Privacy Policy
1. Who is the data controller?
Klar Bedrift AS, represented by the Managing Director, is the data controller for the personal data collected and processed by the company. This applies to information about our members, partners, users of our websites, and applications.
Being the data controller means we are obligated to inform you about how we use your personal data and to protect it. It is important to us that you feel your data is safe with us. This privacy policy is meant to inform you of how we work to ensure this.
If you have any questions about how we process personal data, feel free to contact us. See contact information at the end of this policy.
2. Members
2.1 Fulfilling the contract
We process personal data as necessary to fulfill the contractual relationship between us, our members, and with SIVA and Vestland County Municipality (administrator of state subsidies).
We rely on GDPR Article 6(1)(a) and (b) and our legitimate interest in managing the agreement with you—for example, to respond to emails, provide service, or verify the fulfillment of the agreement. Below we detail the processing activities and purposes.
2.1.1 Initiating and following up customer relationships
To establish a membership, we need to process your personal data such as name, address, phone number, email address, possibly photos of individuals, and information about your company. If you choose not to provide this information, we may not be able to offer all our services.
We may also share some of your personal data with third parties in order to deliver the services and products you request, such as invoicing and responding to inquiries. We may also use your data to tailor our offerings to your interests and improve our services.
2.1.2 Invoicing and payments
To ensure correct invoicing, we process data such as name, address, email, phone number, and bank account number. These may also be used if any discrepancies or objections arise.
2.1.3 Customer support
To provide you with personalized, efficient service, we document your inquiries. Examples of data used include name, address, phone number, and email.
2.1.5 Terminating the customer relationship
If the customer relationship ends, relevant data like name, address, and phone number are processed to ensure correct termination and to handle any outstanding invoices.
2.2 News and informational letters
As a member, you will receive newsletters from us, primarily digitally. These may include useful updates about events, services, training, news, and more.
Our newsletters may also contain information from third-party partners, which can be considered marketing. We rely on GDPR Article 6(1)(f) for this processing, as we have a legitimate interest in communicating with you, marketing our services, and offering relevant opportunities.
You can opt out of marketing-related communications at any time.
2.3 Customer surveys
We value your feedback to improve our services. Therefore, we may use your name, phone number, and email to send surveys using digital tools.
Additionally, a third party may send annual surveys on behalf of us and SIVA. This is also based on GDPR Article 6(1)(f) due to our legitimate interest in customer feedback.
2.4 Processing with your consent
In certain cases, we need your consent, such as to continue communication after the membership ends.
We will clearly specify what you're consenting to, and you may withdraw your consent at any time.
3. Overview of personal data we process
We may process the following types of personal data:
First name
Last name
National ID number (rare cases with specific consent)
Phone number
Billing and business address
Email address
IP address
KID number and invoice reference
Bank account number
Customer number
4. Where data is collected from
4.1 Membership and inquiries
When you join, you provide your personal data through our standard agreement. We may supplement this with data from public registries or third-party data providers within the EU/EEA.
4.2 Our partners
If you enter into an agreement with one of our partners and agree to be contacted by us, we receive the necessary information, based on your consent given to the partner.
4.3 Public sources
We use services like PROFF, company websites, and public registers to collect information about relevant businesses and individuals in our area. This helps us build a network to foster innovation and collaboration.
We store this data securely in the cloud (Microsoft services).
If you receive a request from us that you do not want, you can ask to be removed from our records.
5. Sharing personal data with third parties
We use trusted providers and systems for various operations, all of which must meet high data protection standards.
We only share the data needed for each processing activity, and we have data processing agreements to ensure confidentiality and compliance.
We do not share your data with others unless we have your consent.
5.1 Membership benefits via partners
Some partners may need to verify your membership, in which case we may share your name, phone number, and email—solely to provide you with member benefits you request.
5.2 Data processors
5.2.1 Communication and inquiries
If you contact us by phone or SMS, your name and number are registered. Emails are also logged. If you use tools like Facebook Messenger or our contact form, your contact details will be saved. All data is stored in our cloud environment.
5.3.3 Our website
We collect personal data via tools on our website, such as:
Registration forms (name, email, phone)
Contact forms
Cookies
Google Maps (location data)
Google Web Fonts (visitor data)
Registration forms
We collect information about participants for events for planning, billing, and future outreach.
We collect:
Participant and registrant name
Email addresses (participant, registrant, invoicing)
Phone numbers
Company/organization name
Whether the participant is a student, entrepreneur, etc.
Participation requires providing this information. Legal basis: consent. Attendee lists may be published online; you may opt out during registration.
Cookies, Google Maps, and Google Web Fonts
Our website uses cookies for functionality, user experience, and analytics. We do not collect sensitive data. You may block cookies in your browser, but some site features may not work.
Google Maps and Google Web Fonts may collect data like IP and location, which is stored by Google in the U.S. We do not access this data.
Learn more via Google's privacy policies.
We use Weebly for website hosting, who may access data for maintenance and development purposes.
5.3.4 Invoicing
We use Power Office for invoicing and collection. This involves processing name, address, phone, and payment details.
Accounting is handled by Havtal AS, and auditing by Bjørgvin Revisjon.
6. Security, storage, and deletion of personal data
6.1 Data security
We ensure that your data is processed lawfully and securely through agreements with partners and suppliers.
6.2 Data storage
We store data in our own registries and in secure cloud solutions by Microsoft.
Contact details may appear on our website. Member data is also stored in systems managed by SIVA SF.
Data is retained for a maximum of five years unless an agreement is still active.
6.3 Data deletion
We follow GDPR Article 17 and only retain data as long as necessary.
According to the Norwegian Bookkeeping Act, some data (contracts, invoice records) must be stored for five years after termination.
Data based on consent is deleted when the consent is withdrawn.
7. Your rights
You have several rights regarding your personal data:
Right to access (GDPR Art. 15)
Right to data portability (Art. 20)
Right to object (Art. 21)
Right to rectification (Art. 16)
Right to deletion or restriction (Art. 17 and 18)
7.1 Complaints
You can complain to the Norwegian Data Protection Authority (Datatilsynet). We encourage you to contact us first.
7.2 Identification requirement
If you request access, we must verify your identity. Your request will be answered within 30 days. Data will be sent via email (except sensitive data).
8. Contact information
For questions or requests regarding access, correction, or deletion of your personal data, contact:
Veronica Haveland, Managing Director
Phone: +47 450 02 969
Email: vhaveland@klarbedrift.no