Privacy Policy

This privacy policy details how we process and protect your personal data. The privacy policy covers such areas as the processing of personal data when using our websites and digital channels and communicating with us as well as the use of the services and apps where reference is made to this policy.

The privacy policy does not cover the processing of personal data undertaken by us in the role of a data processor on behalf of our customers.

Personal data is information that can identify you directly or indirectly, such as your name or the IP address used by your device.

It is important to us that you feel comfortable with how we process your personal data. We take steps to ensure that the personal data we store is protected and that our processing of it is in accordance with the applicable legislation and rules, as well as our internal guidelines and procedures.

Who is covered by this privacy policy?

This privacy policy covers:

Users of our websites and digital channels, as well as of our services and apps where reference is made to this policy.
Contact people for a customer, potential customer, supplier, or partner of a company within the Infobric group.
External parties who have contact with or otherwise communicate with companies within the Infobric group.
Relatives of our employees.

Who is responsible for the processing of personal data?

Each company is responsible for its own processing of your personal data.

Each company covered by this privacy policy is, as a starting point, responsible (as data controller) for its own use of your personal data. The companies within the Infobric group that are covered by the privacy policy and their contact details can be found below.

The companies have joint responsibility for certain uses of your personal data.

The companies within the Infobric group work together closely to provide services to you and communicate with you in the best way possible. Where your personal data is used jointly by companies within the Infobric group, these companies are jointly responsible (as joint data controller). In order for it to be clear to you when companies are jointly responsible for the use of the personal data, we have stated this in relation to each purpose for which your personal data is used, which is described in the section “Why do we process your personal data?”. Unless we have stated otherwise, each company covered by this privacy policy is responsible for the use of your personal data for the purpose in question.

At the end of the privacy policy, the section “Companies within the Infobric group that are jointly responsible for the use of your personal data” states which companies are, where applicable, jointly responsible for the use of your personal data.

Companies in the Infobric group have entered into a joint arrangement to distribute the responsibility between the companies and to ensure the protection of your personal data in relation to the use of your personal data that the companies are jointly responsible for. You have the right to know the key content of the arrangement, which you can obtain by contacting the data protection officer at Infobric AB.

Infobric AB is also the common point of contact for the companies. If you have questions regarding the use of your personal data that companies in the Infobric group are jointly responsible for, please contact Infobric AB. The contact details can be found further down.

What personal data do we collect?

We collect only the personal data we require. The personal data we collect about you depends on how you interact with us.

We collect the following categories of personal data:

Identity data. Data that makes it possible to identify you, such as your name.
Contact information. Data that makes it possible to contact you, such as your address, e-mail address, and phone number.
Profile data. Data concerning your profile, such as your title, the name and address of the company or organisation you belong to, and, with regard to relatives, their relationship to you.
User-generated data. Data on your activity and use of our websites, digital channels, apps, and services, such as your clicks and visits. (For information, we may, where applicable, in our capacity as a data processor, collect and process approximate or precise location information depending on the settings you enable on your mobile device for features such as geofencing.)
Order data. Information on the product or service ordered, such as the product or service, price, delivery time, or assignment period.
Content of communication with us, such as the content of e-mails or replies that you give when participating in a survey.
Audio and video materials. Data such as your picture and voice that has been photographed or recorded, such as photographs, videos, or sound recordings.
Training information. Data on training that you have participated in, such as the date of the training and the type of training.
Health data. Data concerning your health, such as information on allergies.
Technical data. Technical data on the device you use when visiting our website or digital channels, or when using the service, such as your IP address, app version, device type, browser version, and operating system version.

Based on the data we collect about you, we may also process data derived from the following:

Purchase and order history
User behaviour on our websites and in our digital channels, services, and apps
Customer segment or profile
Communication history
Activity history such as previous training, events, and webinars that you have participated in

Where do we collect personal data from?

We collect personal data from:

You

We collect personal data from you when, for example, you contact us, visit our websites or other digital channels, sign up for training or an event, create a user account in our apps, or take part in a survey or use of apps.

Group companies

Companies within the Infobric group collaborate closely and share information with each other in order to, for example, answer questions and provide customer service or for marketing and to communicate what they offer. For more information, see the section below on the recipients with which personal data is shared and under the heading “Group companies”.

Social networking platforms

If you visit our channels on social networking platforms (e.g. Facebook or LinkedIn), we collect the personal data you provide to us via these channels.

Partners

We can collect your personal data from partners, such as when we carry out an event or other activity together with such a partner.

Publicly available sources

We can collect your personal data from publicly available sources, such as websites, various registers, and databases.

External parties

We can also collect personal data about you from external parties that provide us with your personal data, such as in connection with communication.

Information services

We may collect personal data about you from the information services we use, such as reporting services.

