Privacy

Scope

This privacy policy explains how Norske Finansielle Referanser AS (NoRe) use any personal information we collect about you when you use this website or our wider services, in accordance with applicable data protection laws. This can include customers, suppliers, business contacts, employees and other people we have a relationship with or may need to contact.

The privacy policy is designed to assist customers about;

  • What personal information is provided by customers to us
  • On what basis do we collect, store and process the personal information
  • For what purpose are we using your personal information
  • How are processing and holding secure your personal information
  • How long we are keeping your personal information
  • Your protection rights in relation to your personal information
  • Who is responsible for personal information protection at our company and who you can contact about this policy

It is also important that you check back often for updates to our Privacy Policy, as we may change this policy from time to time.

What information do we collect about you?

We may collect personal information from you in the course of our business operations, including through your use of our website, when you contact or request information from us, when you contract our services or as a result of your relationship with one or more of our staff and clients.

The personal information that we may collect from you, as a result of our business interactions with you or in the provision of services, includes information such as your name, the company you work for, your title or position, contact information, such as your postal address, email address and phone number(s).

We may collect from you information required for billing services or paying invoices, information from your visits to our website or applications or in relation to contents and communications we send to you electronically, and any other information relating to you that you may provide to us.

Not all the information that we hold about you may have been provided by you directly and may be provided by your employer or some other organisation. In disclosing the above personal information to us, the customer confirms to have informed the natural persons in question (employees, agents, etc.) whose personal information they are disclosing to us about the transfer of this personal information to our company.

How we obtain your personal information

We collect information about you when you fill in a subscription agreement to receive benchmark data services. All subscription agreements signed by customers have a clause that references to this privacy policy.

We collect information about you when you are a user of our calculating agent systems and have agreed to abide by a Code of Conduct. Under such a Code, you agree to provide personal information to allow us to provide you with access to the systems and also to contact you in relation to the operation of such systems.

We collect information on our website to process your enquiry and deal with your requests or notifications. If you agree, we may also use this information to share updates with you about our services which we believe may be of interest to you. We collect information about and provided by you if you ask to be on our distribution list for newsletters.

We collect information about you when sending an enquiry, complaint, whistleblowing notification and giving feedback.

Website usage information is collected using cookies.

  • Cookies are text files put on your computer to collect standard internet log information and visitor behaviour information. This information is then used to track visitor use of the website and to create statistical reports on website activity. For more information visit allaboutcookies.org.
  • You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser. Please note in a few cases some of our website features may not function because of this.

When submitting forms on our website we use a third-party software provider for automated data collection and processing purposes, they will not use your personal information for any purposes and will only hold the personal information in line with our policy on personal information retention.

What is the basis for our using your personal information?

We use your personal information on the following grounds;

  • To fulfil a contract for service where you have agreed to provide personal information as part of that contract
  • To meet a Code of Conduct, where personal information is required for meeting that Code
  • To meet and comply with any legal and regulatory requirements
  • For other legitimate business reasons

How we use your personal information and why?

We use the personal information collected about you for the following purposes;

  • To provide the services you have requested from us, including the steps taken at your request before entering into any agreement
  • For billing and invoice payment purposes
  • To improve this website and for monitoring how it is used
  • To manage our interactions with you and our customers
  • To meet any obligations that we have from a legal and regulatory perspective
  • To understand how benchmark data is used and also to consult with users of the benchmarks on future developments
  • To provide to any of our third-party service providers for the purposes of providing the services to you on our behalf. Our third-party service providers are not permitted to share or use personal information we make available to them for any other purpose than to provide services to us
  • To promote our services to you

In all cases, we will only use your personal information subject to your instructions, data protection law and our duty of confidentiality.

Our Website

We use analytics tools to identify how visitors use our website so that we may make improvements and give visitors a better user experience.

Our analytics tools are part of a third-party information storage system that records information about the pages you visit, the length of time you were on specific pages and the website in general, how you arrived at the site and what you clicked on when you were there. These cookies do not store any personal information about you and we do not share this personal information.

An IP or Internet Protocol Address is a unique numerical address assigned to a computer as it logs on to the internet. We do not have access to any personal information, and we would never seek this information. Your IP address is logged when visiting our site, but our analytic software only uses this information to track how many visitors we have from geographic regions.

