​

PRIVACY AND DATA DECLARATION FROM DELFI DATA AS

Data protection refers to the right to privacy and the right to determine how your personal data is used. Personal data means data and evaluations that can be linked to an individual person.Delfi Data AS and its subsidiaries Delfi Consultancy AS and Maptrends AS process personal data as an employer, as a supplier of services, for marketing purposes. 

Data protection is an important part of Delfi’s deliveries and we attach the highest priority to protecting the integrity, accessibility and confidentiality of all personal data. This personal data declaration provides supplementary information about which personal data we collect, how this information is collected and your rights if we record personal data relating to you. 

​

In which areas does Delfi process personal data?

​

Client and supplier information

Delfi processes personal data about clients and suppliers, in addition to any third parties where this is required to fulfil contract obligations.The legal basis for such processing is Section 8, first paragraph and Section 8 a), b) or f) and Section 9 a), b) and f) of the Norwegian Personal Data Act.
The information processed includes contact information for clients and suppliers.
Personal data is stored in a separate database and is deleted five years after the conclusion of the client relationship.

​

Sub contractors

Delfi uses sub contractors. As a result of our services, we also act as a data processor to some customers. We therefore base ourselves on general permission for use of sub contractors corporations, see GDPR Article 28 if we do not have specific data processor agreements with each sub contractor. This is agreed with the customer.

By using sub contractors we confirm that they are subject to the same obligations regarding the protection and use of personal data and other customer data such as  Delfi.

​

Suppliers acting as subcontractors for Delfi have to document good internal privacy and information security practices through certifications, independent report auditing, or other relevant documentation. Delphi may conduct security audits to ensure that the supplier processes personal data in accordance with the requirements of the GDPR 

​

HR administration

Delfi processes personal data as part of its HR administration procedures. Personal data processed in this context includes biographical data, salary information, assessments, information about next of kin, and qualifications/position level.
The legal basis for this processing is Section 8 letter f of the Norwegian Personal Data Act.
Personal data relating to HR administration is stored for as long as the individual in question is employed at Delfi. Personal data for unsuccessful applicants is deleted one year after the relevant individual applied for the position with Delfi.

​Delfi is required to store documents used for client checks for at least five years after the cessation of the client relationship or completion of the transaction, unless a shorter period is established in other legislation or regulations.

​Processing of personal information in connection with the marketing and use of delfi.no

​Delfi processes personal data for marketing purposes. This personal information may be exchanged between Delfi Data AS, Delfi Consultancy AS and Maptrends AS, but will not be disclosed to other businesses.

​Requests through the website

​​

​By using the form "Contact Us" on delfi.no, you must enter your name and e-mail address. The information is sent as an email to Delfi, and will not be communicated to others outside Delfi. The information will either be stored in our database or deleted.
 

​

​The legal basis for this processing is the Norwegian Personopplysningsloven § 8 a (GDPR Article 6 letter b).

 

A​​dresseregister

​​Delfi stores contact information for potential clients in a separate database. The information is retrieved from publicly available sources, such as enterprises’ websites. The personal data is processed in order to market our services and coordinate this marketing work.
The legal basis for this processing is § 8 letter f of the Norwegian Personopplysningsloven.
Personal data for potential clients is deleted within one year of being recorded in the database, provided that a client relationship has not been established..

 

​Webanalyse og informasjonskapsler (Cookies)

​

At Delfis webside http://www.delfi.no we log information about all visitors using Google Analytics. The information that is recorded cannot be linked to the visitor or traced back to you as an individual. We collect the data to gain a better understanding of how our users use the website, so we can adapt the pages to optimally suit our users.
Like most other websites, we store data in a cookie on your PC. Most browsers are configured to receive cookies from websites. You can delete stored cookies by following the relevant instructions in your browser. You can find information about this in your browser’s Help function. Please note that restricting the use of cookies can affect the functionality of our website logs. 

Visitor's IP-addresse is not tracked.