Employees and people hired by us

We can also collect personal data about you from staff and others hired by us who provide us with your personal data, such as in connection with communication or when these people voluntarily provide us with your data.

Why do we process your personal data?

Below is a list of the reasons why we process personal data. Not all of the processing may apply to you, as this depends on the type of relationship you have with us. Please see the section above on who is covered by this privacy policy. To find out more about the categories of personal data we process and the legal basis for this processing for each purpose, please see the detailed information on our processing of personal data, which you can find by clicking on the button at the bottom.

To manage orders

When you order goods and services, we process your personal data for the purposes of e.g. registering the order and communicating with you regarding the order.

To manage relationships with customers, suppliers, and partners

If you are the contact person for a customer, supplier, or partner for a company within the Infobric group, we process your personal data in order to manage the customer or supplier relationship or co-operation, such as in order to register you as a contact person, manage and archive agreements, and administer invoices.

To manage a shared customer register

Companies within the Infobric group have a shared customer register. If you are the contact person for a customer that is included in the shared customer register, the companies process your personal data in order to manage the shared customer register, such as to register you as a contact person in the shared customer register. The companies are jointly responsible for the processing of your personal data in order to manage the shared customer register.

To follow up on and evaluate relationships with customers, suppliers, and partners

We process the personal data of contact people for a customer, supplier, or partner for a company within the Infobric group where this is necessary for following up and evaluating customer or supplier relationships or co-operation.

Each company covered by this privacy policy is, as a starting point, responsible for its own use of your personal data for this purpose. Companies within the Infobric group are, however, jointly responsible for the use of your personal data for this purpose where the companies jointly conduct follow-ups and evaluations.

To conduct analyses to produce customer insights

We use your personal data in order to conduct analyses to produce customer insights. This is so that we can gain a better understanding of an insight into our customers’ behaviour and patterns, such as their purchase and order patterns, and thereby adapt what we offer at the customer level. Although some profiling of your data may take place, we do not, however, undertake profiling for so-called automated decision-making that has legal consequences or otherwise affects you significantly.

To communicate about us and our business

We use your personal data to communicate about us and our business in various channels. You can unsubscribe from mailings at any time by clicking on the unsubscribe link in these mailings or by contacting us.

To enable communication between employees and external parties

In connection with communication, such as by e-mail and between employees and external parties, we process personal data when applicable.

To communicate offers and marketing via various channels

We process your personal data for marketing purposes and to communicate offers from us and our partners via various digital channels, such as e-mail or social media. You can unsubscribe from mailings at any time by clicking on the unsubscribe link in these mailings. For this purpose, some profiling of your data may take place by analysing your use of our websites, digital channels, apps, and services. We do not, however, undertake profiling for so-called automated decision-making that has legal consequences or otherwise affects you significantly.

We also share your personal data with social networking platforms for this purpose. For more information, see the section below on which external recipients personal data is shared with.

Conduct sales meetings

If you are the contact person for an existing or potential customer, we use your personal data in connection with conducting sales meetings, both physical and digital, such as in order to book sales meetings and follow-up on them afterwards.

To manage our newsletters

We process your personal data to manage our newsletter, e.g. in order to send out the newsletter. You can unsubscribe from mailings at any time by clicking on the unsubscribe link in the newsletter.

To follow up on and evaluate the business

We use your personal data to compile reports at a general level and statistics in order to follow up on and evaluate the business.

To develop and improve the business

We use your personal data when we conduct general analyses to develop and improve our business, our business methods, and our strategies. No profiling take place within the scope of this processing.

To document the business

We use your personal data to document our business, where applicable, such as in order to manage and save agreements, documents for decision-making, minutes, and presentations.

To carry out training, events, and other activities

When you sign up for training, an event, or other activity that we arrange, we process your personal data in order to carry out the training, event, or activity, such as to register your participation or to communicate with you about the training, event, or activity.

Conduct webinars

If you register for a webinar that we arrange, we use your personal data to conduct the webinar, such as in order to register your participation and communicate with you about the webinar.

To answer questions and provide customer service

If you contact us, such as by e-mail or phone, we process the personal data you provide us with in order to answer your question and, if the company or organisation you belong to is a customer of ours, to provide customer service.

To conduct surveys

We process your personal data if you take part in a survey that we carry out, such as in our digital channels or mailings, for the purpose of collecting your views on our business, products, and services.

To provide our apps and services

If you have registered a user account for an app or service provided by a company within the Infobric group and which makes reference to this policy, such as the Ease CheckIn app, we process your personal data to provide the app or service to you, e.g. in order to give you access to the app or service and in order to manage your user account. You need to provide the information we request when you register your user account. If not, you may be unable to use the app or service.

To communicate about our apps and services

If you use our apps and services, we process your personal data to communicate with you regarding these apps and services, such as to tell you about updates to the app or service, to provide operational information, or to answer questions that you have about the app or service.

