Personal data is information that can be linked to you as an individual. Personal data may be your name, phone number, address, but it could also be an IP addresses, behavior patterns, or assessment/profiling made from a data set. We will need some of your personal information to best respond to your inquiry and provide you with the right information.
All use of personal data is considered processing. This can be, for example, collection, registration, compilation, storage, and extradition or a combination of these actions. HySpex is the data processor, and we are responsible for the personal data processed in connection with the use of our services and in customer relations. Our role as data processor primarily implies that we are responsible and we must comply with the current law regarding privacy (GDPR).
It’s important for us that you understand how your personal data is handled by us, and throughout this privacy policy, we’re going to explain which data we collect, how we collect it and the usage of that data.
In order for us to answer your inquiries we need some information to reach you. This is the information you provide in the various contact forms on our website, or by contacting us via e-mail. You can choose if you wish to be contacted by e-mail or phone by filling in the respective fields. Your personal information will not be used for any purpose other than responding to your inquiry and possibly adding you as a customer. If your inquiry is answered and it does not lead to anything else, we will delete your email within 1 month.
In some cases, we would like to enter your information in our Customer Relations Management (CRM) system if you want to become a customer. This will be the information you have provided through a form on our website, through e-mail or if you've been in contact with us by phone. The system has access control, and your information is only available to select employees who need access to this information. Should the customer relations end at a later time, we will delete your information from our system within 5 years, which is the amount of time we are required by Norwegian law to keep certain information about our business and sales.
You can read about our use of cookies here
Once you no longer have any business with us, we will still need to keep your personal information and relevant records regarding your customer relations with us. This information is deleted from our systems when other laws requiring storage and/or archiving expire after 5 years. Personal data and records regarding customers will not be deleted if disclosure of criminal offenses or litigation is in progress.
The Norwegian Data Inspectorate states that: "The maximum deadline for deletion for all information is 5 years after registration. The Data Inspectorate cannot see that there is a legal basis for storage beyond this."
If you are a customer or have been in contact with us, you have the right to access our records of your personal data, and we also have to inform you about our processing activities. If you wish to use your right of access to your data or to edit or delete certain data, you need to contact us so we can help you further.
You must contact us directly if you suspect that unauthorized access to your personal data has been made by one of our employees. We will assist you when ordering an investigation. If it is found that your suspicion is justified, you will be notified. You will receive information that the case is handled by Hyspex and reported to the Data Inspectorate.