PrivacyLast update: 12 September 2019
We, Intility, collect and process your personal data when you visit our website, use our services or contact us for other reasons. This privacy statement sets out how and why we collect, handle, store and protect your personal data when you:
- visit our website,
- use our services or
- contact us for other reasons.
The statement also contains your rights in relation to your personal data and other information you are entitled to receive when data about you is collected.
Intility is committed to protecting your privacy and handling your data in a fair, open and transparent manner. We will not process your personal data unless we have a specified, explicit and legitimate purpose, or as required by law. We take the security of your personal data seriously, and we ensure appropriate information security related to confidentiality, integrity and availability. For more information about how we work with information security, please visit Intility Trust Center.
Third party service providers may process personal data on behalf of Intility within various areas. Intility has implemented adequate safeguards in accordance with applicable law to protect your personal data processed by third party service providers.
We may modify or amend this privacy statement from time to time. To let you know when we make changes to this privacy statement, we will amend the revision date at the top of this page. The new modified or amended privacy statement will apply from that revision date. Therefore, we encourage you to periodically review this statement to be informed about how we are protecting your information.
1.2 Intility as a data controller
Intility AS is the data controller for the personal data we collect about you. If you have any concerns or questions, you can email our Privacy Team at firstname.lastname@example.org or write to us at:
Intility AS, Schweigaards gate 39, 0109 Oslo, Norway
Tlf: +47 24 10 33 00
Our business register number is 981 967 070.
1.3 Our objectives
- Prevent data loss and misuse of personal data
- Secure identity and access control
- Install and maintain robust, available and secure systems and services
- Establish clear roles and responsibilities for information security and privacy
- Ensure expertise and awareness about privacy in the organization
1.4 Intility's processing of personal data
Intility processes personal data about subjects that are not employed or engaged by Intility in these various situations:
1.4.1 Our websites
When you visit, use or download content or information from any or our websites, e.g. www.intility.no and webshop.intility.no, we register various types of information about you in a “cookie” (information capsule). A cookie is a small file that is stored locally on your PC. It is not harmful and cannot contain viruses or programs. What it does is to store information from our website, for instance when you last visited it or the data you entered in an order form.
It is a cookie that enables our website to remember which language you prefer or how you logged on last time and make these your default settings.
When you visit our websites, we register different types of data about you as a user. The registered data can, for example, be your location, IP address and location data. Furthermore, we register information about your web behavior, e.g. which pages you visit, for how long and how often, and time and date for the visit. We also register technical data about your browser and operating system.
At the bottom of this statement you will find a closer description of the cookies and analytical systems we use on our websites.
The data we collect is depersonalized. This means that the data about your web behavior cannot be used to identify the individual users of our websites. The data is compiled into statistics, and used for the following purposes:
- Analytical – to enable us to learn from your and other users’ behaviour.
- Technical – to make our websites as stable as possible and to improve functionality, user experience and content.
- Customization – to ensure that the contents of the webpage are as relevant as possible for you.
- Sale and marketing – to ensure that the contents of the webpage are as relevant as possible for you, and to give you relevant and customized offers.
By using our websites, you agree that we can place cookies on your computer or device as explained above. However, you can control and manage cookies in various ways. Please bear in mind that removing or blocking cookies may impact your user experience and parts of this website may no longer be fully accessible.
184.108.40.206 Intility webshop
When you make a purchase in our Webshop, we collect your name, phone number, e-mail address and details about your employer (name and business address). This information is necessary to enable us to manage the purchase order, i.e. to send the order to the correct address and to contact you if necessary.
We have an obligation to store the order information to meet accounting requirements, submit reports to the tax authorities and be able to handle claims of guarantees and returns. The data will be deleted after a five (5) year file retention period.
We cooperate with third-party vendors to deliver our Webshop service. I certain situations we may disclose personal data relating to you to a third party that reasonably require access to the data. For instance, a carrier firm will need your name, (business) address, phone number and desired place of delivery in order to deliver the goods to you or your employer. In such a situation, the vendor is also a data controller for the data we disclose.
1.4.2 Customer services
Intility processes personal data on behalf of our customers. All such processing is necessary to perform the agreement between Intility and our customers. We have entered into separate data processor agreements that regulate this processing.
If you are an employee/user of an Intility customer, Intility will receive or collect personal data directly from you or your employer. The personal data are processed for several purposes, e.g. customer administration, establishing of user accounts, access control, security and functionality advice and user surveys to improve our services, in accordance with the agreements between us and your employer.
Your employer is data controller for your personal information. Intility assumes that your employer has the right to disclose the personal information to us.