To enable functionality on our websites

We process your personal data where this is necessary in order to provide functionality on our websites, such as in order to remember your settings. This enables us to provide a better user experience on our websites.

To follow up on and evaluate the use of our websites, digital channels, apps, and services

If you use our websites, digital channels, or apps and services that make reference to this policy, we use your personal data in order to follow up and evaluate the use of our digital channels, apps, and services, such as in order to collect and analyse visitor and user statistics on how you use our websites, digital channels, apps, and services.

To record phone calls and video meetings for training and quality purposes

If you contact us by phone, we may, if applicable, record the phone call or video meeting for training and quality purposes. In such cases, you will be informed of this when you call or join the meeting and you can choose to opt out of having your call or meeting recorded for this purpose.

To ensure necessary technical functionality and security

We use your personal data to ensure the necessary technical functionality and security of our websites, apps, services, and IT systems, such as for security logging, error handling, and backups.

To communicate in the event of an accident, illness, or similar event

We use your personal data to communicate with you in the event of an accident, illness, or similar incident concerning an employee or other staff hired by us in order to, among other things, register your information in our relatives register.

To manage and adhere to legal requirements

We process your personal data if this is necessary in order to manage and meet a legal requirement, such as in connection with a dispute or legal process. For this purpose, we may share certain information with other recipients. Please see below for more information.

To fulfil legal obligations

In order to fulfil our legal obligations, if necessary we will process your personal data, for example, in order to
fulfil accounting or data protection requirements. For this purpose, we may share certain information with other recipients. Please see below for more information.

Which recipients do we share personal data with?

When necessary, we share your personal data with different recipients. In the detailed information on our processing of your personal data, you can find out more about the categories of personal data we share and the legal basis for doing so for various recipients.

When companies within the Infobric group are jointly responsible for the processing of your personal data for the purpose in question, as stated in the section “Why do we process your personal data?”, the companies are also responsible for the sharing of your data for the same purpose.

Group companies

Companies within the Infobric group collaborate and consequently share information with each other, such as in order to manage orders of goods and services, for marketing, to communicate what they offer, and to conduct training, events, and similar activities.

Partners

In connection with events and other activities, we share personal data with the partners we are organising the activity with.

Social networking platforms

We use various social networking platforms in order to, for example, communicate what we offer or to provide information about our apps and services. In connection with this, we share certain information with these platforms. When we automatically share personal data with these platforms, where applicable, we and the social networking platforms concerned are jointly responsible for the collection and transfer of your personal data by way of cookies and similar technologies. We and the platform concerned are, however, solely responsible for the subsequent use of your personal data. We have entered into special arrangements with the platforms concerned, that outline the roles and responsibilities that we and each platform have with respect to the use of your personal data. You have the right to know the key content of the arrangement. Please refer to the detailed information on the processing of your personal data.

External parties

When communicating with external parties, such as by e-mail, we share personal data disclosed to them by you or another party.

Service providers

In order to process personal data, we share personal data with service providers that we have hired. These service providers provide, for example, IT services (e.g. storage) and communication services (which enable us to send you messages and newsletters). When the service providers process personal data on our behalf, they act as data processors for us, and we are responsible for the processing of your personal data. They must not use your personal data for their own purposes and are contractually and legally obliged to protect your data.

Other recipients

In some cases, when necessary, we share your personal data with other recipients for certain purposes:

to manage a merger or sale of the business
to manage and meet legal requirements
to fulfil legal obligations
to respond to a legal request, and
to protect and guarantee the safety of our staff.

Examples of recipients are external advisors, public authorities, courts, the police, and potential buyers and sellers should we sell the business.

What rights do you have?

You have certain rights under current data protection legislation in relation to the personal data we have collected about you.

You have the right to:

Request access to and a copy of the personal data we hold about you.
Request rectification of personal data that you believe is incorrect or incomplete.
Withdraw your consent to our processing of your personal data based on your consent.
Request erasure in some circumstances, but not in cases where, for example, the law requires us to retain such data.
Unsubscribe from marketing and mailings, such as by clicking on an unsubscribe link in a mailing.
Request that the processing of your personal data be restricted in certain circumstances.
Object to processing which is based on our or another party’s legitimate interests for reasons related to your specific situation.
Transfer your data (data portability) under certain circumstances by requesting a copy of the personal data we hold about you in a structured format (data portability) that you can transfer to another recipient.

If you wish to exercise your rights, please contact us using the contact details below.

Where we process personal data

We always endeavour to store personal data within the EU. In some cases your personal data is shared with recipients outside the EU/EEA, such as to service providers hired by us.

