is no longer relevant. However, we will cease using such data for the purpose with the shortest retention period when this shorter retention period has expired.
The retention period is based on the needs of our business. We will either permanently anonymize or in a secure manner delete those of your personal data that we no longer need or have a duty to retain.
Visit our website
- To ensure basic functionality at our website.
- To offer login and subscription functionality.
If you are visiting visco.no we are installing cookies who are needed to provide basic functionality of the website.
In the event we have received your express consent, we will also install cookies for additional functionality, including for login and subscription. Your consent may be cancelled at any time.
b. Statistics from our web server
We may use logs from our web server to generate statistics of our website traffic on www.visco.no. We use these statistics to improve the information on our website. The information contains different variables, such as which pages you have visited, your searches with our search engine, the time and date of your visit as well as technical information about your device. The web server will delete the IP address of visitors immediately. In practice, it will not be possible to identify visitors based on the remaining parameters. Hence the statistics are anonymous. It means that the information cannot be linked to you as an individual.
The legal basis for the generation of anonymous statistics is Article 6.1 (f) of the GDPR, which allows us to process information that is necessary to safeguard a legitimate interest that outweighs the consideration of the individual’s privacy. Our legitimate interest is to improve and further develop information on our website.
You have rights in relation to your personal data. Which rights you have is depending on the situation.
Withdrawing your consent: If you have consented to receiving newsletters or other marketing material from us, you can withdraw your consent at any time. We have made it easy for you to opt out of receiving such material by providing a link to a form in every newsletter/all marketing material. Click on the link or HERE to unsubscribe.
Request access: Provided that the duty of confidentiality does not prevent it, you have the right to access the personal data we have registered about you. To ensure that personal data is disclosed to the correct person, we may require a written request for access or that identity is verified by other means.
Request correction or deletion of your personal data: You can ask us to correct incorrect data that we have about you, and in some situations, you can ask us to limit our processing of your data, or ask us to delete them. We will, insofar as possible, accommodate requests to delete personal data. However we cannot do so if there are statutory or other compelling grounds for retaining the data, for example, if we need to store the data for documentation purposes.
Data portability: In some instances, you may be entitled to receive personal data we have registered on you, to have them transferred in a machine-readable format to another firm. If technically possible, you will be entitled in some cases to have this transferred directly to the other firm.
Complaints to the supervisory authority: If you disagree with the manner in which we process your personal data, you can file a complaint with the Norwegian Data Protection Authority.
More information about personal data is available on the Norwegian Data Protection Authority’s website. Click HERE.