1.4.3 Sale and marketing
We use depersonalized data about you for marketing purposes, e.g. to create target groups for marketing and market analysis. These activities are performed to make our marketing activities more effective and to avoid targeting persons outside the targeting group. Please read more about this processing activity under the chapter “Information capsules (Cookies)”.
When you sign up for a seminar, webinar, talk, etc., we collect your name, employer, position, e-mail address and phone number. The data is stored in our case management system and is used to creating an overview of attendees to the seminars, which business sector they come from and which positions they have. We also use the data to prepare statistics, to improve our seminars and we may use it to contact you to get your feedback on the seminar and/or for other marketing purposes.
Intility has a legitimate business interest in in this processing activity.
1.4.5 When you visit our offices or contact us
When you visit our headquarters in Schweigaards gate 39, Oslo, you are asked to sign in with full name and phone number, and to state the person you are visiting. The registration is confirmed with a SMS. You will be given a generic visitor badge which you must wear throughout your visit. The purpose of the registration is to notify the person you are visiting and for security reasons. The personal data will be depersonalized thirty (30) days after registering.
We have security measures in place at our offices, including CCTV and building access controls. The installation is done according to the Norwegian Data Protection Authority’s guidelines, and recordings are deleted after seven (7) days.
We also process personal data when you contact us via our contact forms or by email.
1.4.6 School visits
When you participate in a school visit, we will ask for your consent to send you information about how to apply for internships and apprenticeship programs. If you consent, we will collect your name, e-mail address and school. The data will be used to send you 2-3 e-mails with information which will be deleted after 12 months. You may withdraw your consent to process personal data at any time. Please use email@example.com for this purpose.
Subsection 1.4.5 also apply to school visits. Students and teachers will be preregistered based on name lists sent from the school.
1.4.7 User surveys
Intility regularly sends surveys to our customers to improve our services. We use the third-party vendor Questback AS for this purpose. Participation in the surveys are voluntary and requires your consent. If you choose to reply to a survey, you are required to state your full name and your employer. The personal data is stored at Questback AS for 24 months before they are automatically deleted.
1.5 Who we share your personal data with
In some cases, we have legitimate grounds for sharing your personal data with other parties, such as the authorities, suppliers or business partners.
When Intility outsources tasks that call for a service provider to process personal data on behalf of Intility rather than for its own purposes, the service provider will normally be a data processor. In such cases, the processing activity is regulated in the data processor agreement between Intility and our customers. We are also required to enter into a data processor agreement with the applicable sub-processors.
Intility also has business partners that we convey services on behalf of. If, for example, your company chooses to lease hardware, and you carry out the order on behalf of the company, we will share your contact information with the leasing company. In such a situation, the leasing company processes the personal data for their own purposes and is therefore considered an independent data controller for the personal data we share with them. The same apply to our broadband and telecom vendors and to delivery services.
1.6 Your rights
You have the right to access and inspect the data that we have stored about you. This applies to data you have provided yourself, data we have obtained from external sources and information about the processing of this data.
If the data we have about you is inaccurate or incomplete, you are entitled to request rectification of the data (within the limits that follow from legislation).
If you find that Intility is storing your personal data unlawfully, you are entitled to instruct us to delete it (“the right to be forgotten”). Please note that we may be required by law to store certain data, including personal data, for purposes such as accounting and reporting to the authorities.
Furthermore, you have the right to object to any processing of your personal data that is carried out to protect legitimate interests, unless such interests take priority over your basic rights or freedoms. You may also ask us to limit the processing, and to have the personal data you have given to us transferred to you or another data controller (data portability). For more information about your rights, see GDPR.EU.
If you would like us to update your personal data, or to exercise your rights, please contact us by email at firstname.lastname@example.org. We are happy to help and will get back to you as soon as possible. Remember that you at any time may withdraw your consent to process personal data. Please let us know about the withdrawal by emailing us at email@example.com.
1.7 Protection of your personal data
Intility continuously seek to ensure that your personal data is protected against loss, destruction, corruption or unauthorized access. We have Intility continuously seek to ensure that your personal data is protected against loss, destruction, corruption or unauthorized access. Our security framework is based on internationally recognized audit standards and is updated regularly in line with technical developments. implemented a range of technical and organizational security measures to protect your personal data. These measures include education and training of relevant staff, administrative and technical controls to restrict access to personal data, technological and physical security measures. Our security framework is based on internationally recognized audit standards and is updated regularly in line with technical developments
For more information about how we work with information security, see Intility Trust Center.
1.8 How long we keep your information
We will hold your personal information on our systems for the longest of the following periods: (i) as stated above); (ii) any retention period that is required by law; (iii) as long as necessary for the relevant activity or services.
If you have given us your explicit consent to process data, e.g. to send you newsletters, we will hold your information until you withdraw your consent, until we change/close down the activity/services or for as long as necessary for the relevant activity or services.
