juni 13, 2018

iQubeS Privacy Policy for iQubeS as Data Controller

Applicable law:

  • «Lov om behandling av personopplysninger (personopplysningsloven) og samtykke til deltakelse i en beslutning i EØS-komiteen om innlemmelse av forordning (EU) nr. 2016/679 (generell personvernforordning) i EØS-avtalen»

In association with the new rules that come in to force in the EU and EEA on Data protection (GDPR), we would like to inform you about the implementation of these new rules at iQubeS and iQubeS Companies and what affects this can have for our business relation.

In accordance with the new rules, we will, in a certain context, be seen as both Data Controller (iQubeS as an operating company and relations to external person and companies) and Data Processor (iQubeS as supplier of iQS to our iQS Business System customers). This document and Privacy Policy is related to iQubeS as Data Controller.

Among other things, this applies when we process (record) personal information about contacts, or others that we need to communicate with directly. This will only be relevant when personal information is necessary for us to fulfil our obligations.

For all the processing of personal information about external parties in iQubeS, we will:

  • Implement satisfactory technical and organizational measures to protect personal information and make sure our subcontractors do the same.
  • Have necessary guidelines for how long we keep personal information, to ensure they are not stored longer than necessary.
  • Erase data should the data no longer be required or for any other reason a Data Subject request deletion
  • Maintain the data in our iQS Business system behind firewalls and other safeguards such as encryption and access control

Examples of information we collect about external parties:

  • Company Name
  • Contact person
  • Company Address / Billing Address
  • Phone number and e-mail address
  • Publicly available info. such as data from business card, received e-mail from Data Subject and/or LinkedIn which is maintained and published by the data subject

Example of why we collect this information:

  • CRM (Relation Management with external parties):
    • Contacts, Suppliers, Collaborators, Prospects, other public persons
  • Operation of and conducting iQubeS Business
  • Communicating with external parties (Data Subjects outside the iQubeS organization) via e-mail, phone, other communication channels (Skype, Teams, etc.)

We do not collect information such as birthdates, social security numbers or any other information that is not publicly available.

As a Data Controller we will, related to external parties:

  • Only process data about individuals (companies and person) that are relevant to conduct iQubeS Business and is considered voluntarily made available to iQubeS
  • Should data breach occur, iQubeS will notify the exposed Data Subject(s) and inform relevant authorities
  • Store all data in Europe
  • Maintain the data in our iQS Business system behind firewalls and other safeguards such as encryption and access control

You are, as us, subject to data protection laws by processing personal information or in the role of Data Subject sharing personal information. We must ask that:

  • You do not send us personal information that we do not need to fulfil our obligations (it will be illegal of you to do so and it will be illegal for us to process them).
  • If you have any reason to believe that you are listed in the iQS Business System for iQubeS and wish to exercise the «Right to erasure» please contact us immediately.

Should there be any questions regarding the above, we ask you to contact us by mail: post@iqubes.no or by any other means available to contact individuals in iQubeS. We will process and answer any inquiries as soon as possible (minimum within 10 working days).

Should you wish to report iQubeS to the Data Authorities, please do so at this link «Melding om avvik (Datatilsynet)  (DPA-01)»