Privacy Policy – Information on usage and rights for the processing and storage of personal data.

This page describes what personal information Lvero is processing and storing, the legitimate reason Lvero has for storing personal information, where we collect the information, where it is stored, how it is handled, and your rights in relation to personal data.

 

What type of information is stored and why?

Lvero processes and stores personal information about its customers in order to fulfill its duties as a supplier and fulfill the contracts we have regarding our deliveries. We store information such as name, address, e-mail address, company, company address, password for use in solutions and services Lvero delivers, employment conditions, telephone number, professional title. Lvero stores the personal information the customer has provided in connection with contracts and contracts for delivery.

Lvero also stores information in their systems for customers for whom the customer is responsible. Lvero cannot use this data for any purpose other than providing a service under the terms and conditions determined by the customer. All customers of Lvero are responsible for following the new privacy policy for processing and storing personal information in Lvero’s solutions.

 

What legal reason do we have for storing personal information?

In accordance with the new privacy regulation, there are various legal reasons for processing and storing personal data:

1. the data subject has given consent to the processing of his or her personal data for one or more specific purposes;
2. processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
3. processing is necessary for compliance with a legal obligation to which the controller is subject;
4. processing is necessary in order to protect the vital interests of the data subject or of another natural person;
5. processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
6. processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

For the above-mentioned legal reasons for processing personal data, points 1 and 2 apply, which in this case are mainly applicable. Lvero stores personal information about their customers in order to fulfill / comply with contracts and requirements as a supplier to the customer.

 

Where is the personal information processed and who has access to it?

In order to deliver our services, Lvero uses its own data processing solutions as well as external suppliers for storage, document and e-mail management systems (eg Microsoft, Center stack, LastPass)

As a data processor, Lvero stores customers’ personal information through delivered solutions such as file server and managed solutions such as e-mail, sharepoint, backup. Everything the customer chooses to store in these systems is handled by Lvero.
Information about customers’ systems is stored in a common area (file server, sharepoint). In these storage areas there will be contact information and documentation of systems, both physical and virtual, as well as location-specific information. There may be stored some personal information here, but not beyond Person, role, contact info and any note that is relevant to this.
Passwords and access information for systems are stored and distributed via LastPass.

Data transfer to suppliers outside of EU/EEA

Lvero cooperate mainly with partners who process personal data within the limits of EU/EEA. If Lvero chooses to engage a supplier outside the EU / EEA (a so-called “third country”), e.g. cloud service providers such as Amazon Webservices Inc. and Microsoft, in such a case, we will take appropriate protection measures and ensure that transferred data is handled in accordance with applicable law. Appropriate safeguards may, e.g. be the conclusion of agreements that include standard model data transfer clauses that are assumed and approved by the European Commission.

Disclosure of information

Beyond this, we will not share, sell, transfer or otherwise disclose personal information to others unless we are legally required to do so. Lvero may provide your personal information to a third party, such as police or other authority, if it is an investigation into suspicion of a criminal act, or if we are otherwise required to disclose such information in accordance with law or governmental decisions.

 

We take good care of and protect your personal information

Lvero has high data security and uses encrypted data. We have relevant rights management, use high-security passwords, and have control over which employees have access to your personal information.
Lvero’s own systems are physically secured in the operating partner’s data room, with access control with personal cards and codes in addition to physical security where a key must be used to access the server in a locked cabinet.

In all contexts where data is transferred to / from customers’ systems and devices, this is encrypted.

 

How long do we store personal data?

We store information about you as long as you have an active customer relationship with Lvero with a valid contract for the delivery of our services. We store personal data in addition to active customer relationships in order to maintain our obligations over other legislation, such as the Accounting Act, or to provide, for example, a backup for a certain time after active customer relationship.
We will delete your personal data according to the requirements of the data subject, unless there are legal obligations or other legislation which requires that the personal data be stored longer, or unless it is practically impossible in connection with delivery as a backup.

When there are no longer any requirements and laws that require us to store your personal data and when there is no longer a legitimate reason for us to process or store your personal data, they will be deleted in its entirety.

 

Marketing and surveys

We can send you as a customer newsletter and information about Lvero. You can unsubscribe from this service either via a newsletter link or by contacting us. See contact information further down the page.

All marketing we submit follows markedsføringsloven.

 

The data subject’s rights in connection with his own personal data

You have many rights regarding your personal data, and the new privacy regulation gives you greater right to own personal information than before. Here are the three most relevant topics from the new Privacy Policy for you that are registered:

You have the right of full access to your own personal data (GDPR Article 15)
You may at any time ask Lvero for access to all information we have registered on you, and we must provide this to you within one month of your request. You will find contact information for this purpose at the end of this document.

You have the right to transfer your personal data to another location. (GDPR Article 20)
You have the right to ask Lvero to transfer all information about you to a new supplier in a format that can be used by the recipient. This is called the right to data portability.

You have the right to erasure/ “right to be forgotten”. (GDPR article 17)
You have the right to request that your personal data be deleted in whole or in part with us. This means that you can remove all traces of you with us.
But this is not an absolute right, and there are cases where the right to delete does not apply. There are other laws and requirements that come before the right to delete personal data, in which case they must be followed. This can be in cases where Lvero must comply with requirements and legislation in connection with accounting or other roles as a supplier, or in cases where there are legal obligations and requirements.

 

Read the GDPR in full here: https://gdpr-info.eu/

 

Contact information for inquiries regarding own personal data

If you have any questions or objections regarding your personal information, or if you would like access, rectification or deletion of information, please contact Karina Kvern by email: karina.kvern@lvero.no

If you believe that your personal information is being processed in violation of applicable regulations, you should contact us as soon as possible. According to the law, you also have the right to complain about the processing of your personal data to the Data Inspectorate. You contact the Data Inspectorate in writing and the address is Datatilsynet, PO Box 8177, 0034 Oslo.

 

General contact information Lvero:

Lvero AS
Holtegata 16A
0259 Oslo

Phone: +47 99777984 (CEO Karina Kvern)

 

Change of terms

Lvero reserves the right to change the privacy policy at any time in the event of changed laws and guidelines for the collection, retention and use of personal data. In case of significant changes, customers will be contacted electronically. It will at all times be the most current updated and published version of this document that is what is lawful.