To protect personal data, we ensure that there are appropriate security measures in place with all service providers that process your personal data outside the EU/EEA by way of the European Commission’s standard contractual clauses, for example, and – if necessary with regard to the legislation of the recipient country – additional safeguards.

If you wish to know which non-EU/EEA countries your personal data is transferred to and the protection measures we have taken, please contact us using the contact details below.

Updates to this privacy policy

We may update this privacy policy from time to time. For example, we can collect additional information or use information for purposes other than those specified in the text. In such cases, we will tell you in advance by appropriate means, such as by showing a message on the website or by e-mail. The latest version of the privacy policy is always available on this page.

Questions?

Should you have questions about this policy or our processing of your personal data, or should you wish to invoke any of your related rights, please feel free to contact us. You can find the contact details for the companies covered by this privacy policy in the table below. Should you not be happy with the answers you receive, you have the right to lodge a complaint with the supervisory authority (the Swedish Authority for Privacy Protection).

Company

Contact information

Infobric AB

Corporate identity number: 556646-2940

Phone number: +46 (0)36 34 03 02

Address: Framgången 1, SE-553 18 Jönköping, Sweden

E-mail: info@infobric.se

Data protection officer: dataskyddsombud@infobric.se

TelliQ AB

Corporate identity number: 556733-7430

Phone number: +46 (0)589 123 70

Address: Glasbruksgatan 1, SE-732 31 Arboga, Sweden

E-mail: support@infobricfleet.se

Data protection officer: dataskyddsombud@telliq.se

Companies within the Infobric group that are jointly responsible for the use of your personal data

Listed below are the companies within the Infobric group that are, where applicable, jointly responsible for the use of your personal data.

Company

Contact details

More information

Infobric AB

reg.nr 556646-2940

Telephone number:

+46(0)36 - 34 03 02

Address:

Framgången 1

SE-553 18 Jönköping

Email:

info@infobric.se

See this privacy policy

TelliQ AB

reg.nr 556733-7430

Telephone number:

+46(0)589-123 70

Address:

Glasbruksgatan 1

SE-732 31 Arboga

Email: support@infobricfleet.se

See this privacy policy

AddMobile AB

reg.nr 556654-1156

Telephone number:

+46(0)40-663 31 00

Address:

Hyllie Boulevard 40

SE-215 35 Malmö

Email: support@infobricworkorder.se

See this privacy policy

JobSafe Edtech AB

reg.nr 556649-9405

Telephone number:

+46(0)8-704 00 00

Address:

Framgången 1

SE-553 18 Jönköping

Email: support@jobsafe.se

See the company’s privacy policy:

https://www.jobsafe.se/sv/allmanna-villkor/

Hyrma AB
reg.nr 556793-4327

Telefon:

+46(0)40-18 22 11

Address: Glasbruksgatan 1 SE-732 31 Arboga

Email: support@hyrma.se

See this privacy policy

Infobric AS

reg.nr 996 878 546

Telephone number:

+47 23 12 40 00

Address:

Schweigaards gate 16

0191 Oslo, Norge

Email:

support@infobric.no

See this privacy policy

Infobric Time AS

reg.nr 984 406 509

Telephone number:

+47 24 15 60 00

Address:

Schweigaards gate 16

0191 Oslo, Norge

Email:

support@infobrictime.no

See this privacy policy

BlastManager AS

reg.nr 989 474 278

Telephone number:

+47 380 90 000

Address:

Schweigaards gate 16

0191 Oslo, Norge

Email: info@infobricblastmanager.no

See this privacy policy

Intershare AS

reg.nr 926 724 991

Telephone number:

(+47) 380 90 000

Address:

Kjøita 25

4630 Kristiansand, Norge

Email: info@infobric.no

See this privacy policy

Detailed information on the processing of personal data

When we process your personal data

See below for detailed information on the categories of personal data we process, the legal basis for this processing, and how long we store the data for each purpose.

To manage orders

Personal data

Identity data
Communication
Contact information
Order data
Profile data

Lawful basis

Legitimate interest. Processing is necessary in order for us to fulfil our legitimate interest in managing orders.

Fulfilment of agreements. If the order is carried out by an individual company, we process the data to fulfil our agreement with you.

Retention period: Personal data is retained for this purpose for as long as is necessary in order to process your order and for a period of 10 years thereafter in order to manage and meet legal requirements. Personal data in accounting material is stored for up to 7 years from the end of the calendar year in which the relevant financial year ended in order for us to fulfil our legal obligations (bookkeeping and accounting requirements in the Companies Act 2006, the Norwegian Accounting Act (LOV-2004-11-19-73) and the Swedish Accounting Act (1999:1078)).

To manage relationships with customers, suppliers, and partners

Personal data

Identity data
Communication
Contact information
Order data
Profile data

Lawful basis

Legitimate interest. Processing is necessary in order for us to fulfil our legitimate interest in managing our customer or supplier relationships.