If you have questions or concerns regarding our processing of personal data, please contact Intility’s privacy team (firstname.lastname@example.org). You also have a right to complain to the Norwegian Data Protection Authority if you consider that we have breached the data protection legislation. Before filing such a complaint, we encourage you to first contact our privacy team. If you do choose to contact the Data Protection Authority, please see their webpages for more information: www.datatilsynet.no.
Information capsules (Cookies)
The following cookies are used on our websites:
|Generelt for våre nettsteder|
|Cookies||Purpose||Collected data||Data controller||Data processor||Retention period|
|Cookies-Directive||Information that user has read the cookie consent banner. Used to avoid showing the consent information when user navigates through the pages.||The cookie is set when user closes cookie consent banner.||Intility AS||6 months from date of visit|
|C||Improve website (performance)||Determines whether cookies are enabled in the browser||Intility AS||Adform.net||60 days|
|_ga||Allows us to count user visits and traffic sources so that we can measure and improve the site performance using Google Analytic services.||Used to distinguish unique users||Intility AS||Google Analytics||2 years|
|_gat||Allows us to count user visits and traffic sources so that we can measure and improve the site performance using Google Analytic services.||Used to throttle the request rate/limits the number of requests that have to be made to Google Analytics||Intility AS||Google Analytics||10 minutes|
|_gid||Improve website (generate statistical data on how the visitors uses the website)||Used to distinguish unique users||Intility AS||Google Analytics||24 hours|
|uid||Improve website (with the purpose of displaying targeted ads).||Collects anonymous data related to the user’s visits to the website (unique user-ID), such as number of visits, average time spent on the website and what pages have been loaded.||Intility AS||Adform.net||2 months|
|cid||Improve website (with the purpose of displaying targeted ads).||Cookie id (legacy), samme as unique user ID.||Intility AS||Adform.net||2 months|
|.wmx||Basic webshop functionality||Session cookie; used to offer shopping basket function across several pages, language, list sorting, etc.||Intility AS||WebMercs (Data Design AS)||14 days|
Your browser automatically sends information to Intility’s servers every time you ask to see a page. This information may include what kind of browser and version you are using and your IP address. For every page displayed, various information, including date and time, the previous page you visited, what page you are visiting now, etc. is also stored.
Statistics and analyses - third party cookies
None of the above details will be used to identify individuals. Intility uses depersonalized information to generate general statistics indicating for example what pages are most popular and what kind of information the users are searching for. We use statistics as a tool to improve our services and to make our marketing and advertising in the different channels more relevant to our users.
We use Google Tag Manager to administer marketing tags on our website.
For more information about Google’s services, see https://policies.google.com/technologies/partner-sites. If you have a Google-account, you may also alter personal advertising settings here: https://myaccount.google.com. You can also use Google Analytics Opt-out Browser Add-on to prevent Google Analytics from using your data.
Facebook pixel is an analytics tool that allows us to measure the effectiveness of our advertising by understanding the actions users take on our website, i.e. to optimize ads and build targeted audiences for future ads. The purpose is to ensure that our ads are shown to the audience we desire to reach.
The Facebook pixel is a cookie placed by Facebook on our website. All customer/user data we chose to pass through the pixel is hashed locally on the browser before it goes to Facebook’s server for matching. This hashing process turns the data into short encrypted messages that cannot be tampered with. Facebook uses these hashes to match actions users have taken on Intility’s website with people on Facebook. Then Facebook deletes all matched and unmatched hashes within 48 hours after the matching process ends. Facebook does not share hashed data with other advertisers or third parties.
To opt out, please see https://www.facebook.com/ads/preferences.
LinkedIn insight tag
The LinkedIn Insight Tag gives us further insight about members interacting with our LinkedIn adverts. The cookie enables the collection of metadata such as IP address information, timestamp, URL and events such as page views. All data is encrypted. The LinkedIn browser cookie is stored in a visitor’s browser until the cookie is deleted within 90 days. LinkedIn does not share the collected personal data with Intility but provides us with aggregated reports about our website visitors and the effectiveness of our advertising. We also use the tool to retarget website visitors (without identifying the LinkedIn member).
Sharing of your information
Intility does not sell any of the information generated by use of tracing technology like cookies. Be aware, however, that our websites may contain links/pointers to other external websites that are not controlled by Intility. Intility is not liable for data protection handling on external websites.
How do you administer or delete information?
You can block and delete cookies by adjusting your browser settings. Please note that this may impact website functionality and user experience. You can learn how to change your preferences and control cookies by visiting the website AboutCookies.org.
Andreas Hisdal, 12/09/2019
Chief Executive Officer