​

Google Analytics

The cookies on our website are provided by Google Analytics (first-party cookies). These are automatically deleted if you do not return to the website within 24 months. You can prevent any of your data being recorded by Google Analytics by installing an add-on in your browser: Google Analytics Opt-out Browser Add-on
Delfi uses the Google Analytics analysis tool to study traffic, usage patterns and trends on its website. The data that is collected is used to optimise the user experience and adapt the website’s content.  In accordance with Google’s guidelines for use of Google Analytics, no personal data is collected about users. The data that is collected is stored on Google’s servers. You can read more about how Google collects and protects data here..

 

Google Display Advertising

The DoubleClick cookie is a third-party cookie that enables third-party suppliers, including Google, to display targeted advertisements from Delfi on a number of websites that are part of Google’s content network. This is also known as remarketing. You can read more about the benefits of remarketing here.
Remarketing is used to adapt advertisements for users based on their interests and previous website use. This targeted approach helps to make marketing more relevant to you as a user. In accordance with Google’s data protection policy, no data is collected or processed that could be used to identify individuals. You can opt out of targeted Google Display advertisements here.

 

Children's privacy

Our website is not designed for or directed at children under the age of 13, and we will never deliberately collect or maintain information about children under the age of 13..

​

Processing of personal data related to job applicants

When registering and / or subscribing to vacancies at Delfi, as well as submitting CV, application and other relevant documents in connection with a job application, personal information is collected. Personal data processed in connection with recruitment include personnel and job and education details. There may be personality tests by relevant candidates, and Delfi will treat with these results related to the tests. Personal information is obtained from job applicants.

​

If Delfi were to use recruitment service provider, the processing would be bound by data processing agreements. The information will not be used for purposes other than processing related to job search.

Personal data about job applicants will be deleted one year after they applied for employment with Delfi, unless the employee is employed or agrees to retain the information for a longer period. It is emphasized that job applicants can get the information deleted whenever they wish.

​

Information security

We have focus on information security and have implemented procedures to ensure confidentiality and integrity in our customer's data. Delfi has security mechanisms that involve both organizational and technical measures such as role and access management and requirements for built-in privacy in our IT systems. Material containing sensitive personal information or social security number and transferred to or from Delfi must always be secured against access by means of encryption

​

Extended information on information security in Delfi is available to our customers on request..

​

Your rights

Delfi's processing of personal data is governed by the Norwegian Personopplysningslov and its corresponding regulations. Your rights relating to our processing of personal data are included in the Personal Information Act, Chapters III and IV (GDPR Chapter III). Below are some of the most important rights:

​

Right to access information

Anyone who asks has the right to know what type of personal data processing Delfi performs, as well as basic information about these processes. This information is provided in the data protection declaration.

If you are registered in Delfi’s systems you have the right to know which information about you is recorded and which security measures are in place for processing as long as such access does not undermine security.

You can demand that the data controller provide more detailed information as mentioned above if this is necessary to enable you to safeguard your interests.

​

Correction and deletion of invalid personal data

If Delfi processes personal data about you that is inaccurate, incomplete or which it is not permitted to process, you can demand that Delfi correct or delete such data. Wherever possible, Delfi shall ensure that the error does not adversely affect you, e.g. by notifying recipients about inaccuracies in the delivered information 

 

Inaccurate data should be deleted, and accurate and complete data recorded. If this is not possible, and consequently a document from which data has been deleted still provides an evidently misleading picture, the entire document shall be deleted

 

Delfi shall respond to requests to access information or other rights in accordance with Sections 18, 22, 25, 26, 27 and 28 of the Norwegian Personal Data Act without undue delay and no later than 30 days from the date of receiving the request, unless particular circumstances make it impossible to respond to the request within this deadline. In such cases Delfi shall provide a provisional response, including information about the reasons for the delay and the expected date an answer will be provided.. 

​

​

Contact information

Enquiries can be sent to firmapost@delfi.no or Delfi Data AS Veritasveien 25, 4007 Stavanger. Norway

Delfi do not have a Data Protection officer.

​

Changes to our privacy and data declaration

There may be changes to our privacy and data decaration. Date of last change is 25.05.2018. We encourage interested parties to regularly review our website for changes.