Skip to main content Search Basket

Privacy Policy

Last updated June 2022

Version 1.0 June 2022

 

Any collection, use, storage, deletion, or other use (hereinafter "processing") of data serves exclusively to provide our services.

"Personal data" (hereinafter also referred to as "data") means all individual information about personal or factual circumstances of a specific or identifiable natural person (so-called "data subject"). The following statements on data protection describe what types of personal data are processed when you access our website, what happens to this personal data and how you can object to data processing if necessary.

All articles stated in this privacy notice refer to Regulation (EU) No 2016/679 of the European Parliament and of the Council.

In the following we inform you about essential aspects of the data processing that affects you on the homepage www.nti.biz/no

Identity and contact information of NTI

NTI AS (The Data Controller)
Malmskriverveien 35s
1337 Sandvika Norway
+47 482 03 300
For additional information or questions, please contact [email protected]

Protection of your data

We have taken technical and organizational measures to ensure that the provisions of the GDPR are observed both by us and by external service providers who work for us. If we work with other companies to provide our services, this only happens after an extensive selection process. In this selection process, each individual service provider is carefully selected for its suitability in connection with technical and organizational skills in data protection. Our website is SSL/TLS encrypted, which you can recognize by the "https://" at the beginning of the URL. We only process personal data for as long as is necessary. As soon as the purpose of the data processing has been fulfilled, the data will be blocked and deleted according to the standards of the local deletion concept, provided there are no legal provisions to the contrary.

Data processing on this website and creation of log files

1. Description and scope of data processing

When you visit our website, our web server temporarily stores each access in a log file. The following personal data is recorded and stored until it is automatically deleted:

  • IP address of the requesting computer
  • Device information
  • Date and time of access
  • Name and URL of the retrieved file
  • Amount of data transferred
  • Message whether the retrieval was successful
  • Identification data of the browser and operating system used
  • From where the website is accessed from
  • Name of your Internet access provider


We use the hosting services of the provider Sentia. You can find more information about our hosting provider here: Privacy Policy & Cookie Statement (sentia.com)


2. Legal basis for data processing

The processing of this data takes place based on Article 6 (1) (f) GDPR. Our legitimate interest is based on making our website accessible to you.

3. Purpose of data processing

The data is processed for the purpose of enabling the use of the website and serves to ensure system security, technical administration of the network infrastructure and optimization of the internet offer. The IP address is only evaluated in the event of attacks on our network infrastructure or the network infrastructure of our internet provider.

4. Duration of data storage

The personal data will be deleted as soon as they are no longer required for the above purposes (generally when you close the website). Our hosting provider may use the anonymized data for statistical surveys.

5. Possibility of removal by the data subject

The collection of data for the provision of the website and the storage of data in log files is necessary for the operation of the website. Consequently, there is no possibility of objection.


Description and scope of data processing

Our website uses cookies that are stored on your computer when you use the website. Cookies are small text files that are stored on your hard drive, assigned to the browser you are using, and through which certain information flows to us or the body that sets the cookie:

  • Frequency of website visits
  • Which functions of the website are used by you
  • Search terms used
  • Your cookie settings


Cookies cannot run programs or transmit viruses to your computer. When accessing the website, a cookie banner refers to the data protection declaration.

Note on data processing in the USA by Google, LinkedIn, Facebook, YouTube: By clicking on "Agree to all", you consent in accordance with Article 49 (1) (a) in conjunction with Article. 6 (1) (a) GDPR that your data will be processed in the USA.

In the opinion of the ECJ (European Court of Justice), the data protection standard in the USA is insufficient and there is a risk that your data will be processed by the US authorities for control and monitoring purposes, possibly without legal remedies. If you only agree to the setting of essential cookies, the transmission will not take place. A given consent can be revoked at any time.


2. Legal basis for data processing

The legal basis for data processing by cookies, which do not only serve the functionality of our website, is Article 6 (1) (a) GDPR. The legal basis for data processing for cookies, which serve solely the functionality of this website, is Article 6 (1) (a) GDPR.