Fulfilment of agreements. If the agreement has been concluded with an individual company, we process the data to fulfil our agreement with you.

Retention period: Personal data is retained for this purpose for as long as there is an active relationship and for a period of 10 years thereafter in order for us to fulfil our legitimate interest in managing and adhering to legal requirements. The relationship is active if you have had contact with us during the previous 12-month period.

To manage a shared customer register

Personal data

Identity data
Communication
Contact information
Order data
Profile data

Lawful basis

Legitimate interest. Processing is necessary in order for us to fulfil our legitimate interest in managing the shared customer register.

To follow up on and evaluate relationships with customers, suppliers, and partners

Personal data

Identity data
Order data
Profile data
Purchase and order history
Communication history
Activity history

Lawful basis

Legitimate interest. Processing is necessary in order for us to fulfil our legitimate interest in following up on and evaluating our customer or supplier relationships or collaborations.

Retention period: Personal data is retained for this purpose for a period of 27 months from the time of collection. General reports which do not contain personal data or statistics are retained indefinitely or until they are deleted.

To conduct analyses to produce customer insights

Personal data

Identity data
Order data
Profile data
User-generated data
Purchase and order history
User behaviour
Communication history
Activity history
Customer segment and profile

Lawful basis

Legitimate interest. Processing is necessary in order for us to fulfil our legitimate interest in conducting analyses to develop customer insights.

To communicate about us and our business

Personal data

Identity data
Audio and video materials
Contact information
Profile data

Lawful basis

Legitimate interest. Processing is necessary in order for us to fulfil our legitimate interest in communicating about us and our business.

Retention period: Personal data is retained for this purpose for as long as there is an active relationship and for a period of 12 months thereafter for the same purpose. Published personal data in digital channels, such as in our social media feeds, is essentially retained indefinitely.

To enable communication between employees and external parties

Personal data

Identity data
Audio and video materials
Communication
Contact information
Order data
Profile data

Lawful basis

Legitimate interest. Processing is necessary in order for us to fulfil our legitimate interest in facilitating business communication between employees and external parties.

Retention period: In order for us to fulfil our legitimate interest in handling and meeting any legal requirements, personal data is retained for this purpose for a period of 1 year from the most recent communication in each conversation and for a period of 10 years thereafter.

To communicate offers and marketing via various channels

Personal data

User-generated data
Audio and video materials
Identity data
Contact information
Order data
Purchase and order history
User behaviour
Customer segment and profile
Activity history
Technical data

Legal basis

Legitimate interest. Processing is necessary in order for us to fulfil our legitimate interest in communicating offers, via various channels, regarding our products and services.

Consent. If you have given your consent to our use of cookies and similar technologies for this purpose, your personal data is processed with the support of your consent.

Retention period: Personal data is retained for this purpose for as long as there is an active relationship and for a period of 12 months thereafter for the same purpose. If there is no relationship, the data is retained for this purpose for a period of 3 months after the data is collected.

Conduct sales meetings

Personal data

Identity data
Audio and video data
Contact information
Profile data
Communication
Communication history
Activity history

Lawful basis

Legitimate interest. Processing is necessary in order for us to fulfil our legitimate interest in conducting sales meetings.

Retention period: Personal data is retained for this purpose in order to conduct the sales meeting and for a period of 12 months thereafter in order to follow up on the sales meeting.

To manage our newsletters

Personal data

Identity data
Contact information

Legal basis

Legitimate interest. Processing is necessary in order for us to fulfil our legitimate interest in managing our newsletters.

Retention period: Personal data is retained for this purpose until further notice and until you unsubscribe from the newsletter.

To follow up on and evaluate the business

Personal data

Identity data
Order data
Profile data
Purchase and order history
Activity history

Lawful basis

Legitimate interest. Processing is necessary in order for us to fulfil our legitimate interest in monitoring and evaluating the business.

Retention period: Personal data is retained for this purpose for a period of 27 months from the time of collection. General reports which do not contain personal data or statistics are retained indefinitely or until they are deleted.

To develop and improve the business

Personal data

Identity data
Order data
Purchase and order history
Profile data

Lawful basis

Legitimate interest. Processing is necessary in order for us to fulfil our legitimate interest in developing and improving the business.

To document the business

Personal data

Audio and video materials
Identity data
Contact information
Communication
Communication history
Profile data

Lawful basis

Legitimate interest. Processing is necessary in order for us to fulfil our legitimate interest in documenting business activities.

Retention period: Personal data is retained for this purpose indefinitely.

To carry out training, events, and other activities

Personal data

Audio and video materials
Health data
Identity data
Communication
Contact information
Profile data
Training information
Communication history
Activity history

Lawful basis

Legitimate interest. Processing is necessary in order for us to fulfil our legitimate interest in carrying out training, events, and other activities.

