Privacy policy

Processing of Personal Data

Privacy and information security are important to us at Scout Eiendom. We will handle your personal data in a lawful and secure manner. On this page, you can read about how we process your personal data.

Introduction

This privacy statement explains how Scout Eiendom AS (“we”, “us”, “our”) collects and uses (processes) personal data in our business. Scout Eiendom AS, represented by the general manager, is responsible for the processing of the data.

Please note that there may be discrepancies or errors in the English version of the privacy policy. In the event of any inconsistencies or ambiguities, the Norwegian version shall prevail and be the authoritative document.​

Our contact information is:

Scout Eiendom AS
Org. no.: 933 603 407
Email address: post@scouteiendom.no

Your Rights

If you wish to exercise any of your rights, you can send us an email at post@scouteiendom.no. You are entitled to a response as soon as possible, and no later than within 30 days. Read more about all your rights on the Norwegian Data Protection Authority’s website.

  • Access to and correction of your data: You can request a copy of all the information we process about you and ask us to correct any incorrect information.
  • Deletion or restriction of processing of personal data: In some situations, you can ask us to delete and/or restrict the processing of your personal data.
  • Objecting to the processing of personal data: If we process your data based on our tasks or a balance of interests, you have the right to object to our processing of your data.
  • Data portability: If we process your data based on consent or a contract, you can ask us to transfer your data to you or another data controller.

You can complain to the Norwegian Data Protection Authority about our processing of personal data. We hope that you will notify us directly first, so we can try to resolve the matter in a satisfactory way.

Whose Personal Data We Process

  • Customers
  • Potential customers
  • Website visitors
  • Newsletter subscribers

How We Collect Personal Data

Providing personal data to us is voluntary. However, for us to deliver products or services, we need various pieces of information from you to complete the transaction. We do not rent, buy, or sell personal data from/to others. We do not use automated decisions or profiling in the processing of your personal data.

We process personal data when someone:

  • Enters into an agreement with us to purchase products/services
  • Sends us emails, SMS, social media messages, or other correspondence
  • Signs up for our newsletter
  • Signs up for digital events (courses, lectures, workshops, etc.) organized by us, both free and paid
  • Uses our website (see the section on cookies)
  • Leaves a comment on our website
  • Submits an inquiry via communication tools or contact forms on our website
  • Responds to a survey

Categories of Personal Data, Purpose, and Legal Basis for Processing

We process personal data under the following legal bases according to Article 6(1) of the General Data Protection Regulation (GDPR):

  • Consent (a): When you have given us your consent
  • Contract (b): To fulfill a contract you are a part of, or to take steps at your request before entering into a contract
  • Legal obligation (c): To comply with a legal obligation
  • Legitimate interest (f): To pursue a legitimate interest that we believe outweighs the individual’s privacy considerations

We Process Personal Data Related to:

Inquiries from You (Including Communication, Support, Customer Service…)

When you contact us via the website (contact form, comment field, communication tools), email, phone (call, text message), or social media, we process personal data. Depending on where and how you send us messages, this may include contact information, IP addresses, and other information you choose to send to us.

The purpose is to be able to respond to your inquiries, for historical purposes, and to have documentation in case we receive complaints, grievances, or legal claims. The legal basis is GDPR Article 6(1)(f), where the legitimate interests are to respond to your inquiries, for historical purposes, and to have documentation in case we receive complaints, grievances, or legal claims.

We review, archive, and delete inquiries as needed, but no less frequently than every other year. To maintain potential history and logic in the comment section, comments are not systematically deleted. Inquiries that we are obliged to retain, as documentation in connection with a complaint/dispute case, are stored until the deadline for complaints has expired (two or five years). Accounting materials are stored for up to five years, following the rules in the Norwegian Bookkeeping Act.

Purchase of Products and Services

When you purchase products and services from us, we process personal data such as contact information, order and payment information, and purchase history.

The purpose is to deliver products and services to you upon order/purchase, and to maintain a history of sold products and services. The legal basis is GDPR Article 6(1)(b) contract or (c) legal obligation. Accounting materials are stored for up to five years, following the rules in the Norwegian Bookkeeping Act.

Marketing in Existing Customer Relationships

When you become our customer, we process personal data as mentioned above. If you have an existing customer relationship with us, we may send you marketing emails and SMS messages, in line with the Norwegian Marketing Act § 15, and the guidelines provided by the Consumer Authority.

The purpose is to provide good customer service. The legal basis is GDPR Article 6(1)(f), where the legitimate interests are to offer you relevant products and services. The legal basis can also be GDPR Article 6(1)(a) when you have given us your consent. You can opt-out of marketing emails and SMS messages at any time. Information on how to unsubscribe is provided in all emails and SMS messages we send related to marketing. Data is retained until the registered individual requests their deletion.

Newsletter

We send out newsletters via email, including articles, blog posts, discounts, offers, free templates, checklists, and similar content. Newsletters may also occasionally include information about our products and services. When you subscribe to the newsletter, we process personal data such as contact information and IP address.