Transferring your information outside of Europe

As part of the services offered to you through our services, the information which you give to us may be transferred to countries outside the European Economic Area (“EEA”). For example, some of our third-party providers may be located outside of the EEA. Where this is the case, we will take steps to make sure the right security measures are taken so that your privacy rights continue to be protected as outlined in this policy. By using or participating in any service or by submitting your personal information, you’re agreeing to this transfer, storing or processing.

If you use our services while you are outside the EEA, your information may be transferred outside the EEA to give you those services.

Security protection for personal information

We use appropriate technologies and organisational procedures to help protect your personal information from unauthorised access, use, disclosure, alteration or destruction consistent with applicable data protection laws.

Our information security policies are aligned with internationally recognised and widely used standards. Our Calculating Agent systems are compliant with the internationally recognised information security standard ISO27001. This is an independently audited certification that information security is managed in line with international best practice.

All of our employees and contractors are required to follow our personal information privacy and security policies when handling personal information.

Where we have provided authentication information for you to access services, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

While we do take appropriate steps to protect your personal information, no website, product, device, online application or transmission of personal information, computer system or wireless connection is completely secure and therefore we cannot fully guarantee the security of your personal information.

Links to Third Party Websites

This privacy statement only covers websites that we own and control. It does not cover links to other websites and accordingly any information collected by those parties that own and control those websites or their use of cookies set from their domains when you visit their websites.

Links to other websites are provided for information purposes. We will not redirect you to a website that is not under our control for the provision of any of our services.

Additional Services and Marketing

You may choose to sign up to receive information about the services that we provide, and which may be of interest to you. If you have consented to receive news or marketing, you may opt out at any point as set out below. You also will be given the opportunity on every e-communication that we send you to indicate that you no longer wish to receive our benchmark information material.

You have a right at any time to stop us from contacting you for marketing purposes. To opt out please email: post@referanserenter.no.

Information from Children under 16 years of age

We understand the importance of taking extra precautions to protect the privacy and safety of children. Our services are not marketed to a broad group of consumers. However, the website will allow any person to download a subscription form/contact us form/whistleblowing or complaint form and to send this to us for processing. In the case, that a child under the age of 16 sends any such information to us, we will delete it, as soon as we identify it.

How long will we hold your personal information for?

We will retain your personal information for as long as we reasonably require it for legal, regulatory, business or contractual purposes. Your personal information will be retained in accordance with our Record Retention and Destruction Policy. This policy categorises all of the information held by us and specifies the appropriate retention period for each category of personal information.

Retention periods are determined by a number of factors, such as local laws, contractual agreements, applicable data protection laws and legal requirements.

Where there is no legitimate reason for retention we will delete/destroy any personal information held by us.

Access to your information, correction, portability and deletion

Under general data protection laws you have specific rights to your personal information. You have;

  • the right to be informed
  • the right of access
  • the right of rectification
  • the right to erasure
  • the right to restrict personal information processing
  • the right to personal information portability
  • the right to object
  • the rights of automated personal information processing

Objections to processing of personal information

It is your right to lodge an objection to the processing of your personal information. The only reasons we will be able to deny your request is if we can show compelling legitimate grounds for the processing, which override your interest, rights, or the processing is for the establishment, exercise or defence of a legal claims.

Subject Access

You have the right to request details of the personal information that we hold about you and copies of such personal information. To do this contact our Data Protection Officer using the details provided below.

Your Right to be Forgotten

You have the right to request to withdraw consent from us to holding personal information about you. This could mean that we are unable to continue to provide you with services. Should you wish for us to completely delete all information that we hold about you please be aware that your personal information may be required to be maintained under regulation and legislative requirements, and that we will be obliged under these circumstances to continue to hold that information.

Keeping accurate personal information

As a Personal information Controller and Processor, we are bound by legal regulations and best practice doctrine and have a responsibility to ensure that any personal information we keep about you is accurate and up to date.

To advise us in any change to your personal information that we hold on you please email post@referanserenter.no.

Enforcing your rights

If you wish to enforce any of your rights under applicable Personal information Protection Laws, them please contact our Data Protection Officer, as detailed below.

We will respond to your request within forty days from any such request, or sooner if possible.

Complaints

If you are concerned that we have not complied with your legal rights under applicable data protection laws, you may contact a relevant supervisory authority.

Contact us

If you have any questions about this policy and your rights, please contact our Data Protection Officer by e-mail, using the e-mail address post@referanserenter.no.