Explicit consent. Any special categories of personal data relating to health are processed only on the basis of your explicit consent, which is obtained when you register for training, an event, or an activity carried out by us.

Retention period: Personal data is retained for this purpose for the time that the activity is conducted and for a period of up to 13 months thereafter, calculated from the time the activity is conducted, in order to fulfil our legitimate interest in following up on participation and evaluating the activity, as well as to plan any future activities. Personal data in accounting material is stored for up to 7 years from the end of the calendar year in which the relevant financial year ended in order for us to fulfil our legal obligations (bookkeeping and accounting requirements in the Companies Act 2006, the Norwegian Accounting Act (LOV-2004-11-19-73) and the Swedish Accounting Act (1999:1078)). Any health information collected for this purpose is retained only for the period necessary in order to carry out the activity and is subsequently deleted. Audio and video material that is collected is retained until further notice and until the material is deleted if this is necessary for us to fulfil our legitimate interest in documenting the activity.

Conduct webinars

Personal data

Audio and video materials
Identity data
Communication
Contact information
Profile data
Communication history
Activity history

Lawful basis

Legitimate interest. Processing is necessary in order for us to fulfil our legitimate interest in conducting webinars.

Retention period: Personal data is retained for this purpose for the time that the webinar is conducted and for a period of up to 13 months thereafter, calculated from the time the webinar is conducted, in order to fulfil our legitimate interest in following up on participation and evaluating the webinar, as well as to plan any future webinars. Audio and video material that is collected is retained until further notice and until the material is deleted if this is necessary for us to fulfil our legitimate interest in documenting the activity.

To answer questions and provide customer service

Personal data

Identity data
Communication
Contact information
Order data
Profile data

Lawful basis

Legitimate interest. Processing is necessary in order for us to fulfil our legitimate interest in responding to your question.

Retention period: Personal data is retained for this purpose for a period of 2 years after the case is closed. Published personal data in digital channels, such as in our social media feeds, is essentially retained indefinitely.

To conduct surveys

Personal data

Identity data
Contact information
Communication
Profile data

Lawful basis

Legitimate interest. Processing is necessary in order for us to fulfil our legitimate interest in carrying out surveys for the purpose of collecting your views on our business, products, and services.

Retention period: Personal data is retained for this purpose during the period that the survey is carried out and for a period of 3 months thereafter in order for us to compile the responses in a report. Statistics which do not contain personal data are stored indefinitely or until the statistics are deleted.

To provide our apps and services

Personal data

Identity data
Communication
Contact information
Profile data
User-generated data
Technical data

Legal basis

Fulfilment of agreements. Processing is necessary in order to fulfil the applicable terms for the app or service.

Retention period: Personal data is retained for this purpose for as long as your user account is active, after which the data is deleted.

To communicate about our apps and services

Personal data

Identity data
Contact information
Profile data
Technical data

Legal basis

Fulfilment of agreements. Processing is necessary in order to fulfil the applicable terms for the app or service.

Retention period: Personal data is retained for this purpose for as long as your user account is active, after which the data is deleted.

To enable functionality on our websites

Personal data

Technical data

Legal basis

Legitimate interest. Processing is necessary in order to fulfil our legitimate interest in enabling the functionality of our websites for the purpose of providing a better user experience.

Consent. If you have given your consent to our use of cookies and similar technologies for this purpose, your personal data is processed with the support of your consent.

Retention period: Personal data is retained for this purpose throughout your visit and for a period of 12 months thereafter in order for us to fulfil our legitimate interest in providing a better user experience.

To follow up on and evaluate the use of our websites, digital channels, apps, and services

Personal data

User-generated data
Activity history
Technical data

Legal basis

Legitimate interest. Processing is necessary in order for us to fulfil our legitimate interest in following up on and evaluating the use of our websites, digital channels, apps, and services.

Consent. If you have given your consent to our use of cookies and similar technologies for this purpose, your personal data is processed with the support of your consent.

Retention period: Personal data is retained for this purpose for a period of 3 months. Statistics which do not contain personal data are stored indefinitely or until the statistics are deleted.

To record phone calls and video meetings for training and quality purposes

Personal data

Audio and video materials
Identity data
Communication
Contact information
Profile data

Lawful basis

Legitimate interest. Processing is necessary in order for us to fulfil our legitimate interest in ensuring the necessary technical functionality of our websites, apps, and services.

Retention period: Personal data is retained for this purpose for a period of 1 month from the time of the conversation.

Ensuring necessary technical functionality and security

Personal data

All relevant categories of personal data.

Lawful basis

Legitimate interest. Processing is necessary in order for us to fulfil our legitimate interest in ensuring the necessary technical functionality and security of our websites, apps, services, and IT systems.

