Privacy Policy – Septer AS and the website www.septer.no

1. Introduction

Septer AS is part of Kong Arthur Group, and registered in Norway as a private company. The registered address is Brugata 7 Brumunddal, Norway. In this policy, “we”, “us” and “our” refer to Septer AS.

Septer is committed to protecting the rights of our users, clients, and visitors and meet all of our obligations under Data Protections Laws and the General Data Protection Regulation (GDPR). The purpose of this statement is to inform you of what personal data is being collected, how it is processed, who is responsible for processing, what rights you have, and who can you contact.

Septer is responsible for controlling the personal data you provide to us on this website (www.septer.no). Should you have any question regarding this privacy policy, feel free to contact us at septer@septer.no

2. What is Personal data and Processing?

In this policy, personal data and processing refers to as per the Art 4 of GDPR:

1. «personal data»

Personal data means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person


2. 
«processing»

processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

3. Types of data being processed and the legal basis for processing?

1. Usage Data

We may automatically collect your personal data that is provided in the course of the use of our website and platforms. The usage data may include your IP address, geographical location, length of visit, website navigation paths, timing relating to use of the site, frequency, and any patterns which may emerge. This data is only processed for operation and further development of Septer´s webpage. The legal basis for this processing falls under Art 6 (1)(f), that processing is necessary for our legitimate interests as a business to promote and improve our website.


2. Enquiry Data

We may process your personal data and information that is provided to us in the course of any inquiry or follow up of that inquiry through contact form on the website, email, or telephone. The enquiry data may be processed for the purpose of answering inquiry, marketing, and selling relevant services. The legal basis for this processing falls under Art 6(1)(b) for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.


3. Customer Relation Data

We may process data relating to our customer relations, including customer contact information. This category of data may include name, address, business association, geographical locations etc. The legal basis for this processing falls under Art 6 (1)(b) the necessity for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.

4. Transferring your Personal Data to Others

Septer does not transfer personal data to a third party for any purpose other than those specified above.

Septer uses data providers to process personal data as described above in connection with the delivery of IT services to us. Agreements are entered into to ensure the safety of personal data in such cases. The Personal Data will not be transferred outside of the EU.

If you want to know more about which data processors are used to process your personal data, please contact us at septer@septer.no

5. Retaining and Deleting Personal Data

Personal data will only be stored and processed as long as it is necessary to process the data and the data will be deleted /destroyed safely as soon as the purpose of processing is no longer valid. You may contact us at anytime to request the deletion of your personal data.

6. Your rights as a Data Subject

1. Right to information and Access

You have a right to get information on how your personal data is processed by Septer AS. This privacy policy is intended to contain the information you are entitled to. You have the right to view/access all personal data registered about you at Septer. You also have the right to obtain a copy of your personal data, if you wish.


2. Right to Rectification

You are entitled to request any incorrect personal data about you corrected. You also have the right to have incomplete personal data about you completed. If you believe we have registered incorrect or insufficient personal information about you, please contact us. It is important that you substantiate and possibly document why you believe personal information is incorrect or inadequate.


3. Right to Restrict the Processing of the Data

n some cases, you may have the right to request the processing of your personal data to be limited. The limitation of personal data means that personal data is still being stored, but that the possibilities for further processing are limited.

If you believe that your personal information is incorrect or inadequate or has raised an objection to the processing (see below), you are entitled to request that processing of your personal data be temporarily restricted. That is, the processing is limited until we may have corrected your personal data or have considered if your opposition is justified.

In other cases, you may also require a more permanent limitation of your personal data. In order to be entitled to require a limitation of your personal data, the terms of the Personal Data Act and GDPR Article 18 must be met. If we receive a request from you for the limitation of personal data, we will review whether the terms of the law are met.


4. Right to Erasure

In some cases, you have the right to demand that we delete your personal data. The right to deletion is not an unconditional right and whether you are entitled to deletion must be considered in the light of current privacy laws, i.e. the Data Protection Laws and the GDPR. If you wish to delete your personal data, please contact us. It is important that you state why you want the personal data to be deleted and, if possible, also state what personal data you want to delete. We will then consider whether the conditions for requiring deletion in the law are fulfilled.


5. Right to Protest

ou may be entitled to object to the processing, that is, protest against processing if you have a particular need to stop processing. The right to object is not an unconditional right, and it depends on what is the legal basis for the processing and if you have a specific need. The terms are outlined in the GDPR Article 21. If you raise an objection for the processing, we will consider whether the terms for raising an objection are met. Please note that the right to protest does not apply if the personal data is required to perform an agreement you have with Septer or if we are required by the law to process your personal data. If we believe you have the right to object to the processing and the objection is justified, we will stop processing and you may also request to have your data deleted.


6. Right to Complain about the Processing

If you believe that we have not processed your personal data in a correct and legal manner, or if you believe that we have not been able to fulfil your rights, you will be able to complain about the processing. For information about how to contact us, see below.
If we reject your complaint, you have the right to direct the complaint to the Data Protection Authority (Datatilsynet). The Data Protection Authority is responsible for ensuring that Norwegian companies comply with the provisions of the Personal Data Act and the GDPR, when processing personal data.
You’ll find updated information about how to contact the data protection company at www.datatilsynet.no

7. Contact

Septer AS is responsible for matters regarding the personal data collected on the website www.septer.no

Septer AS
Brugata 7
2380 Brumunddal
Norway

Septer AS has appointed a Data Protection Officer. The Data Protection Officer can be reached at personvernombud@septer.no