3. Purpose of data processing

Our legitimate interest arises from ensuring a smooth connection establishment, the evaluation of system security and stability. The data processing also takes place in order to enable a statistical evaluation of the use of the website.


4. Duration of data storage

There are two types of cookies. Both are used on this website: Transient cookies are automatically deleted when you close the browser. These include, in particular, session cookies. These store a so-called session ID, with which various requests from your browser can be assigned to the joint session. This allows your computer to be recognized when you return to our website. The session cookies are deleted when you log out or close the browser. Persistent cookies are automatically deleted after a specified period of time, which may vary depending on the cookie.


5. Possibility of removal by the data subject

You have the possibility to revoke your consent to the data processing by cookies that do not only serve the functionality of the website at any time. In addition, we only set cookies after you have consented to the setting of cookies when you access the site. In this way, you can prevent data processing via cookies on our website. You can also delete the cookies in the security settings of your browser at any time.


Contact

1. Description and scope of data processing

Via our website it is possible to contact us via e-mail or a contact form. For this purpose, various data are required to answer the request (contact details and, if applicable, information about your interests), which are automatically stored for processing.

2. Legal basis for data processing

The legal basis used here is Article 6 (1) (b) GDPR.

3. Purpose of data processing

We process your data exclusively to process your contact request.

4. Duration of data storage

Your data will be deleted by us as soon as the purpose of the data processing has been fulfilled and there are no legal, official, or contractual retention periods to prevent deletion.

5. Possibility of removal by the data subject

You can contact us at any time and object to further processing of your data. In this case, we are unfortunately unable to continue communicating with you. All personal data processed by us while contacting us will be deleted in this case unless the deletion is contrary to legal obligations to store your
data.

Chat

1. Description and scope of data processing

Through our website it’s possible to get in contact with us through a live chat module. The purpose of this is to offer great customer service, when needed. The chat turns into an offline form outside opening hours.

The chat is operated by tawk.to 187 East Warm Springs Rd, SB298, Las Vegas, NV, 89119, USA

2. Legal basis for data processing

The legal basis used here is Article 6 (1) (a) GDPR.

3. Purpose of data processing

We process your data exclusively to process your contact request.

4. Duration of data storage

Your data will be deleted by us as soon as the purpose of the data processing has been fulfilled and there are no legal, official or contractual retention periods to prevent deletion.

5. Possibility of removal by the data subject

You can contact us at any time and object to further processing of your data. In this case, we are unfortunately unable to continue communicating with you. All personal data processed by us while contacting us will be deleted in this case, unless the deletion is contrary to legal obligations to store your
data.

Read more about tawk.to GDPR policy here

Ordering Courses and Software

1. Description and scope of data processing

You can order courses and software on our website. For this purpose, we process contact data and information about your company.

1a. For courses, we are registering the information received in 3rd party systems, to handle the participance and matters of Invoices

1b For software orders, depending of the software ordered we hand over information to the software provider, which you establish a customer relationship with. To handle an order we need to register contact data and relevant company information in 3rd party systems, as well as we have to hand over relevant information to the software provider.

To place an order, you need to accept our trade conditions.

2. Legal basis for data processing

To place an order, you have to provide personal data that belongs to the mandatory field entry masks, the data processing is based on Article 6 (1) (b) GDPR. In the case of voluntary information, the data processing is based on Article 6 (1) (a) GDPR.

3. Purpose of data processing

We process your data exclusively for the purpose of completing your order

4. Duration of data storage

The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected and there are no contractual, official or legal retention periods to prevent deletion.

5. Possibility of removal by the data subject

You have the option to object to data processing at any time or, if you have given your consent, to revoke it. For this purpose, please use the above contact information.

Registration for webinar

1. Description and scope of data processing

You can register on our website to participate in webcasts via a contact form for this purpose, we process contact data and information about your company. The data you provide will be used exclusively for processing.

