Privacy Statement VIEW Group
Privacy statement
It is important to us that you as a user of our services understand how we handle your personal data. This privacy statement provides comprehensive information about what personal data we collect, what purposes and legal basis VIEW Group has for processing the data, and what rights you have when we process your personal data.
This privacy statement applies to all business processes and affiliated subsidiaries of VIEW Group AS (”VIEW)” except for View Group Oy, and to all VIEW’s websites, domains, apps and cloud services. We may provide you with additional privacy information specific to a product or service in addition to this Statement.
What is ”personal data” and what is a ”processing”?
A ”personal data” is any information relating to an identified or identifiable physical person (”the registered”). An identifiable physical person is a person who directly or indirectly, can be identified through an identifier such as name, personal identification number and address. A ”process” is any operation or interaction with personal data, such as collection, registration, organising, structuring, storing, delivering, sharing and deleting.
When and how do we collect personal data about you?
VIEW processes personal data as an employer, supplier of services and provider of financial systems, for marketing purposes and in connection with visits to our websites. We process personal data about our customers, suppliers, partners, potential customers, employees and potential employees. The legal basis for this processing is Article 6 (1) (a), (b) and (f) of the General Data Protection Regulation.
We collect personal data about you in the following situations:
- Delivery of accounting and financial services
- Performing customer due diligence measures under the Anti-Money Laundering Regulations (”KYC”)
- Delivery of financial systems
- Marketing activities
- Daily operations, including purchase, sales, administration of employees and job applicants
- Use of our website
- Training courses
Processing of personal data
Services
VIEW delivers accounting and financial services. In connection with this we enter into an assignment agreement with the customer, outlining the scope of the assignment. In these cases, VIEW is a data processor and processes personal data on behalf of, and on instructions from the customer. A data processor agreement is entered into in with all customers, regulating and setting the framework for VIEW’s processing of personal data. The specific security measures, routines for notification, storage, and deletion, etc. are set out in each data processor agreement.
The Anti Money Laundering Act
VIEW is required to perform customer due diligence measures in accordance with the Anti Money Laundering Act, as well as to carry out further investigations if there is suspicion that a transaction may be connected to the proceeds from a criminal offence. Among the information VIEW is required to process with the aforementioned is, name/company name, personal identification number/company registration number, address, family relationships (connection to politically exposed persons) and information about any criminal offenses. Processing personal data in connection with due diligence measures (KYC) may involve processing of sensitive personal data.
Under certain circumstances, VIEW is required to hands over the information to superior police authorities or supervisory authorities.
System delivery
VIEW delivers accounting and finance systems. A system delivery Agreement (SSA-L) is entered into, in any such customer relationship. Personal data being processed in connection with this is e.g. name, address and national identity number. The personal data is processed to establish you as a user of the system, implementation, support, guidance and system administration.
Employees and job applicants
We register the personal data necessary to fulfil our required reporting to public authorities, the Working Environment Act, and in order to manage the employment relationship between us and the employee. Personal data will be deleted upon expiry of the contractual relationship unless other legislation requires longer storage. The legal basis for this is the General Data Protection Regulation Article 6 (1) b). The processing is necessary to fulfil the agreement the registered person is a party to. We also register personal data about job applicants since we need to process information about you to process your application. The legal basis for this is the General Data Protection Regulation Article 6 (1) b). If your application contains sensitive personal data (special categories of personal data), the legal basis for processing is Article 9 (2) (b) and (h) of the General Data Protection Regulation.
Visits to our offices
When visiting our offices, we will usually register your name and any company you represent, as well as who you are going to visit, to ensure access to our offices.
Marketing
If you have an active customer relationship with us, we may send you marketing by e-mail or other electronic communications, within the framework of the marketing regulations, unless you ask us to act differently. If you do not have an active customer relationship with us, we will only send such marketing if you have given us explicit and informed consent. You may withdraw such consent at any point.
Use of our websites:
(i) Data you share with us
When you fill in a contact form on our website, you provide us data that will be stored by us. When you use our chat or call- back function, the information is stored in our databases / CRM system, for us to respond to your request. The supplier of these functions are Landbot and Leadcaller.
(ii) The use of cookies on our website
We receive data from other sources, such as ad networks, customers, measure tools or other third parties, to help us or them understand user patterns, your preferences, or to generally improve the services we provide in order to be more tailored to your needs and interests. On our website, we log information about all visitors, using Google Analytics. The information is logged so that we can improve your user experience, improve service content, prevent fraud and adapt content and adverts to your usage and interest patterns, as well as collect statistics. The function can be turned off in most browsers through a menu option such as ”settings”, ”security”, etc. This may have consequences for the use of the website in general. To collect information regarding traffic on our website, we use Google Analytics. The legal basis for this is the General Data Protection Regulation Article 6 (1) f).
Course
When you attend our on-premise courses and seminars, or purchase one of our online courses or attend webinars, we register contact information and purchase information about you.
Who has access to the information?
We only disclose personal information to third parties by agreement with you, or when we deem it expedient to use external suppliers. We have data processor agreements with all suppliers we cooperate with that ensure the same safe processing of the information as with us.
VIEW may share personal data about customers and suppliers with our offices in other countries within the EU/EEA. To provide our services, we act as a data processor for many customers. We therefore base our actions on general permission to use subcontractors, cf. Article 28 of the General Data Protection Regulation. This is agreed with the customer in our data processor agreement. When using subcontractors, we confirm that they are subject to the same obligations with regard to the protection and use of personal data as VIEW. Suppliers who act as subcontractors to VIEW shall be able to document good internal routines for privacy and information security. When you enter into an agreement with us for the delivery of accounting services, you get a comprehensive overview of our subcontractors. We do not transfer personal data to countries outside the EU/EEA without written approval from you where you are the data controller. In the case of transfer to a third country, there need to be a legal basis for transfer.
Deletion of personal data
We will store personal data for as long as necessary and as long as we have a valid purpose for the storage. You may at any time request that we delete your personal data.
Your rights
Our Data Protection Officer can be contacted on personvern@viewledger.com.
You may exercise your rights by contacting our Data Protection Officer. The following rights may be exercised by you:
- You may demand access to the personal data we process
- You may request a copy of the personal data we process
- You may request correction of personal data we process
- In some situations, you may request deletion of the personal data we process
- In some situations, you may request restriction of the processing of the personal data we process
Please note that your rights are not absolute and may be limited as a result of special legislation that may limit your right of access or right to request deletion.
We hope you will let us know if you believe we do not comply with the rules of the Personal Data Act. Please contact our Data Protection Officer first. You may also complain about our processing of personal data to your national data protection authority. More information about this can be found on the appropriate data protection authority’s website.
Changes
If we change our services or there are changes in the personal data act, we may have to change this privacy statement. Up-to-date information will always be readily available on this website.
Last updated: March 2024