Addovation Privacy Statement
This privacy statement was published on 14.03.2024
This privacy statement describes how Addovation collects and handles personal data in our business, as data controller. Furthermore, it describes why we process personal data, categories of personal data and what rights you have.
Who are we?
Addovation is a Nordic IT company. We are committed to providing sustainable business solutions and innovation that help businesses grow. We are committed to delivering long-term value and have a genuine commitment to our customers and their business.
The company's head office is located in Drammen in Norway, and our subsidiaries are based in Sweden, Finland and Sri Lanka. The registered address of the head office is Engene 22, 3015 Drammen, Norway.
This privacy statement covers the handling of personal data of all companies in the Addovation Group, which are subject to the same policies and obligations.
For further questions regarding Addovation's processing of personal data, please contact Addovation on dataprotection@addovation.com or:
Addovation AS, reg. No. 992564113
Engene 22, 3015 Drammen, Norway
Addovation Sweden AB, reg. No. 559055-2591:
Vaggerydsgatan 1, 4 TR, 553 30 Jönköping, Sweden
Addovation Finland
Iirislahdentie 16A, 02230 Espoo Finland
Addovation (Pvt) Ltd
Addovation (Pvt) Ltd, Level 5, 370, Highlevel Road, Pannipitiya, Sri Lanka
How does Addovation ensure good privacy?
At Addovation, we focus on the protection of your personal data and always strive for high data protection. This applies regardless of whether we process personal data on our own behalf (Addovation is the data controller) or on behalf of others such as our customers (Addovation is the data processor). This means that we as data controller:
- Ensures that personal data is only processed for lawful purposes and is deleted when there is no longer a purpose and is necessary for the information to be stored.
- Ensure that we have a legal basis for processing personal data.
- When contacting us, you will receive information about how your personal data is processed, for what purpose and information about your rights.
- Ensure that your personal data is adequately protected wherever in the world it is processed.
- When transferring personal data to others, we ensure that we have an established contractual relationship with parties with whom we share your personal data.
- Our employees are well informed about the legislation regarding the processing of personal data and the importance of confidentiality about your personal data.
- Addovation takes appropriate technical and organizational information security measures to prevent and limit risks associated with the processing of personal data, such as preventing unauthorized access, misuse, alteration and destruction. Only authorised personnel who are subject to a duty of confidentiality have access to personal data.
When do we collect personal data about you?
- When you communicate with us through written correspondence, telephone, social media or through our websites.
- In situations where you use our solutions.
- When entering into agreements, whether it is with employees, customers, partners or suppliers.
- When we collect personal information from other legitimate sources, Addovation marketing partners, public sources or social networks. We only process this personal data if you have given your consent for it to share your personal data with others.
- We may collect personal data as a result of a legitimate interest pursued by us, as long as our interest is not overridden by your privacy interests. Before we collect data, we ensure that an assessment is made as to whether there is a legitimate interest that overrides your fundamental rights and freedoms.
Why do we process personal data?
Addovation processes personal data for the following purposes:
| The purpose of the processing | Personal Information We Collect | Basis for processing |
| Administer contractual relationships, including: Perform contractual obligations such as order confirmation, license details, invoices, reminders and the like. Please notify you of any disruptions to our services (system messages). Send you information about the products and services you have purchased from us. Send you information about webinars or other courses. Provide you with access and services related to preview Addovation products. Provide access to our Customer Care Portal.Contact you to conduct surveys about your opinion of our products and services. In addition, the data is used to enable the company to offer you customized special offers as a customer. Detect, prevent, or mitigate security threats, as well as perform maintenance and troubleshooting | Personal information we collect is normally contact information, such as name, address, title, e-mail and telephone number. In connection with interacting with our customers, we may also collect feedback, comments and questions we have received from you in connection with service-related communications and activities, such as meetings, phone calls, documents and emails. | We process personal data to fulfil an agreement, cf. Article 6 (b) of the General Data Protection Regulation. Our processing may also be based on a legal obligation, cf. Article 6 (c) of the General Data Protection Regulation. This will typically be to comply with the provisions of the Bookkeeping Act. Our processing may also be based on a legitimate interest, cf. Article 6 (f) of the General Data Protection Regulation. In such cases, we have assessed whether the legitimate interests pursued by us conflict with the interests of the data subject or fundamental rights and freedoms. |
| Marketing, including: Perform direct sales activities. Provide you with content and details at a webinar or event you attended. Send you marketing communications that you have requested. These may include information about our products and services, events, activities and promotions of our affiliates' products and services. These communications are subscription-based and require your consent. Marketing material may be sent to you as a customer, based on either explicit consent, or as a result of a balancing of interests made by the company. | Personal information we collect is normally contact information, such as name, address, title, e-mail and telephone number. | Our processing is usually based on a legitimate interest, cf. Article 6 (f) of the General Data Protection Regulation. In such cases, we have assessed whether the legitimate interests pursued by us conflict with the interests of the data subject or fundamental rights and freedoms. Our processing may also be based on consent you have given, cf. Article 6 (a) of the General Data Protection Regulation, All processing based on consent can be terminated by the data subject withdrawing his/her consent. This can be done at any time and without explanation by contacting dataprotection@addovation.com. |