2. Legal basis for data processing

If you provide personal data that belongs to the mandatory field entry masks, the data processing is based on Article 6 (1) (b) GDPR. In the case of voluntary information, the data processing is based on Article 6 (1) (a) GDPR.

3. Purpose of data processing

We process your data exclusively for the purpose of completing your registration and enabling you to participate in a webcast or online training.

4. Duration of data storage

The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected and there are no contractual, official or legal retention periods to prevent deletion.

5. Possibility of removal by the data subject

You have the option to object to data processing at any time or, if you have given your consent, to revoke it. For this purpose, please use the above contact information.

Newsletter

1. Description and scope of data processing

We offer the option of subscribing to our newsletter on our website. When ordering the newsletter, you will be asked to provide personal data for processing (contact details and information about your company). Input fields marked with a "*" are mandatory. You will receive the newsletter by email.

The newsletter is sent via the provider Pardot. Data processing is performed by: Pardot LLC, 950 E. Paces Ferry Rd. Suite 3300 Atlanta, GA 30326, USA.

The e-mail addresses of our newsletter recipients, as well as their other data described in this notice, are stored on Pardot's servers in the USA. Pardot uses this information to send and evaluate the newsletter on our behalf. Furthermore, Pardot may use this data according to its own information to optimize or improve its own services, e.g. for the technical optimization of the dispatch and presentation of the newsletters or for economic purposes to determine from which countries the recipients come. Pardot does not use the data to write to it itself or to pass it on to third parties.

The newsletters contain a so-called "web beacon", i.e. a pixel-sized file that is retrieved from Pardot's server when the newsletter is opened. As part of this, technical information, such as information about the browser and your system, as well as your IP address and time of retrieval are first collected. Statistical surveys also include determining whether the newsletters are opened, how often they are opened, and which links are clicked. Although this information can be assigned to the individual newsletter recipients for technical reasons, it is neither our endeavor nor that of Pardot to observe individual users. We trust in the reliability and IT and data security of Pardot. The privacy policy can be viewed under Privacy Policy - Salesforce.com.


2. Legal basis for data processing

The legal basis for data processing is your consent in accordance with Article 6 (1) (a) GDPR.

3. Purpose of data processing

The newsletter has the function of informing you at regular intervals about offers and news from us. We use Pardot as our service provider to ensure effective address management and to stay in touch with you through the newsletter.

4. Duration of data storage

We process your data only for as long as this is necessary to fulfil the purpose and deletion does not conflict with any statutory or official retention obligations. Pardot only stores your personal data for as long as we use your personal data to send you the newsletter.

5. Possibility of removal by the data subject

The consent to the processing of personal data in the context of the newsletter order can be revoked at any time. For this purpose, the data subject can click on the link integrated in each newsletter to unsubscribe or otherwise notify our data protection officer of the revocation of consent.

Social media on our website

We have integrated the social media platforms LinkedIn, Facebook, Instagram, Twitter and YouTube via links on our services. If you click on the social media link, the website of the respective social media provider is called up, whereby the respective reference data of our website is transmitted to the respective social media provider.

1. YouTube videos

a. Description and scope of data processing

We use YouTube to embed videos. Responsible for data processing jointly with us: YouTube LLC, 901 Cherry Avenue, San Bruno, CA 94066, USA, represented by Google LLC., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. Data processing for the European Economic Area and for Switzerland is carried out by: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Normally, when you visit some pages of our website with embedded videos, your IP address is sent to YouTube and cookies are installed on your computer.

However, we have integrated YouTube videos with the extended data protection mode. In this case, YouTube still contacts the Google Ad Manager service, which means that personal data is not evaluated. As a result, YouTube does not collect any information about the visitor unless the video is viewed. In this case, YouTube collects your IP address and notes that you have viewed the video. If you are logged in to YouTube, this information will also be assigned to your user account. We have no knowledge of the possible collection and use of your data by YouTube and have no influence over it. For more information about data protection, we refer to the following data policy from YouTube: https://policies.google.com/privacy?hl=en

2. Legal basis for data processing

The legal basis for data processing is your consent in accordance with Article 6 (1) (a) GDPR.

