Privacy Policy and Legal Notices

Last updated: September 8 February, 2021

This Privacy Statement describes how Greenbird Integration Technology AS (Greenbird) processes personal data in the course of our business activities.

Greenbird Integration Technology AS
Storgata 1, 0155 Oslo, Norway.
Authorized representative: Marius Hansen (COO)
VAT registration number: VAT NO. 994 921 142

As the "data controller" Greenbird is responsible for your personal data under applicable data protection law. If any questions arises in relation to this privacy policy, you are welcome to email info@greenbird.com.

For us at Greenbird, it is important that your personal data is handled in a safe and secure way. We follow all laws and regulations that apply to personal data protection. We have organizational and technical security measures implemented and we are constantly working to strengthen these. This policy helps you, among other things, to understand what kind of information we collect, how it is used and what rights you have.

Processing, legal ground and deletion of personal data

We may collect information from:

Job applicants

What kind of personal data we process?

In connection with your application to work with us, we will collect, store and use personal data in order to make a recruitment decision and contact you. This information will normally include:

  • your name, employment history and academic qualifications, and any other information that you have provided to us in your curriculum vitae and covering letter;
  • the information you have provided on our application form, if relevant, including title, address, telephone number, personal email address, date of birth, gender;
  • any information you provide to us during an interview; and
  • the result of psychometric testing which we use as part of our selection process.

What is the legal basis?

We need to process your personal information to decide whether to enter into a contract of employment or services with you. You have the right to not provide information when requested. If the information is necessary for us to consider your application (such as evidence of qualifications or work history), we will not be able to process your application successfully.

How is your personal information collected?

We collect personal information about candidates from the following sources:

  • you, the candidate;
  • recruitment agencies, from which we collect data similar to that specified above;
  • background check providers from whom we collect details of allegations and or criminal convictions, if any, for fraud, bribery and corruption, money laundering, terrorism financing, and sexual and other criminal behavior; and
  • your named referees

How we will use information about you?

Only the relevant persons involved in the recruitment process within Greenbird have access to your stored data. We will use the personal information we collect about you to:

  • assess your skills, qualifications, and suitability for the work;
  • carry out background and reference checks, where applicable;
  • communicate with you about the recruitment process;
  • keep records related to our hiring processes; and
  • comply with legal or regulatory requirements.

How long we will keep your data?

  • Whether you have applied directly for an open position, submitted a speculative application or been sourced by us through LinkedIn or other channel, we will retain your personal data for a period of six (6) months after we have communicated to you our decision about whether to appoint you. We retain your personal information for that period so that we can show, in the event of a legal claim, that we have not discriminated against candidates on prohibited grounds and that we have conducted the recruitment exercise in a fair and transparent way. After this period, we will securely destroy your personal data in accordance with our data retention guidelines.
  • If we wish to retain your personal data on file, on the basis that a further opportunity may arise in future and we may wish to consider you for that, we will write to you separately, seeking your explicit consent to retain your personal data for a fixed period on that basis.

Employees, other staff and dependents

For processing of personal data from employees, other staff and dependent please consult our internal privacy policy

Suppliers, service providers, clients and other business relations

What kind of personal data we process and of who?

We collect and process personal data relating to individuals associated with our suppliers, service providers and other business relations. Such information may include:

  • names, employer/entity name, business contact details, CVs, communications etc.
  • We use this information as necessary to consider bids and tenders, to conclude and execute agreements with suppliers, service providers and other business relations and to communicate with, support and manage our relationship with such parties.
  • Any personal data that is required for these purposes will be archived in accordance with the Norwegian Archiving Act.

What is the legal basis?

The legal basis for processing this information is that it is necessary for the performance of a contract.

How long will we keep your data?

We will keep your data for follow up and to evaluate procurement and business partners, for the length of the agreement and time to preclude legal issues.

For legal disputes we will keep the data during the ongoing dispute and for a period of time after the dispute when the information is still relevant. For financial trading information, we will keep the data for five years in accordance to legal requirements.

Clients and potential clients through Media and Communications

How we will use information about you?

We collect and process personal data relating to media and communication, to provide customers with news, content and events.

