This Privacy Statement was published May 24th, 2018.
In Addovation we are committed to protect and respect your privacy in compliance with EU- General Data Protection Regulation (GDPR) 2016/679, dated April 27th 2016. This privacy statement explains when and why we collect personal information, how we use it, the conditions under which we may disclose it to others and how we keep it secure. This Privacy Statement applies to the use of our products and to our sales, marketing and customer contract fulfilment activities. It also applies to individuals seeking a job in Addovation.
Who are we?
Addovation is an IFS Gold Channel partner that provides a cloud-based ERP platform for IFS Applications to the SME market in Scandinavia. With more than 70 competent IFS consultants, we provide all the services you need for a successful implementation of IFS Applications. We work solely with IFS Applications, and have a history of long term partnership with our customers. We can help you reduce your total cost of ownership and add value to your organization through increased efficiency and profitability.
Our company’s headquarters is located in Drammen, Norway, and our subsidiary companies are based in Sweden and Sri Lanka. The headquarters’ registered office address is Strandveien 11, 3015 Drammen, Norway.
When do we collect personal data about you?
- When you interact with us in person, through correspondence, by phone, by social media, or through our websites.
- In some situations when you are using our solutions.
- When we collect personal information from other legitimate sources, such as third-party data aggregators, Addovation marketing partners, public sources or social networks. We only use this data if you have given your consent to them to share your personal data with others.
- We may collect personal data if it is considered to be of legitimate interest, and if this interest is not overridden by your privacy interests. Before data is collected we make sure an assessment is made, ensuring that there is an established mutual interest between you and Addovation.
Why do we collect and use personal data?
We collect and use personal data mainly to perform direct sales, direct marketing and customer service. We also collect data about suppliers, partners and persons seeking a job or working in our company.
We may use your information for the following purposes:
- Perform direct sales activities in cases where legitimate and mutual interest is established.
- Send you information about the products and services that you have purchased from us.
- Provide you content and venue details on a webinar or event you signed up for.
- Send you marketing communications which you have requested. These may include information about our products and services, events, activities, and promotions of our associated partners’ products and services. This communication is subscription based and requires your consent.
- Reply to a ‘Contact me’ or other web forms you have completed on one of our Addovation websites (e.g. to download a whitepaper).
- Follow up on incoming requests (customer support, emails, chats, or phone calls).
- Provide you with access and services related to test versions of Addovation Products.
- Provide access to our Customer Support portal
- Perform contractual obligations such as order confirmation, license details, invoice, reminders, and similar. The contract may be with Addovation directly or with a Addovation partner.
- Notify you about any disruptions to our services (system messages).
- Contact you to conduct surveys about your opinion on our products and services.
- Process a job application.
Our legal basis for collecting personal data
Collecting personal data based on consents
The collection of personal data based on consent from the data subject will be done by using “Consent Forms” that will store documentation related to the consent given by the individual. Individual consents will always be stored and documented in our systems.
Collecting personal data based on contracts
We use personal information for fulfilling our obligations related to contracts and agreements with customers, partners and suppliers.
Collecting personal data based on legitimate interest
We may use personal data if it is considered to be of legitimate interest, and if the privacy interests of the data subjects do not override this interest. Normally, to establish the legal basis for data collection, an assessment has been made during which a mutual interest between Addovation and the individual person has been identified. This legal basis is primarily related to our sales and marketing purposes. We will always inform individuals about their privacy rights and the purpose for collecting personal data.
What type of personal data is collected?
We collect name, phone number, title and email address, in addition to your company’s name and contact information. We may also collect feedback, comments and questions received from you in service-related communication and activities, such as meetings, phone calls, documents, and emails. From our websites we may collect IP-address and actions taken on the site.
If you apply for a job at Addovation, we collect the data you provide during the application process.
Addovation does not collect or process any special categories of personal data, such as public unique identifiers or sensitive personal data.
This information is used to make websites work more efficiently, as well as to provide business and marketing information to the owners of the site, and to gather such personal data as browser type and operating system, referring page, path through site, domain of ISP, etc. for the purposes of understanding how visitors use a website. Cookies and similar technologies help us tailor our website to your personal needs, as well as to detect and prevent security threats and abuse. If used alone, cookies and web beacons do not personally identify you.
Information to customers
As a customer of Addovation, certain personal data are collected and processed in various ways. The information that follows concerns this processing and your rights as a data subject.
References to “Addovation” should be read as referring to Addovation AS and/or, depending on context, its affiliated entities, including Addovation Sweden AB and Addovation (Pvt) Ltd.
The party responsible for the processing of personal data, the joint controller, is:
Addovation AS, reg. no. 992 564 113
Strandveien 11, 3015 Drammen, Norway
Addovation Sweden AB, reg. no. 559055-2591
Vaggerydsgatan 1, 4 TR, 553 30 Jönköping, Sweden
For additional information regarding the company’s processing of personal data, please contact the company at firstname.lastname@example.org.
Purpose of processing and legal basis
As a customer of the company, your personal data are processed to the extent necessary to administer the customer relationship and for the company to be able to fulfil its obligations towards you. Additionally, the data are used to enable the company to offer you personalised special offers as a customer. The processing is based on the contract or the customer relationship that arises, for example, in conjunction with the customer placing an order with the company. Marketing material is sent to you as a customer based on either explicit consent or a balance of interests conducted by the company.
All processing based on the customer’s consent can be terminated by the customer withdrawing their consent. This can be done at any time and without explanation by contacting email@example.com.
Data may be provided to public authorities in compliance with legislation, as well as to any partners who provide support services to the company, such as IT services, in the manner and to the extent necessary for the company to fulfil its obligations to you as a customer and for marketing purposes.
Transfer to a third country
The company strives not to transfer data to a country or company located outside the EU/EEA. If, however, a need should arise for such transfer, the company will ensure appropriate safeguards to in the best possible way protect our customers’ personal data.
Storing and purging
The customer’s personal data are kept as long as the customer relationship persists and thereafter for the period of time required or permitted by the legislation and standard practice applicable at any time.
Your rights as a data subject
When the company collects and processes your personal data, you have certain rights. You have the right to:
– Request a copy of the personal data that the company processes and details of how the data are processed;
– Request the rectification of any inaccurate data;
– Request to be erased. However, this can only be done provided that there is no other legal basis giving the company the right to retain the data;
– Request that processing be restricted under certain circumstances, such as during a period when the correctness of the data is under investigation; and
– When the General Data Protection Regulation comes into force, exercise the right to data portability.
If you have any questions regarding the processing of your personal data, please contact the company at firstname.lastname@example.org.
The company takes appropriate technical and organisational information security measures to prevent and limit risks associated with processing personal data, such as unauthorised access, disclosure, misuse, alteration and destruction. Only authorised personnel bound by secrecy have access to identifiable personal data.
The company’s websites may contain various blogs, forums, wikis and other social media applications or services that allow you to share content with other users (collectively referred to as ‘social media applications’). All personal data or other information that you contribute via a social media application can be read, retrieved and used by other users of the same social media application, over which we have little or no control. Accordingly, we accept no liability for any other user’s use or misuse of information that you have contributed via a social media application.
Per Inge Sævareid, CEO
Rev. 1005641 – A1