3. Purpose of data processing

We use social media to make our company better known and to offer you the opportunity to interact with social media via our website.

4. Duration of data storage

The data collected by YouTube (Google) via plug-ins and advertising is deleted after a fixed storage period. According to Google, this time is 9 or 18 months.

5. Possibility of removal by the data subject

To prevent data processing by YouTube, you have the option of logging out of YouTube before accessing our website and deleting all cookies from your browser history. Further settings and objections to the use of data for advertising purposes are possible within the YouTube profile settings. The settings are platform-independent, i.e. they are applied to all devices.

2. LinkedIn share button

1. Description and scope of data processing

From various articles, (e.g case stories, blog post) it’s possible to click a “button” and share a link to that specific article on the data subject own social media profile This requires, that you either are logged in or login to LinkedIn. This permits LinkedIn to assign your visit to our sites to your user account on LinkedIn.

2. Legal basis for data processing

The legal basis for data processing is your consent in accordance with Article 6 (1) (a) GDPR.

3. Purpose of data processing

We use social media to make our company better known and to offer an opportunity to interact with social media via our website.

4. Duration of data storage

The data collected by LinkedIn via plug-ins and advertising is deleted after a fixed storage period. Please refer to linkedin.com/legal/l/cookie-table to find the actual storage time

5. Possibility of removal by the data subject

The consent to the processing of personal data in the context of the LinkedIn can be changed here. https://www.linkedin.com/psettings/advertising-data
For more info on data protection: https://linkedin.com/legal/privacy-policy

3. Facebook share button

1. Description and scope of data processing

From various articles, (e.g case stories, blog post) it’s possible to click a “button” and share a link to that specific article on the data subject own social media profile. This requires, that you either are logged in or login to Facebook. This permits Facebook to assign your visit to our sites to your user account on Facebook.

2. Legal basis for data processing

The legal basis for data processing is your consent in accordance with Article 6 (1) (a) GDPR.

3. Purpose of data processing

We use social media to make our company better known and to offer an opportunity to interact with social media via our website.

4. Duration of data storage

The data collected by Facebook via plug-ins and advertising is deleted after a fixed storage period. https://www.facebook.com/policy/cookies/

5. Possibility of removal by the data subject

The consent to the processing of personal data in the context of the Facebook can be changed here. https://www.facebook.com/settings/cookie.

4. Twitter share button

1. Description and scope of data processing

From various articles, (e.g case stories, blog post) it’s possible to click a “button” and share a link to that specific article on the data subject own social media profile. This requires, that you either are logged in or login to Twitter. This permits Twitter to assign your visit to our sites to your user account on Twitter.

2. Legal basis for data processing
The legal basis for data processing is your consent in accordance with Article 6 (1) (a) GDPR.

3. Purpose of data processing

We use social media to make our company better known and to offer an opportunity to interact with social media via our website.

4. Duration of data storage

The data collected by Twitter via plug-ins and advertising is deleted after a fixed storage period. https://help.twitter.com/en/rules-and-policies/twitter-cookies

5. Possibility of removal by the data subject

The consent to the processing of personal data in the context of the Twitter can be changed here.

https://twitter.com/settings/privacy_and_safety


X. Analysis and marketing tools

1. Description and scope of data processing

Hotjar:

With Hotjar it is possible to analyze the usage behavior (clicks, mouse movements, scroll heights, etc.) on our website. The information generated by the tracking code and cookie from your visit to our website is transmitted to the Hotjar servers in Ireland and stored there. The tracking code collects the following information:

  • The IP address of your device (stored in an anonymous format)
  • Your e-mail address, including your first and last name, if you have made it available via our website
  • Screen size of your device
  • Device type and browser information
  • Geographical point of view (country only)
  • The preferred language to represent our website
  • Referring domain
  • Pages visited
  • Geographical point of view (country only)
  • The preferred language to represent our website
  • Date and time of access to the website

