Privacy statement

Privacy statement

It is important to us that you as a consumer of our services understand how we handle your personal data. This privacy statement provides comprehensive information about what data we collect, for what purpose, what legal basis the VIEW Group has to handle the data, and what rights you have when we handle your personal data.

This privacy statement applies to all business processes, to all affiliated daughter companies in the VIEW Group (“VIEW”) and to all of VIEW’s web pages, domains, apps and cloud services. We can provide additional information specific to a product or a service in addition to this statement.

What is “personal data” and what is a “process”?

“Personal data” is any information about an identified or identifiable physical person (“the registered”). An identifiable physical person is a person who directly or indirectly can be identified through an identifier such as name, social security number or address. A “process” is any operation or interaction with personal information, such as collection, registration, organising, structuring, storing, delivering, sharing and deleting.

When and how do we gather personal data about you?
VIEW processes personal data as an employer, as a supplier of services and accounting systems, for marketing purposes and in connection with visits to our websites. We process personal data about our customers and potential customers, suppliers, partners, employees and potential employees. The legal basis for this processing is article 6 no. 1 a), b) and f) of the General Data Protection Regulation.

We collect personal data about you in the following situations:

  • Delivery of accounting and financial services
  • Performing customer due diligence measures to prevent money laundering
  • Delivery of accounting systems
  • Marketing activities
  • Daily operations, including purchasing, sales, administration of staff and job applicants
  • Use of our websites
  • Training courses

 

Processing of personal data

 

Services

VIEW delivers accounting and financial services. In connection with this we enter into an assignment agreement with the customer, outlining the scope of the assignment. In these cases, VIEW is the data processor and handles personal data on behalf of the customer, as well as when instructed to do so by the customer. A data processor agreement is entered into with all customers, regulating and setting the framework for VIEW’s handling of personal data. Each data processor agreement will show the specific security measures, routines for notification, storage and deletion, etc.

The Money Laundering Act
VIEW is required to perform customer due diligence measures in accordance with the Money Laundering Act, as well as to investigate further if it is suspected that a transaction may be connected to gains from a crime. Amongst the information VIEW is required to process in connection with the aforementioned is name/company name, social security number/company registration number, address, family relationships (politically exposed persons) and information about any punishable offences. Processing personal information in connection with due diligence measures may involve the processing of sensitive personal information.

In certain circumstances, VIEW is required to hand over this information to Økokrim, the Norwegian National Authority for Investigation and Prosecution of Economic and Environmental Crime.

 

System delivery
VIEW delivers accounting and financial systems. In all such customer relationships a system delivery agreement (SSA-L) is entered into. Personal data being processed in connection with this may include name, address and social security number. The personal information is processed to establish you as a user of the system, for implementation, support, guidance and system administration.

Employees and job applicants
We register all personal data necessary to fulfill our required reporting to the authorities, in accordance with the Working Environment Act, and in order to manage the relationship between us and our staff. Personal data will be deleted at the end of a person’s employment, unless we are bound by law to store said information beyond this. The legal basis for this is the General Data Protection Regulation, article 6 no. 1 b). The processing is necessary to fulfil the agreement the registered person is a party to. We also register personal data about job applicants because we need to process data about you in order to evaluate your application. The legal basis for this is the General Data Protection Regulation, article 6 no. 1 b). In case your application contains sensitive personal data, the legal basis is the General Data Protection Regulation, article 9 no. 2 b) and h).

Visiting our offices
When visiting our offices, we will register your name and the company you represent, if any, as well as whom you are visiting, in order to give you access to our offices.

Marketing

In case you have an active customer relationship with us, we may send you marketing emails or other electronic communications within the framework of the Marketing Act, unless you ask us to act differently. If you do not have an active customer relationship with us, we will only send you such materials that you have given us explicit and informed consent to send. This consent may be withdrawn at any point.

Using our web pages:

  • (i) Data shared with us by you
    When you fill in a contact form on our web pages you provide us with data which will be stored by us. When you use our chat or ring-back functions, we will store your data in our data bases/CRM system so that we may respond to your request. The suppliers of these functions are Landbot and Leadcaller.
  • (ii) Specifically about the use of cookies on our web pages
    We receive data from other sources such as ad networks, customers, measure tools or other third parties in order to help them or us to understand user patterns, your preferences or to generally improve the services we provide in order to better adapt them to your needs and interests. On our web pages we log data about all visitors using Google Analytics. We log said data to allow us to improve your user experience, to improve the service contents, to prevent fraud and to adapt our content and adverts to your usage and interest patterns, as well as to collect statistics. In most browsers this function can be turned off through a menu choice such as “settings,” “security,” etc. Doing so may have consequences for the general use of the web site. In order to collect information about traffic to our web sites we use the analytical tool Google Analytics. The legal basis for this is the General Data Protection Regulation, article 6 no. 1 f).

 

Training courses
When taking part in our on-premise seminars and training courses, or when purchasing one of our web training courses or participating in a webinar, we register your contact information and purchasing data.

Who has access to the data?
We will only release personal data to third parties with your consent, or when we deem it appropriate to use external suppliers. We have data processor agreements with all our suppliers, ensuring that they process data in the same safe way we do.

VIEW may share personal data about our customers and suppliers with our offices in other countries within the EU/EEA. To provide our services we act as data processor for many customers. We therefore base our actions on a general permission to use sub-contractors, re: General Data Protection Regulation article 28. This is agreed with our customer in our data processor agreement. When using sub-contractors, we require them to adhere to the same commitments regarding the protection and use of personal data as VIEW. Suppliers acting as sub-contractors to VIEW are required to show proof of good internal routines for privacy and data security. Entering into an agreement with us for the delivery of accounting services, you will receive a comprehensive list of our sub-contractors. We do not transfer personal data to countries outside the EU/EEA without written consent from you where you are the data controller. When transferring to a third country, there needs to be a legal basis for doing so.

Deleting personal data
We will store personal data for as long as it is necessary to do so, and for as long as we have a valid purpose to do so. You may request that we delete your personal data at any time.

Your rights
Our Data protection officer may be contacted via personvern@viewledger.com.

You may exercise your rights by contacting our Data protection Officer. The following rights may be exercised by you:

  • You may ask to see the personal data that we handle
  • You may ask for a copy of the personal data that we handle
  • You may ask us to correct the personal data that we handle
  • In certain circumstances you may ask us to delete the personal data that we handle
  • In certain circumstances you may ask us to limit the handling of your personal data

We hope that you will let us know if you think that we do not adhere to the Personal Data Act. To do so, first contact our Data protection officer. You may also make a complaint regarding our handling of personal data to the Data Protection Agency (Datatilsynet.) For more information about this, please visit www.datatilsynet.no.

Changes
If we make any changes to our services, or if there are changes made to the Data protection rules, we may need to change this privacy statement. Updated information can always be easily found on this web page.

Last updated: November 2022