The purpose is to provide relevant news and offers, as well as to deliver good customer service to potential and existing customers. The legal basis is GDPR Article 6(1)(a) consent. Subscription to newsletters is voluntary, and you can withdraw your consent (unsubscribe) at any time by clicking “Unsubscribe” at the bottom of one of the emails. Data is retained until the registered individual requests deletion.

Events, Including Digital

When you participate in our free events, we process personal data such as contact information. For paid events, we also collect order and payment information. The purpose is to offer relevant courses, lectures, and workshops to customers and potential customers. The legal basis is GDPR Article 6(1)(a) consent or (b) contract. Data is retained until you withdraw your consent and request their deletion or, under contract, up to five years following the rules in the Norwegian Bookkeeping Act.

Surveys

We always inform you of the purpose of the surveys we conduct and whether they are anonymous. We do not share the information with others or use it for any purpose other than those we have specified. No personal data is collected in anonymous surveys. The legal basis for non-anonymous surveys is GDPR Article 6(1)(a) consent. Data is retained as long as it is relevant for the purpose or until you withdraw your consent and request their deletion.

Suppliers, Partners, and Data Processors

When you enter into an agreement with us as a supplier, partner, or data processor, we process personal data such as contact information. Other information is normally related to a business, and thus not personal data. The purpose is to enter into such agreements, and the legal basis is GDPR Article 6(1)(b) contract. Data is retained for up to five years following the rules in the Norwegian Bookkeeping Act.

Use of the Website

When you use our website, we process personal data such as IP address and other technical data collected through cookies and analytics tools. The purpose is to provide you with a good user experience, as well as to develop statistics to improve and develop our website and service offerings. The legal basis is GDPR Article 6(1)(f), where the legitimate interests are to provide you with a good user experience, as well as to improve our website and service offerings. See the next chapter for more information.

Cookies and Analytics Tools

A cookie is a text file that is stored in your browser when you visit a website. Below, we describe how we use cookies and analytics tools on our website https://scouteiendom.no, in accordance with the Norwegian Electronic Communications Act, known as the “cookie paragraph”: § 2-7 b Use of cookies.

When you visit our website for the first time, or after deleting cookies, you are informed that we use cookies through a banner that appears at the bottom of the page. By clicking on the banner, you accept that we use cookies as described below, allowing you to continue using our website. We use the following cookies on our website:

Google Analytics

_ga: distinguishes between unique users (2 years)

_gat: limits the number of requests

_gid: distinguishes between unique users (24 hours)

Facebook

fr: for users of the website who are logged into Facebook

WordPress

comment_author_{HASH}: for comment section

comment_author_email_{HASH}: for comment section

comment_author_url_{HASH}: for comment section

We also use the following analytics tools on the website:

We use Google Analytics to track behavior on the website, as described in the chapter above. We use Facebook Pixel to track behavior on the website and to target advertising on Facebook. We use Mailchimp to send out newsletters, which also uses cookies for signup forms on the website.

Disabling or Deleting Cookies

You can disable and/or delete cookies in your browser settings. On the website nettvett.no, you can learn how to do this for most browsers. There you can also learn more about safer internet use. However, if you disable or delete cookies, it may change your user experience on a website, and sometimes services on a website may no longer function properly.

Who We Share Personal Data With

To operate our business, we sometimes need to share your personal data with parties such as:

  • Data processors: providers of various services who process your personal data on our behalf (for example, for IT and administration services, accounting, cloud storage, web hosting, email distribution, and similar services).
  • Professional advisors from industries like law, finance, accounting, auditing, and insurance.
  • Support services for IT and administration systems.
  • Public authorities we are required to report to.

We require that everyone we share your personal data with secures your data according to good information security practices and the requirements of the General Data Protection Regulation (GDPR). We enter into data processing agreements with all suppliers.

Transfer of Personal Data Outside the EU/EEA

In some cases, your personal data is transferred outside the EU/EEA, for example, when we use suppliers outside the EU/EEA to handle newsletter distribution, process customer data, make products and services available on our website, facilitate payment, ensure the security of our website, and generally to operate our business in a safe and efficient manner.

Transfer of personal data outside the EU/EEA is only permitted to countries approved by the EU Commission, or under the necessary safeguards according to the GDPR. These may include the Privacy Shield for suppliers based in the USA, the use of EU standard contractual clauses, or binding corporate rules. If you want to know which suppliers we use outside the EU/EEA and access documentation of the necessary safeguards, you can contact us at the email address post@scouteiendom.no.

Security

We take information security seriously and will always do our utmost to protect your personal data in the best possible way. Among other measures, we use strong passwords, data encryption, access controls, backups, and two-factor authentication to secure our data and prevent unauthorized access, alteration, deletion, or any interference with the data we store, including your personal data.

We only use reputable providers of IT and administration services, such as web hosting, security on the website and PC, antivirus programs, email providers, backups, and more. We only allow others to access and/or process your personal data according to our instructions and only when it is strictly necessary (e.g., for IT support).

We have established procedures for handling data security breaches, and in the event of an incident, we will send a breach notification to the Norwegian Data Protection Authority within 72 hours of discovering the breach. If the breach poses a high risk to personal privacy, we will also notify the affected individuals.