Hotjar will use this information to evaluate your use of our website, to create reports on the use and other services in connection with the use of the website and the website. The data processing is carried out by: Hotjar Ltd. ("Hotjar"), 3 Lyons Range, 20 Bisazza Street, Sliema SLM 1640, Malta, Europe. Further information can be found here: https://www.hotjar.com/legal/policies/privacy

LinkedIn Ads and Conversion Tracking:

We use the analysis and conversion tracking technology of the LinkedIn platform to check the effectiveness of our advertising. LinkedIn places a cookie on your computer. The cookie text files contain information about your visits to our website, in particular about the pages you have viewed in order to be able to give specific product recommendations on subsequent visits to our website or the websites of third parties. The cookie contains an alias randomly assigned by a generator. If you visit our or LinkedIn's website again within a certain period LinkedIn recognizes you by this alias. However, this information cannot be linked to your person. Neither we nor LinkedIn combine this information with your personal data and do not pass on any personal data to third parties. The data processing is carried out by: LinkedIn Ireland, Wilton Plaza, Wilton Place, Dublin 2, Ireland. https://www.linkedin.com/legal/privacy-policy

Facebook Ads:

If you have reached our website through a Facebook ad, Facebook will set a cookie on your system. The cookie is used to create and analyze visit statistics. For this purpose, the IP address is stored. Further data protection information from Facebook: https://www.facebook.com/about/privacy

The data processing is carried out by: Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA.

Google Ads and Google Conversion Tracking

If you have reached our website through a Google ad, Google will place a so-called conversion cookie on your system. It is used to compile and analyze visit statistics. The IP address is processed for this. This data is stored in the USA. It is possible that Google also passes this data on to third parties. Additional information about Google Ad Manager can be found at: https://www.google.com/policies/technologies/ads/.

You will also find information about the options you have so that the information transmitted cannot be used by Google Ad Manager. Data processing for the European Economic Area and for Switzerland is carried out by: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. About further data protection notices from Google, reference is made to: https://policies.google.com/privacy

Google Tag Manager:

is a solution with which we can manage so-called website tags via an interface and thus, for example, integrate Google Analytics into our online offer. Google Tag Manager itself, which implements the tags, does not process any personal data. You can access the Google Tag Manager usage guidelines here: https://marketingplatform.google.com/about/analytics/tag-manager/use-policy/

Data processing for the European Economic Area and for Switzerland is carried out by: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.


Google Analytics:

sets cookies that enable us to analyze your use of our website. The information collected by means of a cookie is: IP address, time of access, duration of access. These are transmitted to a Google server in the USA and stored there. Google may pass on the information collected to third parties if this is required by law or if third parties process this data on behalf of Google. The Google tracking codes on our website use the "_anonymizeIp()" function, which means that IP addresses are only processed in abbreviated form in order to rule out any possible direct personal connection to you.


Under https://www.google.com/analytics/terms/ you will find more information about the terms of use of Google Analytics. Data processing for the European Economic Area and for Switzerland is carried out by: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. With regards to further data protection information from Google, reference is made to: https://policies.google.com/privacy


2. Legal basis for data processing

Use is based on your consent in accordance with Article 6 (1) (a) GDPR

3. Purpose of data processing

We process your data from analysis services for the purpose of needs-based and continuous optimization of our website. Marketing tools enable us to measure the success of advertising carried out on our website. They help us to understand different interests and successes of the advertising placed on our site and to increase our level of awareness.

4. Duration of data retention

Hotjar:

The cookies Hotjar uses have a different "lifetime"; some stay up to 365 days, some stay valid only during the current visit.

LinkedIn Ads and Conversion Tracking:

The data will be deleted as soon as they are no longer required for our recording purposes.

Facebook Ads:

One year after setting the Facebook cookie, the cookie loses its validity. This means that you can no longer be identified. Within one year, both we and Facebook can use the Facebook cookie to track which sub-pages have been accessed.

Google Ads and Google Conversion Tracking:

30 days after the conversion cookie has been set, the cookie loses its validity so that you can no longer be identified. Within these 30 days, both we and Google can track which subpages have been accessed.

