OPENGARDEN PRIVACY POLICY

PRIVACY POLICY  

Last updated 6rd of December 2018.

1 GENERAL
This is the Privacy Policy of opengarden, a Norwegian company situated in Oslo.

We collect and use your personal data within the legal limits of the data protection law of Norway and the EU General Data Protection Regulation no. 2016/679 (GDPR) as incorporated in Norwegian law. When we use terms like “personal data”, “processing”, “data controller” and “data processor”, they have the meaning as laid out in the data protection law.

When you visit our website, use our services or deal with us as a professional, we may process personal data about you as described below. We then act as a data controller, and you may direct any request regarding our processing of your personal data to us as explained below.

Full contact details:
Legal entity:  opengarden Ingvild Huseby, org. nr. 985 891 850                          Email address: contact@opengarden.no
Postal address: Melkeveien 49A, 0779 Oslo, Norway

It is important that the information we hold about you is accurate and up to date. Please let us know if at any time your information changes by emailing us at contact@opengarden.no.

2 WHAT DATA, FOR WHAT PURPOSE AND ON WHAT BASIS?
Personal data means any information capable of identifying an individual. It does not include anonymized data.

We may process certain types of personal data about you as follows:

Identity data: May include first name, last name, title, roles, date of birth, legal company name, org. no., website, social media addresses.
Contact data: May include your billing address, postal address, delivery address, email addresses, telephone numbers.
Financial and transaction data: May include your bank account details and details about payment between us.
CRM data: May include your preferences for communication with us, your orders feedback and our communication.                                                                Technical data (our webservices providers): Our webservices providers may collect some information automatically about you. We do not collect this data separately, we refer to their policy as linked up below. This may include your login data, internet protocol addresses, browser type and version, browser plug-in types and versions, time zone setting and location, operating system and platform, usage data, and other technology on the device you use to access this site.

We may process Aggregated Data from your personal data but this data does not reveal your identity and as such in it self is not your personal data. An example of this is if we make statistics on how many visiting our site or news update.

We may collect data about you through different methods including:
Direct interactions: You may provide data by communicating with us by phone, email, in person or similar, filling in forms on our site, including when you request information, order our services, give feedback or similar.
Automated technologies or interactions: As you use our site, our service provider automatically collect Technical Data about your equipment, browsing actions and usage patterns. Our webservices provider collect this data by using cookies, server logs and similar technologies. We do not collect this data separately, we refer to our third party service provider policy as linked up below.
Third parties or publicly available sources: We may receive personal data about you from third parties as; WordPress.com as our web platform, review their wordpress privacy policy for further explanation.
Mailing lists from third parties or publicly available information: We may get information, such as a mailing address, from third party services for cold sales and marketing or from publicly available information.

Our website use cookies. A cookie is a tiny data file that resides on your computer, mobile phone, or other device, and allows us to recognize you as a visitor when you return to the website using the same computer and web browser. This allows us to provide more customized experience for our visitor or identify whether are services, news and updates hits our target audience. Unless otherwise stated in our cookie policy, all use of cookies are based on your consent according to the Norwegian e-privacy regulation, and is based upon a balance between our legitimate interest of improving our services and your privacy interest. You can remove or block cookies using the settings in your browser and as further described in our websites cookie policy.

The legal purpose of our collection of data is to provide you relevant offers, fulfill our commitment to you under our terms of engagement, invoicing, improve and safeguard our services, according to a consent from you, or for compliance with a legal obligation.

3 THIRD PARTY RECIPIENTS TO YOUR PERSONAL DATA
We use certain third parties that we may share your personal data with, or who may have access to your personal data. This includes our service partners such as our provider of hosting services for our web platform and our software and service partners for our complete operation. This includes, but may not be limited to, WordPress.com, our Office cloud solutions, our email webservices, our security, back-up and PC services solution and our billing and accounting solution. These products and net based services follow their respective privacy policies; Elkjøp cloud, Telenor 365, Microsoft 365, ISPHuset, Fiken. We don’t own or control these third parties and they have their own rules about collection, use, security and sharing of information, which you should review.
Business Transfers: In connection with any merger, sale of company assets, or acquisition of all or a portion of our business by another company, or in the unlikely event that opengarden goes out of business or enters bankruptcy, user information might be one of the assets that is transferred or acquired by a third party. If any of these events were to happen, this Privacy Policy would continue to apply to your information and the party receiving your information may continue to use your information, but only consistent with this Privacy Policy. 
We may only share your personal information with public authorities when required by law.

4 LOCATION OF YOUR DATA
We store your personal data on servers located within the EU/EEA area. Some of our third parties service providers are based outside EEA, so their processing of your personal data will involve a transfer of data outside the EEA.

When your personal data is transferred outside EU/EEA area, or when we choose third party service providers, we do our best to ensure a similar degree of security of data by ensuring at least one of the following safeguards is implemented:

• Transfer of your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission; or
• Where we use providers based in the United States, we may transfer data to them if they are part of the EU-US Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US; or
• In the case of entities based in other countries outside the EEA, entering into European Commission approved standard contractual arrangements with them.

5 SECURITY
While no online service is 100 % secure, we work hard to protect information about you against unauthorized access. We have implemented security measures to protect your data against unauthorized access, use and destructions.

6 RETENTION AND DELETION
opengarden will retain your personal data for as long as necessary to fulfil the purposes we collected it for, including the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount and nature of the personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
We normally keep relevant data related to our contact for 3,5 to 5 years after ending the engagement. After this period, and in some occasions before, we may terminate data not applicable to legal requirements without any further notice.
We may keep your identity data and contact data for potential future contact as part of our network.
Identity data: As first name, last name, title, date of birth, legal company name, org. no., website, social media addresses
Contact data: As your billing address, delivery address, email addresses, telephone numbers

In some circumstances, we may anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

7 YOUR RIGHTS
You are entitled, upon request, to disclosure regarding your personal data that we are storing or are otherwise processing as a data controller. You are also entitled to have any incorrect personal data corrected and rights to blocking or deletion of your personal data as long as it does not hinder our Terms of Engagement or is hindered by legal reasons.

For all technical data processed and stored by our webservices provider you must take direct contact with them, since we do not take part of their information. You can always set your browser to reject cookies, or reject the cookie pop up on our site. Always be cautious about what information you share, we can not take responsibility for our service providers handling of the data and privacy policy.

If you have any complaints regarding our processing of your personal data, we encourage you to contact us. Please address any requests in such matters as described above in this privacy policy. We also inform you that you are entitled by law to file a complaint with the Norwegian Data Inspectorate.

8 REVIEWS
Procedures are reviewed regularly to ensure that the policies are followed. Any non-conformance regarding the policies will be corrected without unnecessary delay.

9 UPDATES AND CHANGES.
This Privacy Policy may be updated or changed. When we post changes to this Privacy Policy, we will include the date when the Privacy Policy was last updated. We encourages visitors to frequently check this page for any changes to its Privacy Policy. If we make changes we will notify you by revising the change log below, and in some cases, we make changes, we may provide additional notice (such as adding a statement to our homepage, or sending you a notification through email). Your further use of the Service after a change to our Privacy Policy will be subject to the updated policy.

10 CONTACT INFORMATION
If you have any questions about this Privacy Policy we can be reached at: contact@opengarden.no
For everything concerning our website we refer to the privacy policy of our website, WordPress.com, privacy policy.

11 CHANGE LOG
6. December 2018: Revised Privacy Policy making it available on our website and in email signature. Updates published on opengarden.no blog.

9. December 2018: Corrected typos.

		Copyright 2018

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.