Retention period: Personal data is retained for this purpose for as long as your user account is active. Personal data in logs is retained in order to fulfil our legitimate interest in troubleshooting and incident management for a period of 12 months from the log entry time.

To communicate in the event of an accident, illness, or similar event

Personal data

Identity data
Communication
Contact information
Relationship information

Legal basis

Legitimate interest. Processing is necessary in order for us to satisfy our legitimate interest in registering your data in our relatives register and in order to communicate with you in the event of an accident, illness, or similar incident concerning an employee or other staff hired by us.

Retention period: Personal data is retained until the employee concerned or other staff hired by us reports otherwise, and no later than when the employment or assignment of the person concerned ends.

To manage and adhere to legal requirements

Personal data

All categories of personal data that are necessary for handling and meeting a legal requirement in an individual case.

Lawful basis

Legitimate interest. Processing is necessary in order for us to fulfil our legitimate interest in handling and meeting legal requirements.

Retention period: Personal data is retained for the period required in order for us to handle and meet the legal requirement.

To fulfil legal obligations

Personal data

All categories of personal data as are necessary for fulfilling the legal obligation.

Lawful basis

Fulfilling a legal obligation. Processing is necessary in order for us to fulfil our legal obligations.

Retention period: Personal data is retained for the period required in order for us to fulfil each of our legal obligations. By way of example, personal data in accounting material is retained for up to 7 years from the end of the calendar year in which the relevant financial year ended in accordance with the Companies Act 2006, the Norwegian Accounting Act (LOV-2004-11-19-73) and the Swedish Accounting Act (1999:1078).

When we share your personal data with different recipients

See below for detailed information on the categories of personal data we share with different categories of recipients for various purposes and on which legal basis we do this.

Group companies

To manage orders

Personal data

Identity data
Communication
Contact information
Order data
Profile data

Legal basis for the transfer

Legitimate interest. Processing is necessary in order for us to fulfil our legitimate interest in managing orders of goods and services concerning multiple companies within the Infobric group.

To conduct analyses to produce customer insights

Personal data

Identity data
Order data
Profile data
User-generated data
Purchase and order history
User behaviour
Communication history
Activity history
Customer segment and profile

Legal basis for the transfer

Legitimate interest. Processing is necessary in order for us to cater for the receiving group companies’ legitimate interest in conducting analyses to develop customer insights based on data from multiple group companies.

To communicate about us and our business

Personal data

Identity data
Audio and video materials
Contact information
Profile data

Legal basis for the transfer

Legitimate interest. Processing is necessary in order for us to cater for the receiving group companies’ legitimate interest in communicating about us and our business to recipients that have a relationship with other group companies.

To enable communication between employees and external parties

Personal data

Identity data
Contact information
Communication
Profile data

Legal basis for the transfer

Legitimate interest. Processing is necessary in order for us to fulfil our legitimate interest in enabling employees and external parties to communicate in relation to their work.

To communicate offers and marketing via various channels

Personal data

User-generated data
Audio and video materials
Identity data
Contact information
Profile data
Order data
Purchase and order history
User behaviour
Customer segment and profile
Activity history
Technical data

Legal basis for the transfer

Legitimate interest. Processing is necessary in order for us to cater for the receiving group companies’ legitimate interest in communicating and providing offers via various channels about our products and services to contacts who have a relationship with other group companies.

Consent. If you have given your consent to our use of cookies and similar technologies for this purpose, your personal data is processed with the support of your consent.

Conduct sales meetings

Personal data

Identity data
Contact information
Profile data
Communication
Communication history
Activity history

Legal basis for the transfer

Legitimate interest. Processing is necessary in order for us to cater for the receiving group companies’ legitimate interest in conducting sales meetings with contacts who have a relationship with other group companies.

To carry out training, events, and other activities

Personal data

Identity data
Communication
Contact information
Profile data
Communication history
Activity history

Legal basis for the transfer

Legitimate interest. Processing is necessary in order for us to cater for the receiving group companies’ legitimate interest in conducting training, events, and other activities in respect of contacts who have a relationship with other group companies.

Conduct webinars

Personal data

Identity data
Communication
Contact information
Profile data
Communication history
Activity history

Legal basis for the transfer

Legitimate interest. Processing is necessary in order for us to cater for the receiving group companies’ legitimate interest in conducting webinars in respect of contacts who have a relationship with other group companies.

To answer questions and provide customer service

Personal data

Identity data
Communication
Communication history
Contact information
Order data
Profile data

Legal basis for the transfer

Legitimate interest. Processing is necessary in order for us to cater for the receiving group companies’ legitimate interest in answering questions and providing customer service.

