Each company within the group is responsible for the handling of its own data, with oversight from the company’s Chief Executive. A delegated privacy coordinator within the group is delegated to manage the day-to-day responsibility.
This Privacy Statement provides additional information about how and why Smedvig collects and processes personal information. You will also find information about your rights as an individual registered with us.
Contact Address: Løkkeveien 103, Stavanger
Post Address: Postboks 900, 4004 Stavanger
Phone: +47 51 50 96 00
Organisation number: 990 524 599
For any questions or objections that you may have regarding the processing of your personal information, please send an email to the privacy coordinator: firstname.lastname@example.org
Our processing of personal data
Smedvig collects and processes personal information for the following purposes:
Rental of Commercial Property
In connection with the rental of commercial property, it is necessary for us to register and process personal information related to tenant contact details. The personal information that is processed is name and contact information.
In order to provide services on our digital platform, Life@Work, we need to process personal information such as name, contact information, username and employer name
In order to provide internet and network services to our tenants, we need to process usernames, telephone numbers, e-mail addresses, IP addresses and MAC addresses.
In order to provide tenant’s employees with access to common areas and rented premises, personal access cards must be issued. In order to issue and activate the card, personal information such as name, photo, contact information, name of employer and behaviour patterns (use of the access card) are registered and processed.
Some of our properties are equipped with video surveillance facilities. This is to prevent, detect and investigate any crimes that may occur. Photos and recordings are stored for a period of 7 days and then deleted. Photos and videos can be shared with the police in connection with criminal cases. There are signs on the exterior of those properties where video surveillance is in use.
In connection with the rental of commercial property, we offer a service where the tenant is able to report service matters to our operations personnel. In order to provide this service, personal information such as name, contact information and name of employer are processed.
Sale of property
In order to enter into, or to fulfil agreements on the sale of property, it is necessary for us to process personal information such as name, contact information, personal number, identification documents and financial information.
We have a legitimate interest in marketing our services. If we have established a customer relationship / membership, we will send you relevant information about our services. This could include invitations to events, information about current campaigns and offers, and newsletters. We reserve the right to provide you with this information at any time.
All marketing activity beyond this requires your consent.
Smedvig will also occasionally send out emails about new services or other information that we consider to be relevant and interesting to you. In order to develop and improve our services, we will also regularly send out customer surveys where we would like feedback from our customers.
We mainly collect personal information from you directly. For example, via enquiries from you, your activity on our website etc, or where we have received your information via your employer because you are designated as a contact person for one of our partners. However, in some cases, Smedvig also obtains information from third parties. These can be sources from publicly available registers or from the authorities. We will try to notify you of such a collection as soon as we can, unless the collection of the information is required by law, notification is impossible or very difficult, or it is obvious that we have collected such information about you.
We aim to offer secure, stable and user-friendly IT systems that contain correct data. We test and develop our IT solutions in a separate test environment. We strive for anonymisation or pseudonymisation, but in some cases it may be necessary for us to use real personal information for testing purposes. We ensure satisfactory information security and real personal information is deleted or anonymised after testing.
In order to be able to offer our services regardless of which group company it comes from, we share personal information internally within the group. This corporate customer register is authorised as a legitimate interest. Personal information that is shared is name, contact information, possible name of employer and personal number if available.
The Privacy Statement for Private Equity can be found here.
How long do we store your personal information?
Personal data is stored for as long as is necessary to fulfil the purpose of its collection or statutory processing. An example of statutory processing of personal data: The Accounting Act requires us to store personal data for 5 years.
We will delete your personal information if you request it, unless we have a legal or statutory obligation to store / process your personal information.
Do others have access to your personal information?
Personal information may be made available to those third parties who assist us with the operation of our IT systems. When we give third parties access to personal data in this way, we make use of data processor agreements, to ensure that the third parties company with our requirements for the processing of personal data in line with the relevant laws.
It can be the case that we share your personal information with partners or other companies within the Smedvig group. This is done to enable us to offer you relevant services and to be able to undertake daily operations. We do not share personal information with third parties without having a legal basis for doing so.
Unpaid receivables are sent to debt collection companies. Furthermore, we share your personal information with public authorities as necessary to fulfil our legal obligations.
In addition, we do not share your personal information with third parties without your consent.
We take information security seriously and have put in place appropriate measures to protect the integrity and availability of your personal information. Access to your personal information is limited to employees who have a service need for such access. We provide training to employees and third parties where relevant to ensure awareness of Smedvig’s privacy regulations.
Use of subcontractors
We use subcontractors to perform services on our behalf. Examples of situations where we would use subcontractors include:
- The operation of IT systems including building technical systems
- Advertising and PR
- Personalisation and optimisation of services
- Processing of payments
- Customer service
- Analysis of data and web traffic patterns
- Customer / user surveys
We enter into a data processor agreement with all third parties acting in such capacity, who process personal data on our behalf. The data processor may not process your personal data in any way other than that which is agreed in the data processor agreement.
Where is your personal information stored?
Personal information processed by us is stored on servers located in Norway and Europe. We do not store personal information outside of the EU / EEA area.
As a registered individual, you have rights related to the processing of your personal data. You have the right to access, correct or delete personal information that applies to you. You have the right to limit the processing or to deny the processing that applies to yourself, as well as the right to data portability. You can withdraw your consent to the processing of your personal data at any time.
You have the right not to be the subject of a decision that is based solely on automated processing, where it may have a legal impact, or to a significant degree, affects you.
If you wish to exercise your rights as registered with us, questions / requests can be directed to the privacy coordinator of Smedvig AS. If you believe that our processing of personal data is in violation of the law, you can register a complaint to the Norwegian Data Protection Authority (Datatilsynet). Complaints are submitted via the Data Authority’s website.
Changes to the Privacy Statement
We can make changes to this privacy statement as required. An updated privacy statement will be published on our website.
An overview of previous versions of the privacy statement can be found here.