English

Privacy notice

Your trust is important to Iconfirm AS (further referred to as "we" or "Iconfirm").

The purpose of this privacy notice is, thus, to be open about the data we collect about you, and to give you an understanding of how such data is used and shared.

Iconfirm has two roles in the processing of personal data
  1. We will mainly process personal data on behalf of our partners and act in such cases as a data processor. In these cases, we have entered into a data processor agreement with our customers. Further information about this treatment can be obtained by contacting our customers directly.
  2. We also process information on an independent basis as a data controller. The information in this privacy notice is related to such processing. This will typically be information about visitors to our website, people who have downloaded information from our website or persons working with our customers or potential customers that we naturally have contact with as part of the sales process or follow-up in the customer relationship.

    Furthermore, we process information about people who share our passion for privacy. These are often skilled professionals where we exchange knowledge and expertise.

1. What kind of information do we collect and why

We collect and use your personal information as a key person in an existing or potential business relationship. The purpose of the processing is to manage the relationship. We collect the following personal information: name, contact information such as telephone number and email address as well as position and what area of ​​responsibility you have in the company you represent. We also register who your employer is. Furthermore, we keep a simple log of activities and dialogue.

The sources of data can be yourself, profiles on websites, Linkedin, public or private registers. Your data is processed as part of a potential or existing customer relationship with your current or former employer. We have evaluated the balance of interests and use LEGITIMATE INTEREST as a legal basis for the processing (GDPR Article 6.1.f). This even apply to the specific news letters we send to our customers' contact persons about changes in the Iconfirm solution.

For the more general news letters, we use CONSENT as the legal basis for the processing (GDPR Article 6.1.a).

2. Disclosure and transfer of personal information to others

We do not pass on your personal information to others unless you have consented to this or there is a legal obligation to disclose the information.

ICONFIRM uses data processors to collect, store or otherwise process personal data on our behalf. In such cases, we have entered into data processor agreements to ensure information security in all stages of the processing.

The most important data processors we use in our processing are:
  • We use Hubspot to publish our websites and blogs as well as a CRM system with general newsletters and specific updates to customers. The system logs information about the specific webpages that have been visited and when. In addition, we log the time for calls and email exchange. We have not connected Hubspot with our email system for continuous mapping of all email correspondence as we think this is too intrusive.
  • We use Microsoft Office 365 with Outlook, Teams, sharepoint / Onedrive etc for communication and storage of information connected to activity plans, notes from meetings etc.
  • We use Tripletex as an accounting system and Econ Partner AS as an accountant who, among other things, has an overview of contact information for customers and their contact persons.

If you want more detailed information, you can contact us directly.

3. Storage

We store your personal information with us until a customer relationship ends or our legitimate interest ceases. Our experience shows that it can take 18-24 months from the first contact to closing of a process. Hence, for contact persons at potential customers we will store the information for 24 months. For customers that terminate the a subscription, we will continue to keep your information for up to three years.

In all systems, we have chosen to store data in Europe.

4. Your rights when we process personal information about you

You have the right to demand access, recitification or erasure of the personal data we process about you. You also have the right to restrict or object to the processing as well as ask for data portability.

You can change your consent options at any time or withdraw your consent.

We use a portal that makes it easy for you to manage your rights. By using the portal, it is easy for us to confirm your identity. We will still verify certain requests or instructions by requesting a confirmation of a pre-registered email or phone number. If you have questions about privacy, our contact details are also available in the portal.

5. Complaints

If you believe that our processing of personal data does not comply with what we have described here or that we in any other way violate the privacy legislation, we hope you take it up with us first, but you also have the right to complain directly to the Data authorities. As we are domiciled in Norway, we recommend you to contact the data authorities in Norway. Contact information can be found on their website.