Privacy Terms

This Privacy Notice ("Privacy Notice") is prepared by Symetrisk AS ("Symetrisk", "we", "our" or "us") to ensure that you receive the information we are required to provide to you, and which is necessary for you to exercise your rights under the General Data Protection Regulation (the "GDPR") and the Norwegian data protection legislation (together "data protection legislation"). This Privacy Notice describes how we process personal data about you, the purposes of our processing activities, and the legal bases for our processing activities. Furthermore, this Privacy Notice provides you with information about your rights under applicable data protection legislation and other relevant information relating to our processing of your personal data.

The data controller for the processing of your personal data is Symetrisk. If you have any questions about this Privacy Notice, including how we process personal data, or would like to submit a request to exercise your rights, please contact us at:

Symetrisk AS

St. Halvards gate 33

0192 Oslo

support@symetrisk.com

Personal data means any information relating to an identified or identifiable natural person (a "data subject"). Your name, phone number, address and e-mail address are examples of information that is generally regarded as personal data. Depending on the circumstances, IP-addresses and similar identifiers may also constitute personal data.

Symetrisk offers functionality that allows businesses to share credit data and other enterprise information with financial institutions (hereinafter referred to as the "Service"). We may process your personal data in connection with the provision of the Service or in accordance with our general business purposes, as further outlined below.

The list below stipulates the categories of personal data that we process and the purposes this personal data is processed for:

• • Providing the Service: We process certain personal data, such as name, job title, employer, address, phone number and email address, including other information provided in connection with the registering for an account within the Service, in order to provide the Service to our customers and otherwise manage our customer relationships.

• • Administration of business relationships: We process the personal data of representatives and contacts of our business partners in order to administer our business relationships, including information such as name, phone number, email address, job title and other information about you and the company you represent. We process these personal data to establish and manage our business relationships and for internal administration purposes.

• • Improving and developing the Service: We process certain personal data, such as IP addresses and similar identifiers, to analyze, improve and further develop the Service. For example, we may combine and anonymize data about our users and our user's use of the Service to create aggregate anonymized statistics for the aforementioned purposes.

• • Communications and marketing: If you have chosen to subscribe to our newsletters, other marketing emails or accepted invitations to our seminars or other events, we may process personal data such as name, email address, phone number, job title and employer. We process this personal data in order to market and tailor the Service and events to you or the company you represent.

• • Legal compliance: In limited circumstances, we may process certain personal data, such as contact information or payment details, to comply with our legal and regulatory obligations under applicable law (including to comply with requests by public authorities, court orders, valid subpoenas or other appropriate legal mechanisms). However, since our customers are generally companies, the information we process to meet our legal obligations, such as those related to accounting and tax legislation, generally pertains to corporate entities rather than private individuals.

Depending on the circumstances, we may also process other categories of personal data, and/or the above listed personal data for other purposes. This may for example be the case if you contact us with questions or comments.

You may at any time request confirmation and/or information regarding the personal data which we process about you, by contacting us as described in Section 2 above.

We collect the personal data described in Section 4 above from the following sources:
 

• • You or your employer or a company you are affiliated with, for example when you or your employer enter into an agreement with us.

• • You, when you register and use your user account.

• • You, when you subscribe to our newsletters, marketing email or invitations to events.

• • Your web browser, when you access our website, pursuant to your consent where necessary.

We rely on the following legal bases for our processing of the personal data described in Section 4 above:

• • Providing the Service: If you have created a user profile in the Service, we will process your information based on our legitimate interests in delivering the Service in accordance with the agreement we have with the business you are employed by or otherwise represent.

• • Administration of business relationships: If you are a contact person or other representative of one of our corporate clients, suppliers or other partners, we will process your information based on our legitimate interest in establishing and managing our relationship with the business you represent, or in order to perform our contractual obligations towards the business you represent.

• • Improving and developing the Service: We process personal data for improvement and development purposes in furtherance of our legitimate interests in enhancing our commercial offerings.

• • Communications and marketing: If you subscribe to our newsletter or marketing emails, or visit our webpage, we process your personal data pursuant to your consent where required, such as for sending marketing content to your email address. Where your consent is not necessary according to applicable law, we may process your personal data based on our legitimate interest in marketing the Service as well as other products and services we offer, events, courses and seminars.

• • Legal compliance: To the extent the information we process in order to comply with our legal obligations contains personal data, such personal data will be processed based on our legal obligation to do so, such as our obligations under applicable accounting legislation.

If we have requested your consent to process personal data, you may withdraw this consent at any time.

We currently do not use any cookies.

We use the following service providers in connection with the processing of personal data:

• • Brønnøysundregistrene (brreg.no)
   
  These service providers will act as processors on our behalf. We have entered into data processing agreements with our processors which, inter alia, require the data processors to only process the relevant personal data in accordance with our instructions and data protection legislation, as well as to implement technical and organizational measures to ensure an appropriate level of security, confidentiality and integrity of the personal data. We will not disclose your personal data to any other third parties than the third parties described above, unless we are required to do so under applicable law, or if it is necessary to establish, exercise or defend legal claims.

We do not transfer any personal data to countries based outside the European Economic Area ("EEA") in connection with the processing described in this Privacy Notice.

As a general rule, we will delete or anonymize personal data when they are no longer necessary in relation to the purposes for which they were collected or otherwise processed. If we process personal data to comply with our legal obligations, we will delete or anonymize the personal data when it is no longer necessary to process the data to comply with the relevant legal obligations. We will delete or anonymize personal data in accordance with the following procedures: <li>The personal data relating to users of the Service will be processed for as long as the relevant customer relationship is active and will be deleted, as a general rule, within 30 days after its end.

You have the following rights when we process personal data about you:
 

• • Access: You may contact us if you want to obtain confirmation with respect to whether or not we are processing your personal data, as well as access to and further information regarding our processing of your personal data. You may also request a copy of the personal data we are processing about you.

• • Correcting personal data (rectification): You may ask us to rectify any errors in your personal data.

• • Erasure (the right to be forgotten): You may ask us to erase your personal data.

• • Restriction: You may ask us to restrict the processing of your personal data.

• • Object: You are entitled to object to certain processing activities. You are furthermore, on grounds relating to your particular situation (for example, a specific need for protection of your identity), entitled to object to processing of personal data based on legitimate interests, which we will comply with, unless there exists compelling legitimate grounds for our processing which override your interest, or if our processing is necessary for the establishment, exercise or defence of legal claims.

• • Data portability: You may ask us to provide you or others with your personal data in a structured, commonly used and machine-readable format.

Please note that the above rights may be subject to further exceptions and limitations in accordance with the data protection legislation.

You may contact us if you wish to exercise any of the above rights. Please note that we may request additional information from you if such information is necessary to confirm your identity.

As a controller, we are responsible for the security and confidentiality of the personal data we process. We are furthermore responsible for implementing appropriate technical and organizational measures to ensure an appropriate level of security for the processing. As a controller, we are responsible for the security and confidentiality of the personal data we process. We are furthermore responsible for implementing appropriate technical and organizational measures to ensure an appropriate level of security for the processing.

If you have additional questions on how we process personal data, or are dissatisfied with our processing, you are welcome to contact us. Please find our contact information in Section 2 above.
 

You may also lodge a complaint with the relevant supervisory authority. Please click here to access the contact information to the Norwegian Data Protection Authority. The contact details for all EU Supervisory Authorities can be found here.

We may update the Privacy Notice from time to time. The Privacy Notice will, for example, be updated to comply with any legislative amendments or if we make changes to our processing of personal data.