1. Introduction

Dr.Ankerstjerne AS takes privacy seriously, and therefore complies with all relevant laws and regulations at all times. It contains the new EU regulation (GDPR) The purpose of this privacy policy is to make it as easy as possible for you to get an overview of how we collect, use, store, share, transfer, delete or otherwise process (further called "processor") your personal data. Our measures to protect and secure your personal data are also covered by the declaration. Finally, our declaration contains contact details so that you can easily get in touch with us regarding questions, requests and/or complaints in connection with data protection.

2. Covered parties and definition

This privacy statement refers to "you" and "your", which includes any covered individual. «We», «us», «our» and «Dr.Ankerstjerne AS» include Dr.Ankerstjerne AS AS.

"Personal information" is defined as data relating to an identified/identifiable person or a person who can be identified using means that are likely to be used.

3. Scope of the privacy policy

The privacy policy covers Dr.Ankerstjerne AS' goals and activities within the geographical areas where we operate and where the GDPR applies. Furthermore, the privacy policy applies to the processing of personal data collected by us, directly or indirectly, from all individuals. This includes, but is not limited to, our current, former or prospective: job seekers, employees, consultants, users, consumers, children, suppliers/subcontractors, shareholders and third parties.

4. Collection and processing of personal data

In accordance with GDPR and local laws Your personal data is processed in accordance with the provisions of the EU General Data Protection Regulation (GDPR) and potential and relevant local legislation Legal, fair and transparent We guarantee that your personal data is processed in a legal, fair and transparent manner. This means that we do not process personal data without a legal basis (for more information see the section "Legal basis for storage"). At the same time, be aware that there may be a need to process your personal data if it is necessary for the performance of a contract/service to which you are a party or recipient, when it is necessary to fulfill legal obligations to which we are subject or other cases where it will be necessary, of course then with your prior consent. As long as your rights and freedoms do not override ours, we can also process personal data for our legitimate interests. In cases where we process your personal data, we will inform you of this through a notice or privacy policy. The information will include, among other things, who is responsible for the processing of your personal data, for what purposes the personal data is processed, who the recipients are, what rights you have and how you can exercise these (unless it is impossible or requires disproportionately large efforts for us to able to perform this). When required by applicable law, we will seek your consent before collecting sensitive information. For example, by ticking the box "I consent to the processing of the personal data that I provide for the above-mentioned use" on our website, you agree that the personal data that you fill in/give us can be used for the use that has been formulated in the consent.

Legitimate purpose, limitation and data minimization

We guarantee that your personal data will only be collected for specific, explicit and legitimate purposes, and will not be further processed in a way that is incompatible with these purposes. The personal information must also be adequate, relevant and not too extensive in relation to the legitimate use for which it is arranged.

We collect, among other things, information by: entering into service agreements with suppliers and business customers, filling in contact information on our website, contacting us by e-mail, telephone, website and social media, registering for receiving newsletters, signing up for education or attending information meetings .

Please also note that if you visit our website, this generates data, in addition to, for example, IP address, device type, operating system and browser type used.

When we process personal data for our own purposes, these are mainly used, but not limited to the following: customer processing, sales and marketing activities, statistics and analysis, user customization of the website, recruitment administration, HR and administration, accounting, financial management and related controls and reporting, tax administration, risk management, HMS, directory services, IT tools or internal websites and other digital solutions or collaboration platforms, IT support (including infrastructure, system administration, applications, health and security management, information security administration), customer relationship administration, bidding, internal and external communication and event management, compliance with anti-money laundering obligations or other legal obligations, data analysis, legal business management and implementation of compliance processes).

Right and time limit

We guarantee that your personal data is current and correct. We will take all expected measures to ensure that incorrect information is deleted or corrected. We store your personal data with us only for as long as is necessary for the purpose for which the personal data was processed or in accordance with statutory procedures. This includes any legal, accounting or reporting requirements, as well as whether it is necessary for us to assert or defend against legal claims. The personal data will then be stored until the end of the relevant storage period or until the relevant claims have been settled. If you want to read more about our specific time limits for storing personal data, you can contact us at hei@ankerstjerne.no We also guarantee that your personal data will not be stored in a format that makes it possible to identify you for a longer period than is necessary for the use for which the information is provided. At the end of the storage period, we will delete your personal data in a secure manner, in accordance with applicable laws and regulations.