  • When subscribing to receive news, publications and other information from Greenbird Integration Technology AS.
  • When we create media content such as articles, interviews, videos and pods for all our channels.
  • When we archive media material such as press clips, images and photos, campaigns, press releases, videos and recordings to preserve the company's history.
  • To manage different types of events, including meetings and press conferences. Events may be recorded and transcribed as well.
  • If you contact us for information requests.

What is the legal basis?

The legal basis for processing is based on the subscribers’ consent, which may be withdrawn at any time.

How long will we keep your data?

We save your data for as long as we have your consent and in order to fulfil the purpose for which it was collecte

Website

While using our website, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. We also collect information from and about the devices our customers use for accessing our services. This includes information like IP addresses, the type of browser and device used, and other identifiers associated with your devices.

Cookies

Cookies are files with small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a web site and stored on your computer's hard drive.

We use "cookies" to collect information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.

Third parties and links to Other Sites

We may use third party services such as Google Analytics that collect, monitor and analyze this type of information in order to increase our service's functionality. These third-party service providers have their own privacy policies addressing how they use such information.

Our Service may contain links to other sites that are not operated by us. If you click on a third-party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit.

Your rights

You have rights regarding access, correction, erasure and restriction. This means that you can:

  • Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
  • Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
  • Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for
    us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
  • Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
  • Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
  • Request the transfer of your personal information to another party.

If you want to review, verify, correct, or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please contact our COO Marius Hansen at info@greenbird.com.

Protection of your data, use of third parties and transfer

Information security

Greenbird takes the security of your personal data seriously. We implement both technical and organizational security measures to ensure that your personal data is protected from unauthorized use. Greenbird has internal policies and controls in place to try to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by the stated purposes. Following measures are taken:

  • An Internet facing firewall to prevent outside penetration of Greenbirds network. This firewall also maintains a list that prevents access to malicious sites on the WWW and connections to bot-nets.
  • Spam filtering. All our mail passes through a spam filter which looks for unsolicited mail, malicious software and dangerous links.
  • Local firewalling. All our machines are individually protected by firewalls. This prevents problem software proliferating through the network and unauthorized access from one machine to another.
  • File access controls. Access to data on Dropbox is controlled based on need. Management authority is required before any changes of access are made
  • Additional controls. The ERP system/HR systems/Payroll system (Tripletex) and the document management system are also controlled as above.
  • Acceptable Use Policy. This policy is to ensure that all information technology users within Greenbird or its networks comply with rules and guidelines related to the security of the information stored digitally at any point in the network or within the organizations boundaries of authority.
  • Social Media Policy. This policy is aimed educate employees and minimize risks when using social media which can impact Greenbird and employees.
  • In the event of a data breach, Greenbird has proper mechanisms to mitigate the risks for unauthorized access and use.

This list is not exhaustive. Greenbird works actively and continuously with privacy to ensure that all our security measures are up to date to strengthen the protection of your personal data.

Third parties

We may employ third party companies and individuals to facilitate our Service, to provide the Service on our behalf, to perform Service-related services or to assist us in analyzing how our Service is used.

These third parties have access to your personal data only to perform these tasks on our behalf and are contractually obligated not to disclose or use it for any other purpose.

We never pass on, sell or swap your data for marketing purposes to third parties outside Greenbird Integration Technology AS.

Transfer

  • Your information, including Personal Information, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.
  • If you are located outside Norway and choose to provide information to us, please note that we transfer the information, including Personal Information, to Norway and process it there.
  • Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

Contact Us

If you have any questions or concerns about this privacy policy or how we handle your personal information, or require any further information, please contact our COO.

Email (preferred): info@greenbird.com
Visiting address: Storgata 1, 0155 Oslo, Norway

In case you want to lodge a complaint to the supervising authority, here is the contact information for the Norwegian Data Protection Authority (Datatilsynet):
Visiting address: Tollbugata 3, 0152 Oslo, Norway
Email: postkasse@datatilsynet.no
Phone: +47 22 39 69 00
Website: www.datatilsynet.no

Changes to This Privacy Policy

This privacy policy may be subject to necessary changes from time to time. The latest version is always available on our website.

Credit for images use

Some graphic elements used on our website include icons made by Freepik from www.flaticon.com or licensed under stock images including Adobe stock, Standard Licence Agreements either directly or third-party suppliers.