The privacy of Phronteseas AS’ customers and suppliers is a top priority for us. We ensure that your personal data is always handled correctly, is correct and protected. We want you to feel confident about this when you give us information or contact us.
In order to perform our services as best as possible, we need to process certain types of personal data. By processing we mean all collection, storage, handling, modification and use of personal data. Personal information is information that can be linked to you as an individual.
This privacy statement describes how we process personal data, and what rights you have if we have registered personal data about you.
2. Controller and basis for processing
Phronteseas AS is the data controller for all processing of personal data that we have stored about you. Our contact information is:
Address: Breibakken 1, 4012 Stavanger
Contact person: Lisbeth Vestly Maier
The basis for our processing is the General Data Protection Regulation (GDPR) Article 6, No. 1 a) consent, b) the processing is necessary to fulfill an agreement or to process information to carry out measures at your request before entering into an agreement, c) legal provision, or f) legitimate interests.
3. How we collect personal data and use it
We do not store any personal data longer than we need to fulfill our agreement with you or to carry out measures at your request before entering into an agreement, and mainly process personal data in the following cases:
- The data subject has sent us an inquiry
- The registered person is a contact person for a customer, supplier or partner of ours
- The registered person has signed up for an event
- The registered person subscribes to our newsletters
- The data subject is employed by us
- The registered person has applied for a job with us, or a job seeker has indicated you as a reference
In order to offer you our services, we process personal data in the following situations and for the following reasons:
Follow up on customer enquiries:
In order to be able to follow up on inquiries and/or orders from you, as well as deliver goods and send out invoices, we process personal data about you in the form of the name, position, telephone number and e-mail address. This personal information is stored for as long as necessary to fulfill our agreement with you, and otherwise follow up on the customer relationship.
We store this information as long as your employer/business is a customer with us, or until we have received information that you are no longer employed by our customer.
Job seekers and employees
If you apply for a job with us, we need to process information about you to assess your application. The employment process involves processing the information you provide to us through the documents you send us, including applications, CVs, diplomas and certificates. In addition to any interviews, we can also carry out our own investigations, typically interviews with the job seeker’s references.
If you are employed by us, we will also process personal data about you in the form of social security number, address, next of kin and what is otherwise necessary to follow up the employment relationship internally and externally to fulfill statutory duties towards relevant public authorities.
3.2 When and how we share personal data with other parties
All personal data that we process is stored with our IT operating suppliers. We do not share your personal data with anyone who is not covered by a direct agreement with you or is otherwise necessary for us to be able to fulfill our agreement with you. If we share your personal data with another party (f.inst. a payroll/accounting company), we are still responsible for processing this, and we have data processing agreements that regulate this in more detail.
4. Individual rights
4.1 Right to access
We always strive to have correct information about our customers and contacts, and therefore we regularly edit, supplement, correct or delete personal data where this is required. You have right to have full insight into the personal data we have registered, about you, at any time.
4.2 Duty to correct
We encourage to contact us if you believe that the personal data, we have registered about you is incorrect. We are then obliged to correct what is wrong.
4.3 Right to be forgotten
With some exceptions, you can at any time request to have personal data we have registered about you deleted. When we delete personal data, we also inform other parties who have received this data from us that the data must be deleted.
4.4 Right to limitation
In certain situations, you can request that our processing of your personal data is restricted, for example if the information is incorrect and you have requested to have it corrected, or you want to prevent your personal data from being deleted.
4.5 Data Portability
If we process information about you based on consent or a contract, you can ask us to transfer information about you to you or to another data controller.
The processing basis for this is GDPR, article 6 no. 1 b) that the processing is necessary to fulfill an agreement or f) a legitimate interest to make services on the website work.
Storage of information and processing of information from cookies is not permitted, unless the user of the website has both been informed about and has given his consent to the processing. The user must be informed about and approve which information is processed, what the purpose of the processing is and who processes the information. This is done in the user’s browser. Read more about how to manage cookies here.
For this website, the following cookies will be used:
|g.gif pixel.wp.com Pixel Session
6. Web Analytics
When you visit www.phronteseas.com we use a tool to analyze your use of the website. The purpose of this is to prepare statistics that we use to improve and further develop the information offered on the website. Examples of what the statistics provide answers to are how many people visit various pages, how long the visit lasts, which websites the users come from and which browsers are used.
The information is processed in de-identified and aggregated form. De-identified means that we cannot trace the information we collect back to the individual user. We collect the entire IP address, but the IP address is de-identified so that only the first three groups of the address are used to generate statistics. That is, if the IP address consists of the numbers 220.127.116.11, only 195.159.103.xx is used. In addition, the IP addresses are processed on an aggregated level, i.e. all data is combined into a group and not processed individually.
The processing basis for this is the Personal Protection Regulation article 6 no. 1 b) that the processing is necessary to fulfill an agreement or to process information to carry out measures at your request before entering into an agreement. The legitimate interest is to improve our services.
7. Statistics from the web server
We use the simplest version of the JetPack plugin for WordPress to collect simple and clear statistics. See more supplementary information in the point above.
8. Contact form from the website
We use a simple contact form (Plugin Gravety Form Pro) on our contact us page. This form has the GDPR standard, and we can easily delete all information at the request of users. Otherwise, the information is stored safely for 1 year.
9. Website security
We ensure that the website has the best security, and that everything is regularly updated and upgraded in terms of software, wordpress, plugins, databases, server and php version. We use 2-step login, and have a firewall and regular security scans for the most secure and optimized online solution possible. Everything also to protect all data contained in the online solution in the best possible way.
For more information about GDPR, please see https://gdpr-info.eu