To conduct surveys

Personal data

Identity data
Contact information
Communication
Profile data

Legal basis for the transfer

Legitimate interest. Processing is necessary in order for us to cater for the receiving group companies’ legitimate interest in conducting surveys in respect of people who have a relationship with other group companies.

Partners

To carry out training, events, and other activities

Personal data

Audio and video materials
Identity data
Communication
Contact information
Profile data

Legal basis for the transfer

Legitimate interest. Processing is necessary in order for us to fulfil our legitimate interest in carrying out training, events, and other activities.

Business communication between employees and external parties

Personal data

Identity data
Contact information
Communication
Profile data

Legal basis for the transfer

Legitimate interest. Processing is necessary in order for us to fulfil our legitimate interest in enabling employees and external parties to communicate in relation to their work.

Social networking platforms

To communicate and provide offers via various channels

Personal data

User-generated data
Identity data
Contact information
Profile data
User behaviour
Customer segment and profile
Technical data

Legal basis for the transfer

Legitimate interest. Processing is necessary in order for us to fulfil our legitimate interest in communicating and distributing offers, via various channels, regarding our products and services.

Consent. If you have given your consent to our use of cookies and similar technologies for this purpose, your personal data is processed with the support of your consent.

To communicate about our apps and services

Personal data

Identity data
Contact information
Technical data

Legal basis for the transfer

Legitimate interest. Processing is necessary in order for us to fulfil our legitimate interest in communicating about our apps and services.

External parties

To enable communication between employees and external parties

Personal data

Identity data
Audio and video material
Communication
Contact information
Order data
Profile data

Legal basis for the transfer

Legitimate interest. Processing is necessary in order for us to fulfil our legitimate interest in facilitating business communication between employees and external parties.

Other recipients

To manage a merger or sale of the business

Purpose

Only the personal data that is necessary for this purpose is shared with the recipient.

Legal basis for the transfer

Legitimate interest. Processing is necessary in order for us to fulfil our and the buyer’s legitimate interest in completing the sale or merger.

To manage and adhere to legal requirements

Purpose

Only the personal data that is necessary for this purpose is shared with the recipient.

Legal basis for the transfer

Legitimate interest. Processing is necessary in order for us to fulfil our legitimate interest in handling and meeting legal requirements.

To fulfil legal obligations

Purpose

Only the personal data that is necessary for this purpose is shared with the recipient.

Legal basis for the transfer

Fulfilling a legal obligation. Processing is necessary in order for us to fulfil our legal obligations.

To respond to a legal request

Purpose

Only the personal data that is necessary for this purpose is shared with the recipient.

Purpose

Legitimate interest or to fulfil a legal obligation. To the extent that we are obliged to respond to a legal request, personal data is processed in order to fulfil this legal obligation. Otherwise, processing is based on a balance of interests when it is necessary to fulfil our and the requester’s legitimate interest in our responding to the enquiry.

To protect and guarantee the safety of our staff

Purpose

Only the categories of personal data that are necessary for this purpose, such as to report an incident to a law enforcement authority.

Purpose

Legitimate interest. Processing is necessary in order for us to fulfil our legitimate interest in protecting and guaranteeing the safety of our staff.

Where applicable, to share information on educational certificates

Purpose

Only those categories of personal data that are necessary for this purpose, e.g. information on completed educations.

Purpose

Legitimate interest. The processing is necessary to satisfy our legitimate interest in sharing data on educational certificates.

External recipients with whom we are jointly responsible for the use of your personal data

In the table below, you will find further information about the external recipients with whom we are jointly responsible for the use of your personal data. In the table, you will also find further information on the recipients’ processing of personal data.

Recipient

Facebook Ireland Limited

Grand Canal Square, Grand Canal Harbour, Dublin 2, D02C525, Ireland

Information

Information about Facebook Ireland’s use of your personal data, including its legal basis for processing the data and how you can exercise your rights in respect of Facebook Ireland, can be found in its data policy, which is available here: https://www.facebook.com/about/privacy.

We have entered into a supplementary agreement on joint responsibility in order to determine our respective responsibilities and roles in relation to the use of your personal data that we and Facebook Ireland are jointly responsible for. Please see https://www.facebook.com/legal/controller_addendum.

Recipient

LinkedIn Ireland Unlimited Company

70 Sir John Rogerson’s Quay, Dublin 2, D02R296, Ireland

Information

Information about LinkedIn Ireland’s use of your personal data, including its legal basis for processing the data and how you can exercise your rights in respect of LinkedIn Ireland, can be found in its privacy policy, which is available here: https://www.linkedin.com/legal/privacy-policy.

We have entered into a supplementary agreement on joint responsibility for personal data with LinkedIn Ireland in order to determine our respective responsibilities in relation to the use of your personal data that we and LinkedIn Ireland are jointly responsible for. Please see https://legal.linkedin.com/pages-joint-controller-addendum.