Spacefinder

Processing of Personal Data

Privacy and information security are important to us at Scout Eiendom. We will process your personal data in a lawful and secure manner. On this page, you can read about how we handle your personal data.

Introduction

This privacy policy explains how Scout Eiendom AS (“we,” “us,” “our”) collects and uses (processes) personal data in our business operations. Scout Eiendom AS, represented by the general manager, is responsible for the processing of personal data.

Our contact information:

Scout Eiendom AS
Org. No.: 933603407
Email: post@scouteiendom.no

Your Rights

If you wish to exercise any of your rights, you can email us at post@scouteiendom.no. You are entitled to a response as soon as possible, and no later than 30 days. Read more about all your rights on the Norwegian Data Protection Authority’s website.

– Access to and correction of your data: You can request a copy of all the information we process about you and ask us to correct any inaccuracies.

– Deletion or restriction of processing: In certain situations, you can ask us to delete and/or limit the processing of your data.

– Objecting to data processing: If we process your data based on our legitimate interests or a public task, you have the right to object to this processing.

Data portability: If we process your data based on consent or a contract, you can request that we transfer your data to you or another data controller.

Filing a complaint: You can complain to the Norwegian Data Protection Authority about our processing of personal data. However, we hope you will reach out to us first so we can try to resolve the matter satisfactorily.

Who We Process Personal Data About

– Customers

– Potential customers

– Website visitors

– Newsletter subscribers

How We Collect Personal Data

Providing personal data to us is voluntary. However, in order to deliver products or services, we require certain information from you to complete transactions. We do not rent, buy, or sell personal data from/to others. We do not use automated decision-making or profiling in our processing of your personal data.

-We process personal data when someone:

-Enters into an agreement with us for the purchase of products/services

-Sends us an email, SMS, message via social media, or other correspondence

-Signs up for our newsletter

-Registers for digital events (courses, lectures, workshops, etc.), both free and paid

-Uses our website (see the section on cookies)

-Leaves a comment on our website

-Submits an inquiry via communication tools or contact forms on our website

-Responds to a survey

Categories of Personal Data, Purpose, and Legal Basis

We process personal data under the following legal bases in Article 6(1) of the General Data Protection Regulation (GDPR):

a) “Consent” – when you have given us your explicit consent

b) “Contract” – to fulfill an agreement with you or take necessary steps before entering into an agreement

c) “Legal obligation” – to comply with legal requirements

f) “Legitimate interest” – to pursue legitimate interests that we believe outweigh privacy concerns

We process personal data related to:

Inquiries from you (including communication, support, customer service…)

When you contact us via the website (contact form, comment section, communication tools), email, phone (calls, text messages), or social media, we process personal data. Depending on where and how you send us a message, this may include contact information, IP address, and other information you choose to share with us.

The purpose is to respond to your inquiries, maintain a record, and have documentation in case we receive complaints, claims, or legal disputes. The legal basis for processing is GDPR Article 6(1)(f), where the legitimate interests are responding to inquiries, keeping a record, and maintaining documentation in case of complaints, claims, or legal disputes.

We review, archive, and delete inquiries as needed, but no less frequently than every two years. To maintain continuity and logic in the comment section, comments are not systematically deleted. Inquiries we are required to retain as documentation in connection with complaints or claims are stored until the deadline for filing a complaint has expired (two or five years). Accounting records are retained for up to five years, in accordance with bookkeeping regulations.

Purchases of products and services

When you purchase products and services from us, we process personal data such as contact information, order and payment information, and purchase history.

The purpose is to deliver products and services to you after ordering/purchasing and to maintain a record of sold products and services. The legal basis for processing is GDPR Article 6(1)(b) (contract) or (c) (legal obligation). Accounting records are retained for up to five years, in accordance with bookkeeping regulations.

Marketing within existing customer relationships

When you become a customer, we process personal data as mentioned above. If you have an existing customer relationship with us, we may send you marketing emails and SMS messages in accordance with the Marketing Act Section 15 and the Consumer Authority’s guidelines.

The purpose is to provide good customer service. The legal basis for processing is GDPR Article 6(1)(f), where the legitimate interest is offering you relevant products and services. The legal basis may also be GDPR Article 6(1)(a) (consent). You can unsubscribe from marketing emails and SMS messages at any time. Information on how to unsubscribe is included in all marketing-related emails and SMS messages. Data is retained until the data subject requests deletion.

