Trust is very important to us, and we are committed to following the rules for privacy at all times. In this declaration, we explain how we collect and process personal data at Conta Group AS and our subsidiaries (hereinafter referred to as “Conta”).
We are obliged to process personal data in a good and responsible manner and in accordance with GDPR (General Data Protection Regulation). This privacy policy applies to you as an individual, when Conta, including associated services, is responsible for the processing of your personal data and when Conta determines the purpose of the processing of your data.
Privacy Commissioner
If you have questions that should be addressed to the data protection officer, regarding our processing of personal data, please contact [email protected].
Nikolai Vedde Brathaug is the data protection officer at Conta.
What is personal data?
Personal information is information that can be linked to a physical individual or that can be used to identify a person registered in our databases. In connection with all the services that are part of Conta, personal data can be, for example, name, address, social security number, account number, e-mail address or IPaddress.
Who is responsible for the processing?
The person who has an overview of which personal data is stored in our solutions, and who decides what this is to be used for, is called the data controller. It is the relevant subsidiaries of Conta that are responsible for the processing.
The purpose of the processing
We collect personal data to be able to give you access to services, to be able to carry out services you have asked us to perform, to fulfill legal requirements imposed on us through licenses granted by the authorities and to give you the best experience at all times. In addition, we collect personal data concerning marketing activities, and to be able to provide the best possible service. The purpose of the processing of personal data across all the subsidiaries in the Conta group is to simplify the administration of the customer relationship, as well as to be able to coordinate the offer of services and products from the various companies.
What personal data do we collect?
In order to deliver good products and services, we are dependent on collecting some personal data. The information will only be stored for as long as we have a factual need for this in accordance with this privacy policy and the applicable legislation in general.
We collect the personal information you provide when signing up for one of our services. This information is needed to provide you with access to the services. When you are in contact with Conta, we also store the communication between us and you as an individual. This is done in line with applicable laws and regulations where required. In some cases, audio recordings will also be made, but this never happens without being informed about this in advance.
Personal data registered with third parties is collected when using the various websites and services of Conta. We do this to get the data we need to develop our various services. Such data is not used on an individual level, but as a whole, for example, to see which websites are visited the most, how buttons and menus in the services are used or why some visitors fall off the road when they have to perform an order or any other action – whether on a website or inside the software.
When our services are used, cookies are also stored to make the experience as good as possible. In addition, cookies are used by advertising networks such as Google. If you first visit one of our websites and then another website that displays ads from Google, you are more likely to see an ad from one of Conta’s services.
What do we use personal data for?
The personal information you provide when you use any of the services in Conta is primarily used to give you access to a service or complete an order. In addition, this information is used to identify general usage patterns in order to compile statistics and map usage to create even better services. We send out emails with the necessary information regarding the use of the services, but in the case of market inquiries, specific consent is obtained.
We use some services provided by third parties that collect information without linking such information to you as an individual. The implementation of such services is based on anonymised data so that this does not involve the processing or transfer of personal data about you from us in Conta.
An example of the use of a third-party provider to improve the services is Google Analytics, which is used to gain access to anonymized information about usage patterns in the services.
In addition, we use artificial intelligence to simplify and improve our services, so that you get the best possible user experience. For example, we have systems that can automatically suggest filling in certain fields when you upload vouchers or other files, so that you save time. Third parties may be used to process this type of data to improve these automatic solutions.
If you have said yes and provided dedicated consent, we can send you offers for other products and services by e-mail or other types of messages. Everything we send out from marketing follows the Marketing Act.
We use e.g. Google and Facebook Pixel to deliver, customize and measure the effectiveness of advertisements for the Services. To ensure that the information used in this connection is anonymous, we follow Google’s best practice guidelines.
More information about Google and Facebook’s services and use of data can be found in Google’s Privacy Policy and Facebook’s terms and guidelines.
You can also opt-out of the collection and use of information for ad targeting from other players at Your Ad Choices and Your Online Choices.
Change and deletion
It is important that we have updated data about you at all times, and we encourage everyone to check that we hold updated information on them. If, for example, you were to change your email address, it may be appropriate to send us an email in which you inform us of this so that we can keep ourselves up-to-date.
We process the information about you for as long as is necessary to achieve the purpose of the processing. The information is then deleted unless we are obliged by law to take care of the information.
If you believe that the basis for processing data is contrary to current legislation, you have the right to complain about our processing to the Norwegian Data Protection Authority as the supervisory authority.
Delivery to authorities
In certain cases, we reserve the right to give the authorities access to personal data, but only if criminal matters are suspected. Disclosure of your personal data only takes place if we receive an order from the authorities regarding disclosure.
In order for us to hand over personal data, a written inquiry must be submitted, a reference must be made to the applicable authority in law for handing over and a request for handing over the personal data must be attached.
Overview of data exchange with third parties. Here is an updated overview of external services we use and exchange data with.