Your rights
If you want to make use of one of your rights, you can send us an e-mail at post@balticsea.no. You are entitled to an answer as quickly as possible, and within 30 days at the latest. Read more about all your rights on the Norwegian Data Protection Authority (“Datatilsynet”)’s website.
- Access to and correction of your own data: You may request a copy of all information we process about you and ask us to correct information that is incorrect.
- Deletion or restriction of processing of personal data: In some situations, you can ask us to delete and/or restrict the processing of information about yourself.
- Protest the processing of personal data: If we process data about you based on our tasks or based on a balancing of interests, you have the right to object to our processing of data about you.
- Data portability: If we process information about you based on consent or a contract, you can ask us to transfer information about you to you or to another data controller.
- Withdraw consent: If you have given consent to receive information.
You can complain to the Norwegian Data Protection Authority (“Datatilsynet”) about our processing of personal data. We hope that you will report directly to us first, so that we can try to resolve the matter for you in a good way.
Who we process personal data about
We process personal data about:
- Contact persons of clients, including potential and former clients, suppliers, partners and other business connections.
- Board members and shareholders.
- Subscribers to our newsletters.
How we collect personal data
Submitting personal data to us is voluntary. For us to be able to deliver products or services, however, we need a range of information to be able to carry out the transaction. We neither rent, buy nor sell personal data from/to others. We do not use automated decisions or profiling in the processing of your personal data.
We process personal data when someone:
- Enters, considers entering, or have previously had an agreement with us regarding the lease of commercial property.
- Contacts us by phone, e-mail, SMS, or other correspondence.
- Signs up for newsletters.
- Uses our website (cf. the section on cookies).
- Leaves a comment on our website.
- Submits an inquiry via communication tools or contact forms on our website.
Categories of personal data, purposes and basis for processing
We process personal data according to the following basis of processing in the General Data Protection Regulation (“personvernforordningen”) Article 6 No. 1:
a) “consent”: when you yourself have given us your consent.
b) “agreement”: to be able to fulfill an agreement to which you are a party, or to be able to carry out measures at your request before we enter into an agreement.
c) “legal obligation”: for us to be able to fulfill a legal obligation.
f) “legitimate interest”: to be able to safeguard a legitimate interest, which we believe outweighs consideration of the individual’s privacy.
We process personal data relating to:
Inquiries from you (incl. communication, support, customer service…)
When you contact us by e-mail or by telephone (call, text message), we process personal data. Depending on where and how you send us a message, this may be contact information and other information you choose to send to us. The purpose is to be able to respond to inquiries from you and to have documentation in case we receive complaints or legal claims. The processing basis is the General Data Protection Regulation (“personvernforordningen”) Article 6 no. 1 f), where the legitimate interests are to be able to respond to inquiries from you and to have documentation in case we receive complaints or legal claims.
Rental of commercial property
In order to follow up our activities when renting out commercial property, we will register and process information about contact persons of clients, suppliers, business partners and other business connections. We will normally collect the name of the contact person, title, email address and telephone number. We normally collect the information from you or your employer, or from publicly available information. The purpose is to be able to carry out our agreement, fulfill our legal obligations and our interest in having your contact information. The basis for processing this information is the General Data Protection Regulation (“personvernforordningen”) art. 6 no. 1 b) (agreement), art. 6 no. 1 c) (legal obligation) or art. 6 no. 1 f) (balancing of interests).
Board members and shareholders
We process personal information about board members in the company in connection with the administration of the board’s work and reporting to the authorities. For board members, we normally collect name, title, e-mail address, telephone number, professional experience and social security number. Board members can be presented on our website or in other contexts with their name, photo and brief CV. The basis for processing information about board members is the General Data Protection Regulation (“personvernforordningen”) art. 6 no. 1 c) (legal obligation) and the General Data Protection Regulation (“personvernforordningen”) art. 6 no. 1 f) (balancing of interests).We also process personal information about shareholders in the company to fulfill our legal obligations. For shareholders, we normally collect name or company name, date of birth or organization number, digital address, business address or residential address and possibly postal address. In some cases, shareholders may be presented on our website or in other contexts. The basis for processing this information is the General Data Protection Regulation (“personvernforordningen”) art. 6 no. 1 c) (legal obligation) and the General Data Protection Regulation (“personvernforordningen”) art. 6 no. 1 f) (balancing of interests).
