Skip to Content Skip to Navigation

Privacy policy

This privacy policy contains information which you are entitled to receive under prevailing privacy legislation and which is necessary for you to be able to protect your rights in line with that legislation.

Privacy policy for Beerenberg Services AS

1. What is personal data?

2. Who is the data controller?

3. What is the purpose?

4. What is the legal basis?

5. Which personal data will be processed?

6. Where is the information taken from?

7. Will the information be shared with third parties?

8. How is the information deleted and archived?

9. How is the information kept safe?

10. What are the rights of the data subject?

11. Contact information

12. Changes to this policy

This privacy policy contains information which you are entitled to receive under prevailing privacy legislation and which is necessary for you to be able to protect your rights in line with that legislation.

Beerenberg Services AS (“Beerenberg”) owns the websites www.beerenberg.com and www.benarx.com (included benarx-ecommerce.com). This privacy policy explains how and why we collect and use personal data from this website. In addition, you will also find information about how we process personal data that has not been generated from our website. A separate privacy policy applies to our employees’ personal data. That policy is available on our intranet.

Please note that the websites www.beerenberg.com and www.benarx.com (included benarx-ecommerce.com) may contain links to websites owned and managed by other companies. Beerenberg has no access to and does not process personal data collected on these websites unless otherwise specified in this policy. Beerenberg is not responsible for the processing of personal data by others unless the processing has taken place on our behalf by agreement with Beerenberg.

1. What is personal data?
Personal data is information or assessments that can be linked to an individual or a small group of people. Names, telephone numbers, addresses and email addresses are examples of what is considered personal data.

2. Who is the data controller?
Beerenberg Services AS and its managing director act as the data controller for the company’s processing of personal data. This makes them responsible for the personal data processed when you visit our website, amongst other things.

3. What is the purpose?
The nature of Beerenberg’s business requires us to process personal data as part of our day-to-day operations. Such processing serves a variety of purposes, and we receive personal data in a variety of ways. Personal data is processed in connection with services such as newsletter distribution, responding to incoming queries, registration for courses and events, and when recruiting for vacancies where applicants submit their applications with CVs etc. via our systems.

One important part of creating a user-friendly website is to examine the user patterns of our visitors. We use Google Analytics to analyse the information. Google Analytics uses cookies (small text files saved by the website on the user’s computer), which record the user’s IP address and provide information about individual users’ online movements. Examples of what the statistics can tell us are: how many people are visiting the different pages, how long their visit lasts, which website the user comes from, and which browsers they use. None of the cookies allows us to link information about your use of the website to you as an individual.

The information collected by Google Analytics is stored on Google’s servers in the USA. The information it receives is subject to Google’s privacy policy.

An IP address is defined as personal data because it can be traced back to specific hardware and therefore also to an individual. Beerenberg uses Google Analytics’s tracking code, which anonymises the IP address before the information is stored and processed by Google. The stored IP address can therefore not be used to identify individual users.

4. What is the legal basis?
Beerenberg’s legal basis for processing personal data belonging to visitors to our website is primarily Article 6 (1) of the General Data Protection Regulation. The clause spells out multiple legitimate grounds for the processing (a–f). The alternative applicable to our processing of personal data in each specific case depends on what kind of personal data it is and how we will be using it.

Here is a list with examples of personal data that we process as part of our business along with the purpose and legal basis of the processing:

