The data protection legislation (GDPR – General Data Protection Regulation) is intended to make certain that each individual's data is protected. This means that personal data is to be processed in a way that ensures integrity and confidentiality in accordance with both the legislation and the individual's best interests.
LINK arkitektur tries to safeguard the above through its processing of personal data. We will only use personal data for purposes that are objectively justified by our operations, and the personal data will be processed in accordance with our personal-data framework, which meets the requirements of the Norwegian Personal Data Act (hereinafter called prevailing legislation).
LINK arkitektur processes personal data regarding employees, potential employees and the employees of customers, suppliers and other stakeholders. We also process information on persons who are not employed or hired by LINK arkitektur.
LINK arkitektur will ensure that personal data is processed satisfactorily, fairly and lawfully, and will only use such information for stated and legitimate purposes in accordance with relevant legislation.
LINK arkitektur will therefore only process personal data when such processing is necessary for us to be able to run our business, provide services or safeguard other legitimate business interests, or comply with legal requirements or agreements, or when consent has been granted. Personal data will not be stored for longer than is necessary to achieve the purpose of the processing.
LINK arkitektur will ensure satisfactory information security relating to confidentiality, integrity and accessibility.
External service providers may process personal data on behalf of LINK arkitektur. We have reasonable and sufficient measures in place to ensure that personal data is processed in accordance with our personal-data framework.
LINK arkitektur also processes information on persons who are not employed or hired by LINK arkitektur for the following purposes:
Cases linked to purchases
LINK arkitektur processes personal data that is necessary for purchasing goods and services from suppliers and contractors.
Integrity Due Diligence
LINK arkitektur may use the Integrity Due Diligence (IDD) process established by the parent company. The IDD process consists among other things of gathering information that helps us to understand who our potential business partners are, their values and how they run their businesses. In most cases we make use of a Business Partner Declaration and executed partner agreements. In some cases, IDD may also include the processing of personal data. For further information on our IDD process, contact firstname.lastname@example.org or GDPR@multiconsult.no
Ethics and integrity
LINK arkitektur has a whistleblowing portal where anyone can report concerns and assumed or potential breaches of legislation or the company's guidelines. This portal is open to all. More information on the ethics helpline is available here.
LINK arkitektur communicates externally and internally with the general public, specific target groups and individuals. Examples of communication activities carried out by us or third parties are: the distribution of newsletters, press releases and company reports, optimisation of websites, holding of events and meetings, handling of user-initiated dialogues, information to public authorities, carrying out of surveys, and communication using social media.
LINK arkitektur processes personal data for recruitment purposes in order to ensure that we hire qualified candidates. In such cases, the processing of personal data complies with prevailing legislation.
Gathering of personal data
LINK arkitektur can gather the following personal data in connection with its operations:
- Contact information, such as names, addresses, telephone numbers and email addresses;
- Details about a person's work experience, job, qualifications, date of birth and driving licence;
- Screening-related information;
- Business information, including the name of persons in relevant positions in a company and information on the company; and
- Information on preferences relating to marketing and other activities.
Personal data may be gathered in various ways, including:
- Directly by LINK arkitektur personnel when a business relationship is established or via operational activities;
- From a customer, supplier or other stakeholder, from a publicly available source of information (for example a website) or from an employer (for example when a supplier or contractor provides personal data relating to its employees);
- Through LINK arkitektur's website; or
- Directly provided by a person
Transfer of personal data
LINK arkitektur will also ensure that the European regulations on the transfer of personal data across national borders are complied with when such information is transferred to external processors of data located outside the EU/EEA.
How to exercise your rights as a registered person
Prevailing legislation governing the processing of personal data assigns rights to registered persons. In certain cases, such registered persons are entitled to demand information about the personal data gathered about them and to have their data corrected or deleted and/or to have the processing of their data limited unless specific legal factors apply.
If you have any questions or wish to exercise your rights, please fill in the following form.
Changes to this privacy notice
We update our privacy notice from time to time. If such an update is insignificant, we publish the updated version without any separate announcement. If the changes are significant and affect your rights or the way in which we process personal data, we will announce this separately on our website. So make sure to check this privacy notice at regular intervals.