PRIVACY POLICY FOR CLIENTS, SUPPLIERS, ETC. IN THE SMART RETUR GROUP
When you use our website, contact us or use our services, etc., companies in the Smart Retur Holding AS group will process personal information about you.
This includes the following companies:
- Smart Retur AS
- Smart Retur Norge AS
- Smart Work AS
- Smart Retur Danmark AS
- Provipal Aps
- Smart Wash AS
- Smart Retur Sverige AB
Below, you will find more information about personal data that is collected, why we do this and your rights related to the processing of personal data.
1. Data controller/contact us
The data controller for your personal data is the individual Smart Retur company, C/O the managing director. We are responsible for ensuring that your personal data is processed in accordance with this Privacy Policy and applicable privacy legislation.
Contact information:
Smart Retur in Norway - Headquarters: Fugleåsen 10, 1405 Langhus, Tel: +47 97567000
Smart Retur in Denmark: Engelsholmsvej 28, Randers, Tel: +45 40229788
Smart Retur in Sweden: Transportgatan 17, Hisings Backa, Tel: +46 (0)42-400 40 45
For questions you may have about our processing of your personal data, please contact the Managing director/CEO by e-mail address: post@smartretur.no
2. Who do we process personal data about
Through the provision of our services and products to companies, we will process personal data about:
- Contact persons at business clients
- Contact persons at our suppliers and partners
- Persons involved in the services we provide
3. What data do we collect and what is the basis for collection
We collect and use your personal data for different purposes depending on who you are and how we come into contact with you. We collect the following personal data for the purposes stated herein:
- Use of our services. In order for us to be able to provide you with our services, we depend on you registering your personal data, including through our user portal. Thereby, we register and process data such as name, e-mail address, location address, mailing address, telephone number used to manage your business or client/supplier relationship, as well as ordering, delivery, invoicing and follow-up of our services. The processing of personal data is necessary for us to be able to fulfil our agreement with the company you are part of, cf. the GDPR, Article 6, letter b.
- Marketing. We distribute newsletters and other information to e-mail addresses registered in our client database and others who have consented to receive such information. Recipients of the newsletter can easily unsubscribe from the service by sending an e-mail to post@smartretur.no. If there is an existing client relationship, the marketing will take place in accordance with Section 15 (3) of the Marketing Control Act. The processing is based on a balancing of interests pursuant to the GDPR, Article 6 no. 1, letter f.
In other contexts, marketing is based on the consent of the person concerned, cf. The Marketing Control Act, Section 15 (1) and the GDPR, Article 6 no.1, letter a - Other inquiries. Occasionally, we receive inquiries from representatives of businesses, partners or from private individuals by e-mail, telephone or otherwise. In connection with such inquiries, we may process personal data such as name, telephone number, e-mail address, what the inquiry concerns and other information provided in connection with the inquiry. The consequences of not providing such personal data are normally that we cannot process and respond to the inquiry.
The processing is based on a balancing of interests pursuant to the GDPR, Article 6 no. 1, letter f, where our legitimate interest is to be able to respond to the inquiry. If the inquiry results in the establishment of a client relationship, a supplier/cooperation relationship or a recruitment process, the personal data will be processed in accordance with the information provided in Clause 1 or separate privacy policy for recruitment, respectively. - Recruitment for new positions with us: CV, application, certificates and references. See separate privacy policy regarding this.
We may also process personal data for purposes other than those for which they were collected, provided this is not incompatible with the original purpose for which the personal data was collected. This applies, e.g., to storage for accounting purposes or the use of data for other purposes required by law.
4. Collection of personal data
We may collect personal data about you in various ways. First and foremost, personal data is collected directly from you through registration in our web portal or your inquiry with us. Information can also be provided from your business or from others. Where permitted by applicable law, we may also obtain information from other sources such as public databases.
5. Disclosure of personal data to third parties
Our suppliers may have access to personal data if these are stored with the supplier or otherwise available to the supplier in accordance with their contract with us. The supplier acts in accordance with the data processing agreement and under our instructions. The provider may only use the personal data for the purposes determined by us and described in this Privacy Policy.
We may also disclose personal data to other companies within the Smart Retur Group. The basis for this processing is our legitimate interest in transferring personal data within the Smart Retur Group for internal administrative purposes or to share information between users of our web-based customer system for interaction between these actors.
We may disclose personal data in other cases where there is a sufficient basis for it, e.g., in correspondence with the courts, public authorities, counterparties, etc.
We do not disclose personal data in other circumstances or in other ways than those described in this Privacy Policy unless the client explicitly encourages or agrees thereto or the disclosure is required by law.
6. Transfer of personal data abroad
Your personal data may be transferred abroad. Smart Retur is currently established in Norway, Sweden and Denmark. Transfers within the EU/EEA are governed by the same privacy legislation.
As a general rule, we do not transfer personal data outside the EU/EEA. In the case of disclosure outside the EU/EEA, separate agreements will be entered into based on the EU's standard clauses for safeguarding privacy.
7. Storage of personal data
We will retain your personal data for as long as necessary to fulfil the purposes for which it has been collected.
This means, e.g., that personal data we process on the basis of your consent will be erased if you withdraw your consent. Personal data we process to fulfil an agreement with you, or a service, will be erased when the agreement/service is fulfilled and all obligations arising from the agreement are fulfilled.
8. Your rights
Your privacy rights:
Information. You have the right to request further information about how we process your personal data.
Access and correction. You have the right to access the personal data we process about you. You may at any time request access to personal data processed about you, or request us to correct, update or change your personal data. Cf. articles 15 and 16.
Erasure. You may request erasure of data that we no longer have grounds for storing. However, please note that certain data is strictly necessary to fulfil the purposes set out in this Privacy Policy and may also be required by law. Such personal data cannot therefore be erased. Cf. Article 17 et al.
Withdraw your consent. In the event that our processing of personal data only takes place based on your consent, you may withdraw your consent to the processing in question at any time.
Limitation. To the extent required by applicable Personal Data Act, you have the right to limit the processing of data. Cf. Article 18.
Objection. You may object to our use of your data, cf. Article 21.
Data portability. You have the right to request that your data be transferred to you or to another company in a structured, commonly used machine-readable format. Cf. Article 20.
The above requests may be sent to us using the contact details in Clause 1.
Complaints. If you believe there is a problem with the way we process your personal data, you have the right to lodge a complaint with your national supervisory authority in the EU/EEA. In Norway, the Norwegian Data Protection Authority is the supervisory authority. www.datatilsynet.no
9. Security
We take your personal data seriously and have implemented the necessary security measures
to protect your personal data from loss, destruction, misuse, and unauthorised access or disclosure. For example, we restrict access to personal data to authorised employees and suppliers who need the information in connection with their job duties.
Please note that no security system can prevent every conceivable security breach, although we strive to maintain the necessary level of security for personal data.
10. Cookies
When you visit our website, some cookies are stored on your device (mobile, PC, etc.) Cookies are small text files that, among other things, enable improvements of the user experience and analyse the use of our websites. We do not associate cookies with you as an individual. For us, this is anonymous information. Information processed is cookie id, type of device, type of browser and IP address is anonymised. You consent to the use of cookies as long as you do not opt out of this, including through your browser.
11. Changes to this Policy
We may make changes to this Privacy Policy from time to time. You will always find the updated version of the Privacy Policy on Smart Retur's website.