  • You have signed up for our newsletter. Our legal basis for processing your personal data would then be your consent, see Article 6 (1) (a) of the General Data Protection Regulation.
  • You have registered as a job applicant. Our legal basis for processing your personal data would then be to take steps at the request of the data subject prior to entering into a contract, see Article 6 (1) (b) of the General Data Protection Regulation. If your application contains certain categories of personal data, our legal basis would be Article 9 (2) (b) and (h).
  • You have left encrypted electronic tracks on our website (see Sections 3 and 5 for further explanations). Our legal basis for processing your personal data would then be out of necessity to pursue legitimate interests which override the right to privacy of the individual, see Article 6 (1) (f) of the General Data Protection Regulation. The legitimate interest is to improve the content and services on our website.
  • Information about employees of our clients, partners and suppliers. Our legal basis for processing such personal data would be out of necessity to pursue legitimate interests which override the right to privacy of the individual and compliance with a legal obligation, see Article 6 (1) (c) and (f) of the General Data Protection Regulation. The legitimate interest is to establish or manage a business relationship with Beerenberg and to manage contract workers. If we collect special categories of personal data (e.g. health information about contract workers for the purpose of infection control), our basis for process is GDPR Article 9 (2) (b) to ensure a satisfactory working environment under Section 4-1 of the Working Environment Act and Article 9 (2) (j) concerning public interest.
  • Information registered about visitors to our premises. Our legal basis for processing such personal data would be out of necessity to pursue legitimate interests which override the right to privacy of the individual, see Article 6 (1) (f) of the General Data Protection Regulation. The legitimate interest is to ensure controlled access to Beerenberg’s premises and protect security in the event of an evacuation. If we collect special categories of personal data (e.g. health information on contract workers for the purpose of infection control), our basis for process is GDPR Article 9 (2) (b) and (j).
  • Information about our course participants. Our legal basis for processing such personal data is to fulfil a contract with the data subject, see Article 6 (1) (b) of the General Data Protection Regulation.
  • Information about persons named as our employees’ next-of-kin. Our legal basis for processing such personal data is out of necessity to pursue legitimate interests which override the right to privacy of the individual, see Article 6 (1) (f) of the General Data Protection Regulation. The legitimate interest is to be able to give notice if one or more of our employees are involved in an incident where the next-of-kin must be notified. For the same reason, we disclose the contact information of next-of-kin of employees working on installations to the client in question.
  • Information concerning various background checks on potential partners where, in addition to contact information, we may collect information such as role, political position and inclusion in sanction lists to ensure compliance with Norwegian and international obligations regarding anti-corruption, anti-money laundering, sanctions and human rights. Our legal basis for processing such personal data is compliance with legal obligations, pursuing legitimate interests, and establishing, exercising and defending legal claims, cf. GDPR Article 6 (1) (c) and (f).
  • Information pertaining to whistle-blowing by employees or contract workers. This may include all categories of personal data, including special categories of personal data. Our legal basis for processing such personal data is that it is necessary to comply with a legal obligation, cf. GDPR Article 6 (1) (c) and Article 9 (2) (b).

5. Which personal data will be processed?
Beerenberg processes both personally identifiable information and non-personally identifiable information about visitors to our website. Personally identifiable information is information that identifies you as an individual, e.g. your name. Non-personally identifiable information is information and other data that does not reveal your personal identity.

Personally identifiable information processed by Beerenberg includes:

  • Name, email address and company name when issuing newsletters.
  • Name, telephone number and email address in connection with queries addressed to us via the contact form on our website.
  • Name, email address, date of birth and name of employer (and any relevant CVs / course certificates / images) when you sign up for one of our courses.
  • In the case of contract workers, we process personal data such as names, national ID numbers, email addresses, CVs, certificates, next-of-kin, time sheets etc.
  • If you are applying for a vacancy advertised on our website, we need to record additional and more detailed personal information about you, including your national identity number and nationality. The data processor of this information is HR Manager AS, Bygdøy Allé 23, org.no. 985519854. The system for processing job applications uses different sets of cookies, including session cookies necessary to identify the users and enable them to log into the system to update their CV or apply for vacancies. Further information about the processing of personal data when applying for a vacancy with us can be found by clicking the link on the application form.
  • When you visit the Beerenberg website your IP address is automatically logged. The IP address is not linked directly to you as an individual; it is anonymised and used solely for analytical purposes. The information we use includes how many visitors there are to different parts of our website, the duration of each visit, any use of the search function on the website, and which website the visitor comes from. This allows us to develop ever better and more user-friendly services.
  • Cookies
    Cookies are small parcels of information (text files) which the website asks your browser to store on your computer or mobile device. This allows the website to remember your actions or preferences over time. Most browsers automatically accept cookies. You can always choose not to accept a cookie by changing your computer’s settings to reject cookies or ask you to accept individual cookies, although this may limit functionality. This setting is seen as consent if it makes it clear that the user expresses their consent to the use of cookies. This also applies if your browser is pre-programmed to accept cookies. If you do not want Beerenberg to collect anonymised data from you, you can opt out of such collection on Google Analytics or by adjusting the security settings on your computer. Read more about opting out of Google Analytics registration.