Newsletters

We send newsletters via email, including articles, blog posts, discounts, offers, free templates, checklists, and similar content. The newsletters may also include information about our products and services. When you subscribe to newsletters, we process personal data such as contact information and IP address.

The purpose is to inform about relevant news and offers, as well as provide good customer service to potential and existing customers. The legal basis for processing is GDPR Article 6(1)(a) (consent). Subscription to newsletters is voluntary, and you can withdraw your consent (unsubscribe) at any time by clicking “Unsubscribe” at the bottom of an email. Data is retained until the data subject requests deletion.

Events, including digital events

When you participate in free events, we process personal data such as contact information. For paid events, we also collect order and payment information. The purpose is to offer relevant courses, lectures, and workshops to customers and potential customers. The legal basis for processing is GDPR Article 6(1)(a) (consent) or (b) (contract). Data is retained until you withdraw your consent and request deletion, or, in the case of contracts, for up to five years in accordance with bookkeeping regulations.

Surveys

We always inform you about the purpose of our surveys and whether they are anonymous. We do not share information or use it for purposes other than those stated. Anonymous surveys do not collect personal data. The legal basis for non-anonymous surveys is GDPR Article 6(1)(a) (consent). Data is retained as long as relevant for the purpose, or until you withdraw your consent and request deletion.

Suppliers, partners, and data processors

When you enter into an agreement with us as a supplier, partner, or data processor, we process personal data such as contact information. Other data is typically related to a business and therefore not personal data. The purpose is to enter into such agreements, and the legal basis for processing is GDPR Article 6(1)(b) (contract). Data is retained for up to five years in accordance with bookkeeping regulations.

Use of the website

When you use our website, we process personal data such as IP address and other technical data collected through cookies and analytics tools. The purpose is to provide you with a good user experience and compile statistics to improve and develop the website and our services. The legal basis for processing is GDPR Article 6(1)(f), where the legitimate interest is ensuring a good user experience and improving our website and services. Read more in the next section.

Cookies and analytics tools

A cookie is a text file stored in your browser when you visit a website. Below, we describe how we use cookies and analytics tools on our website, in accordance with the Electronic Communications Act (“cookie section” 2-7b).

When you visit our website for the first time, or after deleting cookies, a banner appears at the bottom of the page informing you about our use of cookies. By clicking on the banner, you accept our use of cookies as described below. We use the following cookies:

Google Analytics
– _ga: Distinguish between unique users (2 years)
– _gat: Limit request rate
– _gid: Distinguish between unique users (24 hours)

Facebook
– fr: For website users logged into Facebook

WordPress
– comment_author_{HASH}: For comment sections
– comment_author_email_{HASH}: For comment sections
– comment_author_url_{HASH}: For comment sections

We also use the following analytics tools:

-Google Analytics

-Facebook Pixel

Disabling or deleting cookies

You can disable or delete cookies in your browser. Visit nettvett.no to learn how for most browsers. Note that disabling or deleting cookies may affect your user experience and the functionality of some website services.

Who we share personal data with

To operate our business, we sometimes need to share your personal data with:

-Data processors: Service providers processing data on our behalf (e.g., IT, administration, accounting, cloud storage, web hosting, email services)

-Professional advisors (e.g., legal, financial, accounting, auditing, insurance)

-IT support for systems administration

-Public authorities we are legally required to report to

-We ensure all recipients comply with GDPR and enter into data processing agreements with all providers.

Transfer of personal data outside the EU/EEA

In some cases, your data may be transferred outside the EU/EEA, for example, when using service providers for newsletters, customer data processing, product and service availability, payments, website security, and general business operations.

Such transfers are only allowed to countries approved by the EU Commission or under necessary safeguards, such as Privacy Shield for U.S. providers, EU standard contractual clauses, or binding corporate rules. Contact us at post@scouteiendom.no for details.

Security

We take information security seriously and implement strong passwords, data encryption, access control, backups, and two-factor authentication to protect your data.

We use reputable IT service providers and ensure that only authorized personnel access and process your data as strictly necessary. We have procedures for handling security breaches and will notify the Data Protection Authority within 72 hours if required. If the breach poses a high privacy risk, affected individuals will also be notified.

Fill out the form

Fill out the form on the right or use the contact information below, and we will contact you shortly to set up a meeting about searching for new premises or renegotiation.

post@scouteiendom.no
+47 994 26 996
Follow us on LinkedIn