This privacy policy explains how Biowater Technology AS (hereinafter «Biowater» or «we») collects and uses personal data. Personal data is information that can be linked to you as a person. All processing of personal data takes place in accordance with Norwegian law, including the Personal Data Act, which includes the EU’s Personal Data Protection Regulation (GDPR).
The privacy policy applies to all visitors to our website and our pages in social media, contact persons we have with our business customers and the public, suppliers and partners, in addition to private individuals who participate in our events and people who otherwise contact us, as well as for those who work with us or are looking for a job with us.
Below you will find information about which personal data we process, the purpose and basis for such processing, how we ensure safe and proper processing of the data and what rights you have in connection with the processing.
The controller for the personal data within Biowater by the general manager. Contact details for inquiries related to the personal data we process appear in point 8 below.
1 WHICH PERSONAL DATA WE PROCESS, THE PURPOSE AND ON WHAT LEGAL BASIS IT IS PROCESSED
We use cookies on the website, so that when you visit our website, some information is automatically registered. They are both necessary. functional cookies and cookies for statistical and marketing purposes depending on your consent settings. You can read more about our use of cookies here .
If you send us an inquiry using our contact form or email, we will record your name, telephone number, email and any other personal information you provide. The processing takes place on the basis of the consent you have given by sending us your inquiry, and our legitimate interest in such processing to be able to help you with your request.
In order to enter into and administer our customer agreements with
municipalities/companies/organisations, as well as supplier and cooperation agreements, we process the name, position, telephone number and e-mail address of the contact person(s), as well as any correspondence relating to the conclusion and fulfillment of the agreement. The processing takes place on the basis of consent or agreement with us, as well as our legitimate interest in such processing in order to enter into and manage our agreements.
In order to be able to manage inquiries relating to recruitment for new positions, we register your name, contact information, your CV, application, certificates, references and other submitted information about you. Processing takes place on the basis of the consent you have given by applying for the position, as well as our legitimate interest in such processing in order to manage our employment processes.
We also have pages on the media platforms Linkedin, X, Youtube and Instagram. There we post and share content, information and images regarding our projects, activities and the like. We collect all communications, content and other information you provide us directly on our social media pages, for example if you comment on our posts or send us a private message via these media platforms. We are the data controller for this information. The platform owners also record how you use these pages with the help of cookies and other similar technology every time you visit one of their pages. Among other things, they use this to provide us with usage analyses, so-called «Page Insights» analyses, which contain statistics based on anonymised information about those who visit the company pages. This allows us to optimize our pages and adapt to the interests and habits of the users of our social media pages. If you have a profile, we can see what you post there, that is, your username and other profile information in addition to what you post publicly. The various media platforms also use your information for their own purposes, and further information about this can be found in their respective privacy statements.
2 DISCLOSURE TO OTHERS
We will not disclose your personal data to others unless there is a legal basis for such disclosure or it is stated in this privacy policy. Examples of such a basis are an agreement with you or a statutory duty to hand over the information. Examples of relevant recipients are payment intermediaries for carrying out your payment for purchases.
We use data processors to store or otherwise process personal data on our behalf. Examples of such data processors are our supplier who operates our IT systems. In such cases, we have entered into agreements to safeguard information security at all stages of the processing and ensure that they process the information in accordance with the regulations. Our data processors cannot process your personal data in any other way than what has been agreed with us and described in this privacy policy.
3 STORAGE LOCATION
We and our data processors store the personal data on servers in Norway and elsewhere within the EEA area.
4 STORAGE PERIOD AND DELETION
We store your personal data for as long as is necessary to fulfill the purpose of the processing as described in point 1, or statutory obligations, for example obligations under the Bookkeeping Act.
Contact information and other personal data will be kept up-to-date and correct as far as possible, and deleted when they are no longer relevant.
Personal data we process on the basis of your consent will be deleted when the consent ceases or is withdrawn, unless it follows from legal requirements or other grounds for processing that we still have to keep the relevant data for a certain period of time.
Storage of anonymised information is not subject to the above-mentioned time limits or deletion requirements.
5 PROTECTION AND INFORMATION SECURITY
Protecting your personal data is a high priority task for us, and we work continuously to protect personal data and other confidential information. Our security work includes both physical, technical and administrative measures.
Access to your personal data is limited to employees and hired consultants who have a legitimate need for such access. We will provide training to employees and third parties where relevant, to promote awareness of our privacy policies and procedures.
The security work also means that we regularly review various factors such as risk exposure, available technology, business needs and legal requirements. This is to ensure that we have sufficient security measures in place at all times, including to avoid personal data going astray.
6 YOUR RIGHTS
You have the following rights with regard to the personal data we process about you: Access: You can ask to know what personal data we have registered about you.
Correction: You have the right to have incorrect, incomplete or irrelevant information about you corrected.
Withdraw consent: You can withdraw your consent to our processing of your personal data at any time .
Data portability: You can request that the personal data you have provided to us be provided in a format that can be transferred to another business
Deletion: You can demand that we delete personal data we have stored about you without delay.
Restrict/object to the processing: You have the right to have the processing restricted in certain cases, such as when:
– You dispute the correctness of the personal data – the processing is stopped for a period that enables us to check the correctness of the personal data
– The processing is illegal, and you object to the deletion of the personal data and instead request that the use of the personal data be restricted
– We no longer need the personal data for the purpose of the processing, but you need it to determine, enforce or defend legal claims
You can also object to processing according to GDPR article 21 no. 1 pending the check of whether our legitimate interests take precedence over your privacy
Information in the event of a breach of personal data security: If a breach of personal data security entails a high risk for your rights and freedoms, we are obliged to notify you.
To exercise your rights, you can contact us as described under point 8 below. We will respond to your inquiry as soon as possible and within 30 days at the latest.
If you believe that our processing of personal data does not comply with this privacy policy or the privacy legislation, you have the right to complain to the Norwegian Data Protection Authority. Feel free to contact us first, in case there is something we can rectify quickly. For contact information at the Norwegian Data Protection Authority and further information on the right to appeal, see www.datatilsynet.no .
7 CHANGES
Biowater will change this privacy policy if necessary. We therefore recommend that you read through our privacy policy at regular intervals when you visit Biowater.
8 CONTACT INFORMATION
For questions about this privacy policy or our processing of your personal data, please contact us using the following contact information:
Biowater Technology AS
Grev Wedels gt. 1
3111 Tønsberg
post@biowater.no
(+47) 91 11 16 00