Google Analytics:

The data collected by Google Analytics will be deleted 14 months after your visit to our website

5. Possibility of removal by the data

The consent given to data processing can be revoked at any time. You will find all the necessary information under "Your rights". The setting of cookies can be prevented at any time by making the appropriate settings in your Internet browser. The cookies that have already been set can also be deleted in the settings of the Internet browser. We would like to point out that preventing the setting of cookies may mean that not all functions are fully available.

Hotjar

You can also prevent Hotjar from collecting data by clicking on the following link and following the instructions there: https://www.hotjar.com/policies/do-not-track/

LinkedIn Ads and Conversion Tracking:

You can also prevent the storage and use of data in a LinkedIn cookie by accessing the link https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out and selecting "Decline". If you select this option, a new cookie (opt-out cookie) will be set in your browser, informing LinkedIn that no data on your browser behavior may be stored. Please note that the setting must be made for all browsers you use. If all your cookies are deleted in one browser, LinkedIn's opt-out cookie is also affected.

Google services

The setting of cookies can be prevented at any time by appropriate settings in your Internet browser. The cookies already set can also be deleted in the settings of the Internet browser. As a result, not all functions may be fully available. You can object to user-related advertising by Google at any time: https://adssettings.google.com/authenticated

Other Third-Party Tools

1. Description and scope of data processing

Cloudflare

On our website, we use the services of Cloudflare to ensure a secure and error-free use of our website. As a CDN ("Content Delivery Network"), Cloudflare ensures the security of this website and the optimization of loading times. For this purpose, Cloudflare generates log data, which as example includes, the number of page views, IP address, system information and information about the pages accessed before and after your visit to our website. With the help of this data, Cloudflare searches for attack patterns, the analysis of which leads to the protection of our website.

This analysis is usually carried out within a few minutes, so that the security rules of our website can be updated immediately. Responsible for data processing is: Cloudflare, Inc. 101 Townsend St, San Francisco, CA 94107 USA.
For more information, see Cloudflare's Privacy Policy: https://www.cloudflare.com/privacypolicy

2. Legal basis for data processing

Cloudflare:

The legal basis is your consent in accordance with Article 6 (1) (a) GDPR. By implementing Cloudflare, we also comply with the principle of integrity and confidentiality of your data within the meaning of Article 5 (1) (f).

Google Webfonts

The legal basis is Article 6 (1) (f) GDPR. Our legitimate interest lies in the visual presentation of the website.

3. Purpose of data processing

Cloudflare

The purpose corresponds to our legitimate interest in the confidentiality and integrity of our data processing as well as in ensuring the full functioning of our website.

Google webfonts The purpose of data processing is to display of fonts on this website in a uniformed way.

4. Duration of data retention

Your data will only be stored for as long as this is necessary to fulfil the purpose and there are no legal obligations to store your data to prevent deletion.

5. Possibility of removal by the data subject

Cloudflare

You can prevent Cloudflare from processing your data by disabling the execution of script code in your browser or installing a script blocker, but this may result in our website no longer being displayed correctly.

Google Web Fonts:

You can set your browser so that the fonts are not loaded from Google's servers. If your browser does not support Google Fonts or if you prevent access to the Google servers, the text will be displayed in the standard font of the system.

Other cookies:

Since nti.biz is an international website, cookies are set across all countries sharing this site. A full frequently updated list of all cookies set, can be accessed via our Cookie module maintained by:

Cookieinformation A/S
Kristen Bernikows Gade 4,
1105 Copenhagen K, Denmark

VAT: DK-38758292

Data transfer to third party countries

To be able to provide our services, we use the support of service providers from the European area as well as from third countries. To ensure the protection of your personal data even in the event of data transfer to a third country, we conclude special contract processing contracts with each of the carefully selected service providers. All service providers we use have sufficient evidence that you ensure data security through appropriate technical and organizational measures. Our service providers from third countries are either located in countries that have an adequate level of data protection recognized by the EU Commission (Article 45 GDPR) or have provided for appropriate guarantees (Article 46 GDPR).

