2) The legal basis
Personal data and assesments that can be tied to an identifiable individual. This can be for example name, address, phone number, e-mail, IP-address or purchase and service-history. All treatment of personal data, as collecting, registration, storage and extradition is subjected to special rules, among others in the Personal Data Act. The chief executive officer is responsible for the processing of data is coherent with the rules in the law. The Norwegian Data Protection Authority is overlooking that the law is obtained. Self Storage Group ASAs foundation to treat personal data will vary but will according to the Data Protection Act § 8 letters a and b consist of consent from the registered or because it is legally required. Further it could be necessary to treat personal data to fulfill an agreement with the registered or to fulfill a legal commitment. Consent to treatment of personal data can at any time be withdrawn according to the GDPR article 13 (2) letter c.
Self Storage Group ASA will in most cases process personal data based on consent. In some cases, we will also treat personal data based on legitimate interest. In that case we will do a “Legitimate interest assessment”.
It is the Norwegian Personal Data Act that is in effect for our treatment of personal data.
3) What kind of information do we collect?
To deliver as good services as possible, we are dependent of collecting different types of information, included your personal data. Under follows an overview of how we typically gather personal data and what data this typically is.
a) Information you provide to us
When you register on our website, you must provide some information that will be stored with us, like name, e-mail, phone number etc. We will also save information when you are in contact with us later, such as inquiries to one of our departments. When contacting us trough phone, chat, e-mail or trough other digital channels, we will also store information. The information you provide can also be enriched by lookup services, purchase history or social media you give us access to. It is volunteer to provide your personal data to us.
b) Data we get though use of our services.
When you use our services, we register information about what services you are using and how you use them. Among other things, we collect information about:
i)Your device and internet connection:
We can register information about the device you are using, for example manufacturer of mobile/Computer, operating system and browser version. We can also collect information about the connection to our services, as IP-addresses, network-id, cookies and unique identification files.
ii) Use of Services or purchase:
We register information about your use of services or purchases you make, about witch sites you visit, when you visit our web pages, what functions you have used on the webpages, and any purchases you may have done.
iii) Information about your position:
We can also register your geographical position when you use our services or shop in our stores trough data from purchases you are making.
c) Information we get from other sources
We cooperate with third parties (for example business partners, subcontractors of technical services, payment services and delivery services, commercial networks, analytical services, search engine services and credit agencies) and can receive information about you from these. According to our contractual clause we reserve the right to make credit checks by all new tenants, and possibly in case of non-payment.
d) Automatic assessments
Trough analysis of your purchases and behavior an automatic categorization of you as a costumer can be derived.
4) What is the data used for
We use the personal data to the following purposes:
a) To deliver and improve our services.
We use personal data to deliver our services to you. For example we need personal data to be able to contact you and so that you can pay for the product/services we deliver. If you contact us via customer service: dependent of what the inquiry is regarding and what channel you contact us trough (phone, chat or e-mail), we will need to know who you are, what product you have purchased, your address, of your phone number. We will gather the information needed to help you.
We also use personal data to insure you get the best possible user experience, among other things by adapting the display of the content to your screen/device and provide the fastest possible loading of the pages.
b) To adapt the services, give you recommendations and relevant marketing.
Se wish to give you recommendations, product information service adjustments that is as relevant to you as possible. This will be given based on your behavior, for example based on which products and services du have used or bought, ads you have clicked on, or articles you have read, and based on the behavior of other users with a similar utility pattern as you.
c) To improve digital communication and advertising.
We use your personal data to improve our advertising. By creating a profile with us you accept targeted advertisement trough programmatic purchases and targeted advertising trough social media where your personal data will be used in purchases of such advertising.
d) To compile statistics and understand marketing trends.
We compile statistics and map marketing trends. We do this to be able to improve and further develop our product offer and services. As far as it is practically possible we try to do this with anonymous information, without knowing this information is tied specifically to you.
e) To avoid misuse of our services.
We use personal data to prevent misuse of our services. Misuse can be attempts to log on to others accounts, attempts on fraud, “Spamming”, hateful expressions and other acts that are illegal according to Norwegian law.
5) Who treats your information (Data processors)
Costumer service will be performed by Self Storage Group, while accounting will be performed by the parent company Self Storage Group ASA. We have entered into data processing agreements with the companies that treat information for us, and these will not extradite information to third parties. The following companies outside of Self Storage Group are central when your information is processed:
Jotform – Gathering of information from our users via the website.
Golarge.no – operations of web pages
Google – anonymized and aggregated user information for use of our digital services.
Facebook – anonymized and aggregated user information for use of our digital services in conjunction with advertising.
6) Administration of personal data
You can influence which personal data we shall have about you and how we use them. You can do this by contacting us on mail (Fabian) or phone 22654000. If you discover faults in our information about you, please contact us so that we can correct this.
7) Securing personal data
The security of your personal data is important to Self Storage Group. We commit to protect the information we collect. We maintain organizational, technical and physical security measurements designed to protect the personal data you provide, or we collect, against random, illegal or unauthorized destruction, loss, change, access, sharing or use. We use SSL encryption on our websites that we use for transfer of certain personal data.