| Customer service, including; Respond to a 'Contact Me' or other web forms you have filled out on one of our Addovation websites. Follow up on incoming requests (customer, support, email, chats or phone calls). | Personal information we collect is normally contact information, such as name, address, title, e-mail and telephone number. We may also collect feedback, comments, and questions you have received from you in connection with service-related communications and activities, such as meetings, phone calls, documents, and emails. | Our processing is usually based on a legitimate interest, cf. Article 6 (f) of the General Data Protection Regulation. In such cases, we have assessed whether the legitimate interests pursued by us conflict with the interests of the data subject or fundamental rights and freedoms. Our processing may also be based on consent you have given, cf. Article 6 (a) of the General Data Protection Regulation, The processing may also be based on the fulfilment of an agreement or the implementation of measures before entering into an agreement, cf. Article 6 (b) of the General Data Protection Regulation. |
| Applicants, including: Addovation processes personal data in connection with recruitment processes and processing of job applications. Conduct interviews, including call references. When recruiting, we delete personal data provided to us as soon as the recruitment process has ended, unless otherwise agreed with you. | Personal data you provide in the application process, typically contact information, CV, certificate, diploma and application. We may also collect information from references. | We process personal data to implement measures before entering into an agreement, cf. Article 6 (b) of the General Data Protection Regulation. If we conduct our own investigations beyond this, for example contacting someone who has issued a certificate, our basis for processing such surveys is the General Data Protection Regulation Article 6 (f) legitimate interest. |
| Partners | Personal information we collect is normally contact information, such as name, address, title, e-mail and telephone number. | We process personal data to fulfil an agreement, cf. Article 6 (b) of the General Data Protection Regulation. |
| Vendors | Personal information we collect is normally contact information, such as name, address, title, e-mail and telephone number. | We process personal data to fulfil an agreement, cf. Article 6 (b) of the General Data Protection Regulation. Our processing may also be based on a legal obligation, cf. Article 6 (c) of the General Data Protection Regulation. This will typically be to comply with the provisions of the Bookkeeping Act. |
Use of cookies
Addovation uses cookies to collect information as you navigate the company's websites. For more information about cookies go to: https://www.addovation.com/cookie-policy/
Transfer to others
Addovation uses subcontractors to process personal data, typically partners who provide support, IT services or hosting of the website. In cases where Addovation shares personal data with subcontractors, there is a data processing agreement in accordance with privacy legislation, which is intended to protect your rights to privacy.
It may also be that personal data is provided to public authorities in accordance with legislation.
For more information about our subcontractors, please contact us.
Transfer to a third country
The Company only transfers personal data to a country or company outside the EU/EEA if there is a satisfactory transfer basis in line with data protection legislation.
Storage and deletion
Addovation stores personal data for as long as it is necessary to fulfill the purpose of the processing.
Addovation deletes personal data when there is no longer a purpose for processing and it is no longer necessary to store the personal data.
Your rights as a data subject
When Addovation collects and processes your personal data, you have certain rights. You have the right to:
Access, including the right to know:
- Why we process personal data about you.
- What personal data we process.
- Request a copy of the personal data that Addovation processes about you.
- Who we share your personal data with.
- How long we store your personal data.
- Where Addovation has obtained the personal data from.
If you contact Addovation electronically, you will receive an answer electronically. Addovation endeavours to provide an answer within a reasonable time and no later than 30 days.
To request that Addovation correct inaccurate personal data we have stored about you.
In certain situations, you have the right to request that your personal data be deleted. If we process your personal data without legal basis or consent, you may request that we delete your personal data.
If our processing is based on your consent, you can withdraw this at any time.
You may also request that the processing of your personal data be restricted in certain circumstances, such as during a period when the accuracy of the data is checked.
If we process personal data about you on the basis of consent or agreement, you can ask us to transfer the personal data to you or another data controller. This is called the right to data portability.
If you disagree with our processing of personal data, you can complain to the Norwegian Data Protection Authority. For more information about the complaints procedures, see the website of the Norwegian Data Protection Authority:
Sweden: The Integrity Protection Authority | IMY
Finland: Office of the dataprotection Ombudsman
Miscellaneous
Addovation websites may contain various blogs, forums, wikis and other social media applications or services that allow you to share content with other users (collectively referred to as 'social media applications'). Any personal information or other information that you contribute via a social media application may be read, retrieved and used by other users of the same social media application, over which we have little or no control. Addovation is not responsible for other users' use or misuse of information that you have contributed via a social media application. In such cases, we recommend that you read the privacy policy of the social media site visited.
This Privacy Policy does not apply to the processing of personal data by third parties. Third parties we work with have their own privacy policies.
***
Addovation, 2024-03-01 Per Inge Sævareid, Chief Operation Officer, Addovation Group