Personal data protection is about the right to privacy and the right to decide on your own information. The General Data Protection Regulation is a law aimed at protecting individuals against the violation of privacy through the processing of personal data. StS gruppen undertakes to safeguard the privacy of our employees and everyone we do business with when processing personal information.
The Managing Director has overall responsibility for the processing of personal data, but the daily follow-up of processing and compliance is delegated to the HSEQ manager
- Personal information about employees for the purpose of fulfilling obligations under law and agreement
- Personal information about course participants with the purpose of registering certified competence and invoicing
- Personal information about contacts from customers and suppliers with the purpose of fulfilling and following up contracts
- Personal information about contacts from potential customers, suppliers and other stakeholders for the purpose of future partnership or fulfillment of other duties.
Processing of personal data and storage time
We will only use personal information for the purpose we have described in the business and as soon as we no longer have required purpose for treatment of the information, it shall be deleted.
Purpose for treatment
Our processing of personal information about employees is based on both legal obligations and legitimate interest. The legitimate interest is based on the need to process personal information with regard to personnel management and personnel mobilization.
Our processing of personal information about course participants is based on legitimate interest. We need to process the information to perform the service by registering certified competence and invoicing external course customers.
Our processing of information about current and potential customers and suppliers, as well as other stakeholders, is based on legitimate interest. This means that we need to keep in touch to effectively track up offers, orders and deliveries or other agreements or obligations.
Recipients of personal information
As our business entails travelling for a large part of our employees, we need to share personal information with our customers in order to mobilize our employees for different projects.
When course participants have completed courses, personal information is reported to the relevant certification body, such as SOFT Certification, for certification of personnel and issue of course certificates.
If it is appropriate to share personal information about employees with recipients in countries outside the EEA, this is done in accordance with Chapter V of the Regulation “Transfer of Personal Information to Third States or International Organizations”.
Personal information about contacts with both current and potential customers, suppliers or stakeholders is not disclosed to recipients outside of the business.
External data processors may process personal data on behalf of us. Suppliers of IT systems, systems for personnel management and travel reservations are examples of this. In cooperation with such processors, we will, in accordance with law, ensure personal information and the processing of these.
What are your rights?
As registered you are entitled to:
- Request access to the information stored about you
- Ask for correction of information that is incorrect
- Request deletion of information
- Ask for limitation of treatment
- Protest against data being processed
- Ask for disclosure of information to yourself or others
- Retract given consent for treatment
- Complaints to the Norwegian Data Protection Authority (or similar body in where you live or violations have occurred) on the processing of personal data
StS-ISONOR shall answer questions within a month without undue delay.
For questions or inquiries regarding your rights please contact firstname.lastname@example.org
This website gathers information on all user sessions.
What it is and how it works
We use this data to record how you use the website, including which buttons you click, where you navigate to, how long your session is, which we browser you’re using etc. This enables us to customise the content and appearance of the website, giving you a better experience when browsing the web.
Most web browsers (Chrome. Firefox, Edge, Safari, etc.) accept cookies by default, but you can manually change the settings of your browsers to decline cookies. Note however, that most websites will cease to function properly if you do so.
Google Tag Manager
What’s stored: Navigation and certain actions on the website (e.x. «Add to cart» on an ecommerce site). The information is anonymized, and no personally identifiable information is stored.
Facebook Pixel is an analytics tool used to measure and record the effectiveness of Facebook advertising. This information is used to:
- Ensure that the right ad is displayed to the right user
- Build ad audiences
- Enable further Facebook ad tools
What’s stored: Which ads the user has been exposed to on Facebook, which sites the user has visited and successful conversions (made an order, submitted a contact form, etc.).
Hotjar records the user’s interactions on the website to help us understand how visitors experience the site. The Hotjar-script is a websocket connection that sends the following information to the Hotjar servers:
- Changes in the HTML code
- Mouse movements
- Mouse clicks
- Scrolling information
- Keyboard inputs for white-listed events (i.e. non-identifiable inputs)
- Statistics on viewport size, browser type, country of origin, etc.
Each tracked event is stored in Hotjar’s cloud database and is timestamped. This enables the sequential playback of the session’s events. No personally identifiable information is collected or stored.
Tracking pixels are used to track conversions and to provide a tailored ad experience. No personally identifiable information is collected or stored.
Matomo is an analytics tool used to measure traffic and usage patterns on the website.
Collection of information
Services collect information through form(s) on the website. Submitting personal information through these forms is optional. If you choose not to do so, we may be prevented from providing you certain services/products.
Examples of forms:
- Contact forms
- Request forms for accessing a product or service
- Ecommerce forms for ordering a product or service
- Registration forms for webinars, courses or seminars
- When downloading documents
- Registration forms for subscriptions to newsletters or blogs
Purpose of the information collected:
- To provide the user with access to products or services
- To provide the user with relevant information
- To collect contact information for follow-ups
How to delete cookies
By default, most browsers are configured to accept cookies. You can easily delete or reject these by following the instructions specific to your browser. You can find these instructions under the «Help» section of your browser’s settings. Be aware that restricting the usage of cookies may adversely affect your browsing experience.
Cookie removal instructions:
- Internet Explorer