Self Storage Group stores personal data only as long as it is necessary to fulfill the purpose for which the personal data was collected, unless the active right demands or opens for something else. We take action to destroy or de-identify personal data if this is required by law or the need for the personal data to the purpose it was collected is no longer there.
Self Storage Group is deleting information about you in line with regulatory requirements. Information about purchases will as a main rule be deleted when there is no longer need to storage the information to answer the customers inquisitions and complaints unless we need the information to fulfill other legitimate purposes. Accounting legislation and other legislations can in some cases require us to store some types of information for a longer period of time. Instead of deleting the personal data, it may in some cases be appropriate to anonymize the personal data. With anonymization, we mean that all identifiable or potentially identifiable characteristics will be removed from the datasets that will be stored.
9) Transfer of personal data to foreign countries
a) Inside EU/EØS
Your personal data can be transferred to foreign countries. Transfer of personal data inside the EU/EØS – area can freely take place according to the current privacy legislation.
b) Outside EU/EØS
If we transfer personal data outside the EU/EØS-area, we will be insured that the transfer is happening according to the current legislation. This means that we will collect consent from you to implement the transfer or use other mechanisms to do a legal transfer.
10) Your rights
Self Storage Group values your feedback. Here you can see what rights you at any time have that you can make current by contacting us here.
Withdrawal of consent: If you have given your consent to receive inquiries from us about offers on our services, you can withdraw this consent at any time. We have facilitated so that you can easily reserve yourself from this kind of inquiries in every inquiry from us. Consent can also be withdrawn by contacting costumer service.
You have the right to ask for access to the personal data according to the Data Protection Act §18 and GDPR art. 15.
Ask for correction or deletion: You can also ask us to correct incorrect information we have about you or ask us to delete personal data. We will, as far as possible, accommodate a request to delete personal data, but we cannot do this if there are weighty reasons not to delete, for example that we must store information for documentation purposes.
Right to data portability: you can demand to take the personal data to another business—This is called data portability. If this is technically possible, you can demand that we as the controller make sure to transfer the information to the new business. The information shall be in a structured, general use and in machine-readable format.
These rules follow of the regulation article 20.
Right to complain: You have the right to complain to a supervisory authority, in this case The Norwegian Data Protection Authority pursuant to The Data Protection Act article 13 (2) letter d.
You also have the right to get limited processing in certain cases pursuant to The Data Protection Act article 18.
11) Who gets access to your personal data?
In some cases, other businesses will have access to your personal data:
Other companies in the group: In some cases, we will need to share your personal data with other companies in the group, for example in conjunction with customer service. The data we share will not be used for other purposes than stated above in item 4).
Public authority: Your personal data can in special cases be disclosed to a relevant public authority. Disclosure like this will only occur if we are required to comply with applicable laws and regulations.
We also use other tools than cookies to gather data about your IP-address, what browser you use, your broadband supplier, operative system, date and time for your visit, and data about how you navigate on the website. We use this data to analyze trends, so that we can make the website more user friendly.
For a full list over what cookies we use, follow this link.
13) External links
14) Especially about marketing through e-mail and SMS
Marketing trough e-mail and SMS includes news letters and other inquiries about content, services, offers, campaigns and events from us, our collaborators and partners trough e-mail, phone, SMS, post/letter and social media. We only send marketing like this if you have given us consent to do so. Your personal data van also be used to adapt this communication. You can at any time, easy and without a cost opt out of these marketing inquiries trough the unsubscribe-function in the e-mails and texts.
15) E-mail and phone
Self Storage Group ASA is using e-mail and phone as a part of the daily work to serve customers and interests. Relevant information provided by the telephone conversation and e-mails happening as a part of the customer treatment is being journaled.
Self Storage Groups coworkers will use mail in general dialogue with internal and external contacts. The individual is responsible to delete messages that no longer are current, and at least every year go through and delete unnecessary content in the mail inbox.
16) Legitimate interest
In cases where you are contacting us with an interest of knowing more about our services, we will always do a “legitimate interest assessment”. If we based on this assessment concludes with your interest to be contacted by us is more important than your privacy interests, we will start the dialogue with you through the medium you contacted us on, or the medium you have specified you want to be contacted on.
17) Information about the employees
Self Storage Group ASA is treating personal data about their employees to process salaries and personal responsibility. Legal basis follows of the Personal Data Act § 8, first paragraph and § 8 a), b) or f) and § 9 a), b) and f). It is the CEO that has the daily responsibility for this. The necessary information for payment of salary, for instance ground data, salary level, time registration, tax rate, tax municipality, and union affiliation. Other information about employees are connected to the individuals work instructions and facilitation of the individuals work. Furthermore, information related to key administration of entries and deposits and access control information to IT systems. The information is gathered from the employee itself. The information will only be deployed in conjunction with salary payments and other law-abiding disclosures. Routines for deleting personal data is following The Norwegian accounting Act and The Archival Act of 1992. Information about name, position and working area is considered to be public information and can be published on all of the company’s websites.
Every application for positions will be stored in our electronic archive, and shredded as soon as the position is filled, or after a year.
19) Contact information and the data controller
The data controller in Self Storage Group ASA is CEO Fabian Søbak.
Please reach out through our contact scheme or Phone: +47 92 42 94 38.