6. Where is the information taken from?
The personal data processed via our website is obtained from the users themselves. Identifiable personal data has to be actively registered, while non-personally identifiable data is logged automatically from IP addresses. Disclosing identifiable personal data is voluntary. If you do not actively register your data, Beerenberg will not process any other personal data than non-personally identifiable data identified from IP addresses.

Personal data may be collected from information provided by you, from employees in the course of day-to-day business, or from another employer (e.g. a supplier discloses information about personnel being contracted to Beerenberg).

7. Will the information be shared with third parties?
We will not disclose your personal data to third parties unless required to do so by law. A lawful disclosure will typically be an agreement with you or a statute requiring us to disclose the information.

Personal data registered via our website in connection with applications for vacant positions at Beerenberg will be transferred to HR Manager AS. Information about which data has been registered and how it is being used is provided on our digital job application form. Additional information can be obtained by contacting HR Manager AS (info@hr-manager.net).

Non-personally identifiable information will be submitted to Google Analytics, see further information in Sections 3 and 5 above.

8. How is the information deleted and archived?
Beerenberg does not process or store personal data for longer than is necessary to fulfil the purpose the data is meant to serve or for longer than has been agreed or stipulated in prevailing legislation. The data subject may at any time ask us to delete their personal data. Requests for deletion will be met by Beerenberg unless the deletion is incompatible with the legal basis for or the purpose of processing the personal data in question.

Personal data is archived electronically and/or physically in our systems or in the systems of our subcontractors. Beerenberg strives – and requires its subcontractors to strive – to always store personal data in the most appropriate way using methods to ensure that the data does not go astray, is not misused or lost.

9. How is the information kept safe?
As the data controller, Beerenberg has the overall responsibility for ensuring that your personal data is processed and stored securely both by Beerenberg itself and by subcontractors processing personal data on our behalf. This means that we will always seek to use technical and organisational solutions capable of providing a satisfactory level of information security. For security reasons we are unable to go into details about which measures we have taken in this respect. However, on a general basis we can confirm that we rely on employee confidentiality, access control and system monitoring in relation to the processing of personal data.

10. What are the rights of the data subject?
You are entitled to request access to, rectification or erasure of the personal data we hold on you. You are also entitled to demand restricted processing, to object to the processing and to demand data portability. You can read more about these rights on the Norwegian Data Protection Authority’s website: www.datatilsynet.no.

Contact information for this type of request can be found at the end of the policy.

If you believe that the way we process personal data is inconsistent with the procedures described here or that we are otherwise in breach of privacy legislation, please contact us immediately. You may also complain to the Norwegian Data Protection Authority.

You may withdraw your consent to us processing your personal data at any time. The easiest way to withdraw your consent is to unsubscribe from the newsletter or contact the data controller.

Beerenberg is a Norwegian company subject to Norwegian law. Any disputes over our processing of personal data falls under the jurisdiction of Bergen District Court unless otherwise dictated by mandatory law.

11. Contact information
Any questions about this privacy policy and/or our processing of personal data can be sent by email to gdpr@beerenberg.com or by letter to Beerenberg Services AS, P.O. Box 273 Slåtthaug, 5851 Bergen, Norway.

12. Changes to this policy
Beerenberg reserves the right to amend or update this privacy policy. Any amendments come into force from the moment they are published on our website. We recommend that you review the privacy policy from time to time.

Back to top