Newsletter
We occasionally send out newsletters to e-mail addresses registered with our business partners and to others who have requested to receive our newsletters. For those who register to receive our newsletters, we collect their name and email address. Recipients of the newsletter can easily unsubscribe from the service by using the link included in each inquiry. The information is kept until the data subject requests that it be deleted. The purpose is to be able to inform about relevant news. For our business partners, the basis for processing this information is the General Data Protection Regulation (“personvernforordningen”) art. 6 no. 1 f) (balancing of interests), cf. the Marketing Control Act (“markedsføringsloven”) section 15 third paragraph. For others, the basis is the General Data Protection Regulation (“personvernforordningen”) art. 6 no. 1 a) (consent), cf. the Marketing Control Act (“markedsføringsloven”) section 15 first paragraph.
Cookies and analysis tools
A cookie is a text file that is stored in your browser when you visit a website. Below we describe how we use cookies and analysis tools on our website https://balticsea.no, in accordance with the Electronic Communications Act, in the so-called “cookie paragraph”: 2-7 b Bruk av informasjonskapsler/cookies.
When you visit our website for the first time, or after you have deleted cookies, you will be informed that we use cookies through a banner that appears at the bottom of the page. By clicking on the banner, you accept that we use cookies as described below, so that you can continue to use our website. We use the following cookies on our website:
Google Analytics:
- _ga: distinguish between unique users (2 years)
- _gat: limit the number of requests
- _gid: distinguish between unique users (24 hours)
WordPress:
- comment_author_{HASH}: for comment/discussion boards
- comment_author_email_{HASH}: for comment/discussion boards
- comment_author_url_{HASH}: for comment/discussion boards
We also use the following analysis tools on the website:
You can turn off and/or delete cookies yourself in your browser. On the website nettvett.no you can learn how to do this for most browsers. There you can also learn more about safer use of the internet. However, if you turn off or delete cookies, you may change your user experience on a website, and sometimes services on a website will no longer function properly.
Storage of personal data
We store personal data for as long as is necessary to fulfill the purpose of the processing or statutory duties, for example retention in accordance with the Bookkeeping Act (“bokføringsloven”), the Accounting Act (“regnskapsloven”), and the Companies Act (“aksjeloven”). We delete personal data about you if you ask us to do so unless we have a legal basis or a statutory duty to keep the personal data longer.
Transfer of personal information outside EU/EEA
In some cases, we will be able to transfer your personal data outside the EEA, for example if we were to use suppliers outside the EEA to provide services for our operations, for security on our website and otherwise to be able to run our business in a safe and efficient manner.
The transfer of personal data to outside the EEA is only permitted to countries approved by the European Commission, or under the necessary guarantees according to the General Data Protection Regulation (“personvernforordningen”). This can be Privacy Shield for suppliers based in the US, use of EU standard contracts, or according to binding business rules. If you want to know whether and possibly which suppliers we use outside the EEA, and get access to documentation of the necessary guarantees, you can contact us by e-mail post@balticsea.no.
Safety
We take information security seriously, and we will always do our utmost to safeguard your personal information in the best possible way. Among other things, we use strong passwords, encryption of data and access control to secure our data and prevent unauthorized persons from gaining access to view, change, delete or in any way influence the data we store, including your personal data.
We only use reputable providers of IT and administration services such as web hosting, website and PC security, virus software, e-mail provider, backup, and more.
We only allow others to access and/or process your personal data in accordance with our instructions, and only where strictly necessary (e.g. for IT support).
We have established routines for handling breaches of data security, and we will, in the event of a discrepancy, send a notification of non-compliance to the Norwegian Data Protection Authority (“Datatilsynet”) within 72 hours of the discovery of a breach. If the breach results in high privacy risk, we will also notify affected registered persons.
Changes in the privacy statement
We may make minor changes to this privacy policy. The latest version is always available on this website. In the event of significant changes, we will notify you of this.
Data controller and contact information
This privacy policy explains how Baltic Sea Properties AS (“we”, “us”, “our” or “our”) collects and uses (processes) personal data in our operations. Baltic Sea Properties AS, by its CEO, is responsible for the processing.
Our contact information is:
Baltic Sea Properties AS
Organisation number (Norway): 988 691 771
E-mail address: post@balticsea.no