5. Legal basis for storage

Regardless of the processing of personal data, Dr.Ankerstjerne AS AS must always be supported by at least one of the following legal conditions (cf. the Act on the Processing of Personal Data, §6): a. the data subject has consented to the processing of his personal data for one or more specific purposes, b. the processing is necessary to fulfill an agreement to which the data subject is a party, or to carry out measures at the data subject's request before entering into an agreement, c. the processing is necessary to fulfill a legal obligation incumbent on the data controller, d. the processing is necessary to protect the vital interests of the data subject or another natural person, e.g. the processing is necessary to perform a task of public interest or to exercise authority that the data controller is obliged to do, e.g. the processing is necessary for purposes linked to the legitimate interests pursued by the data controller or a third party, unless the data subject's interests or fundamental rights and freedoms take precedence and require the protection of personal data, especially if the data subject is a child.

6. Security Measures

We guarantee that your personal data is protected against accidental or unlawful alteration or loss, or against unauthorized use, disclosure or access in accordance with our data security guidelines. To ensure such protection, we have implemented appropriate technical and organizational measures. We ensure, where appropriate, that all reasonable security measures based on privacy by design and privacy by default are in place to protect the processing of your personal data. Depending on the level of risk of the processing of the personal data, we also carry out a PIA privacy assessment ("PIA"). We also have extra security measures in place for data that is considered sensitive.

7. Sharing of personal data

We are very strict about who should have access to your personal data and only people who need access to such data will be given this. We are obliged to comply. Other recipients only receive this information as a result of statutory requirements, other statutes or government decisions. We share your personal information in the following circumstances: internally for the purposes described in this privacy policy; with third parties, including certain service providers retained by us in connection with the purposes described in this privacy policy and the services we provide; with companies that offer control services in the field of anti-money laundering and anti-terrorist financing, as well as other purposes aimed at preventing fraud and crime, and companies that offer similar services, including financial institutions and regulatory bodies with which such personal data is shared; with courts, law enforcement agencies, regulators, government officials or attorneys and other parties where it is reasonably deemed necessary to establish, exercise or defend a legal or equitable claim, or for a confidential alternative dispute resolution process, with service providers we partner with or outside of Dr. Ankerstjerne AS AS, domestic or abroad, e.g. shared service center, to process personal data for any of the purposes specified on our behalf and only in accordance with our instructions; if we sell or buy any business or assets, we may share your personal information with the prospective seller or buyer of such business. or assets to which any of our rights and obligations are subsequently assigned or transferred.

8. Children

There are separate procedures for personal data relating to children. This is a group that requires specific protection, as minors are less able to familiarize themselves with and understand the risks, consequences, safeguards and rights associated with sharing their information. Children also do not have the opportunity to give consent in the same way as adults. Such specific protection shall particularly apply to marketing, personality or user profiles and services offered directly to children. We do not process children's personal data without the consent of a parent or guardian where this is necessary. We do not direct our marketing to children, except for specific services and with the consent of the holder of parental responsibility. If you believe that we have processed a child's personal data incorrectly, please contact us directly at hei@ankerstjerne.no.

9. Data Transfer

According to the GDPR, it is not permitted to transfer personal data to third countries outside the EEA that are not able to guarantee an adequate and satisfactory level of data protection. Some third countries outside the EEA area where we operate do not offer the same level of data protection as the country you live in, and are therefore not recognized by the European Commission as providing an adequate level of protection for privacy rights. necessary in some cases to transfer data to such countries, we have adequate security procedures in place to protect your personal data. More information about such transfers will be made available to you at the time of collection If you would like more information or documentation about data protection procedures, please contact us at hei@ankerstjerne.no.

10. Information cookies

Our website may also use information cookies (also called "cookies"). A cookie is a small text file that is stored on your computer, mobile phone or tablet by the website you visit. The file contains the address of the website and the codes that your browser sends back to this website every time you visit a page. The goal is to recognize your device and store information about your preferences or past activities. In this way, your visit can be adapted to your needs and create a better user experience for you. When you visit our websites, you will be told what types of cookies we use and how you can deactivate them. When required by law, you will be given the opportunity to decline the use of cookies when visiting our websites. More information can be found in our cookie policy

11. Your rights

You have a range of rights when it comes to your personal data and you have the opportunity to influence your information and what is stored. Among other things, you have the right to receive information about which data we have stored. You can also demand that we correct incorrect data or delete your data. You can contact us at any time and request that your information be deleted or that the use of the information be restricted.