Adequate level of protection:

The provider comes from a country whose adequate level of data protection has been recognized by the EU Commission. For more information, please visit https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en

EU Standard Contractual Clauses:

Our provider has submitted to the EU standard contractual clauses to ensure a secure data transfer. Further information can be found at: https://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2010:039:0005:0018:EN:PDF


Binding Corporate Rules:

Article 47 of the GDPR provides for the possibility of ensuring data protection when transferring data to a third country by means of binding internal data protection regulations. These are checked and approved by the competent supervisory authorities as part of the consistency procedure in accordance with Art. 63 GDPR.

Consent:

In addition, a data transfer to a third country without an adequate level of protection will only take place if you have given us your consent in accordance with Article 49 (1) (a) GDPR or if another exception according to Article 49 GDPR is relevant for the data transfer.

Your rights

You have the following rights with regards to the personal data concerning you:

1. Right to revoke consent (Article 7 GDPR)

If you have given your consent to the processing of your data, you can revoke it at any time. Such a revocation affects the permissibility of the processing of your personal data for the future after you have expressed it to us. It can be done (by telephone) or in writing by post or e-mail to us.

2. Request access (Article 15, GDPR)

You can at any time request access to your personal data (commonly known as a “data subject access request”)

3. Request correction (Article 16), GDPR

You have the right to rectify the personal data that we hold about you. We want to make sure, that your personal data is accurate and up to date. You may ask us to correct or remove information you think is inaccurate.

4. Request erasure (Article 17, GDPR)

You have the right to request erasure of your personal data. In some circumstances you can ask us to delete your data. Note, however, that we may not always be able to comply with your erasure request and if that is the case, we will notify you of the specific legal reasons for our inability comply at the time of your request.

5. Right to restriction of processing (Article 18, GDPR)

In certain circumstances, you have the right to request the restriction of the processing of your personal data. If you are entitled to restrict the processing, we may only process personal data – with exception of storage – with your consent, or for the establishment, exercise or defence of legal claims, or for the protection of the rights of another natural or legal person, or for reasons of important public interest.

6. The right to rectification (Article 19, GDPR)

If you have asserted your right to rectification, erasure or restriction of data processing against us, we are obliged to inform all recipients of your personal data of the correction, deletion or restriction of data processing. This applies only to the extent that this notification does not prove impossible or would be associated with a disproportionate effort. You have the right to know which recipients have received your data.

7. Right to data portability (Article 20, GDPR)

You have the right to receive your personal data from us in a structured, commonly used and machine-readable format, and you have the right to transmit this data to another controller without hindrance.
When exercising your right to data portability, you have the right to have the personal data transmitted directly by us to another controller, where technically feasible. The right to data portability does not apply to the processing of personal data that is required to perform a task that is in the public interest or in the exercise of official authority that has been delegated to us.

8. Right to object to processing (Article 21, GDPR)

If we base the processing of your personal data on our legitimate interest (in accordance with Article 6 (1) (f), GDPR), you can object to the processing. The same applies if we base the data processing on Article 6 (1) (e), GDPR. When exercising such an objection, we ask you to explain the reasons why we should not process your personal data as we have done. In the event of your justified objection, we will examine the situation and will either discontinue or adapt the data processing or show you our compelling reasons to process your information.

Complaints

If you wish to complain about the processing of your personal data, please contact NTI according to section 1.

You may also file a complaint to the national supervisory authority. The national supervisory authority responsible for NTI AS is Datatilsynet, (The Norwegian Data Protection Agency), Norway. You can find the offical website here

Further you can access a complete list of European supervisory authorities here.

How to exercise these rights and right to make changes

To exercise these rights, please contact us using the contact details provided. We reserve the right to change this data protection declaration in compliance with the statutory provisions.

Changes to this Data Privacy Policy

NTI reserves the right to update or change this Data Privacy Policy at any time and you should visit this site regularly to obtain the latest version.

Updates:

Version 1.0 June 2022