Processing of personal data (privacy statement)
Diller will in connection with services that we provide and our business process personal information. All our processing of personal data takes place in accordance with the privacy rules in force at any given time, including the Personal Data Act and the Privacy Regulation (GDPR).
This statement describes the background for Diller’s processing of personal data, as well as the background for the processing and the rights of the data subjects (ie the persons to whom the data relates) in the processing of the personal data. The statement applies to users of Diller’s solutions and suppliers and partners with Diller, and who have not received information in any other way about the processing.
Below is an overview of our processing of personal data in connection with our business, as well as the background for the processing and the rights of the data subjects (ie the persons to whom the data relates) in the processing of personal data. The information here applies to persons who are not employed by our company.
If you have questions or want to know more about our processing of personal information, you can contact us – see contact information at the bottom of this page.
Processor and Data Processor
Diller is responsible for the processing of all treatment discussed below. Contact information for Diller can be found at the bottom of this statement.
Our processing as a data controller is based on the business we conduct and the purpose of our business, see more below about the purpose of processing personal data.
Below are the cases where personal data is normally processed, where Diller is responsible for processing the personal data (ie it is Diller who has determined the purpose and means of processing).
For the processing of personal data about loyalty customers, members and others that apply to Diller’s customers, or if Diller processes personal data on behalf of another data controller, Diller is the data processor. It will be specified in the statement whether Diller is a data processor, or Diller will inform about this by inquiry. In such cases, it will be the data controller who will inform about the processing, which by partners of Diller, ie those to whom Diller provides services, e.g. to establish loyalty and membership programs. If Diller is a data processor, information about the processing of personal data may be informed by the data controller, but there is some information about such processing in the declaration.
We may also process personal information in other ways than those mentioned below, but then we will inform the data subjects in other ways than through this privacy statement.
Personal information processed by Diller
Diller processes personal information about people who are in contact with us, either as customers, suppliers or in other contexts to the extent that such processing is necessary for the purpose of the contact with us.
Below is a list of personal data we process, the purpose of the processing, how long we process the personal data, the basis for the processing, whether the data is handed over and / or transferred to countries outside the EEA area.
Processing of personal information about users of Diller
Diller collects and processes personal information about end users (members) of services that Diller offers to its affiliates. The partners are responsible for processing here, see above, and Diller is the data processor.
Diller is responsible for processing behavior patterns and security logging on the websites of partners that are done for security reasons, development of the service, and statistics. Processing takes place on the basis of the Privacy Ordinance Article 6 No. 1 letter f. We consider that we have a right to register and process behavioral patterns and log usage, and that processing of this type of information is not so intrusive that the privacy of the individual user must override this treatment.
Contacts with existing and potential suppliers and partners
Diller processes personal information about contact persons at existing and potential suppliers and other partners to manage our relationship with suppliers and others, prepare, implement and document services and evaluate the use of services.
The processing of personal data is based on the Privacy Ordinance Article 6 No. 1 letter f, and we consider that we have a legitimate interest in managing the relationship with our partners and suppliers, and that and that the processing of this type of data is not so intrusive that the privacy of the persons concerned must override this treatment. We also store and disclose information where we have a legal obligation to do so, for example in accordance with accounting and tax legislation. We may store information for as long as we believe it may be used, for example to document matters relating to services.
In many cases, it will be necessary for us to obtain personal information in order to enter into agreements with customers and suppliers, among other things to document that an agreement has been entered into. If we do not receive the information we need, we will not be able to enter into agreements.
It is voluntary for the contact persons if they wish to provide us with personal information. If we collect personal information from others, it will mainly apply to contact information (including name, address, telephone number and e-mail address), position, function and employer, as well as any competence and references where relevant. The source for such information will be the contact person’s employer, for example from the employer’s website. In some cases, we collect references from others to assess the suitability of suppliers and partners.
Diller will store the information until the supplier relationship ends or until the contact person ceases to be the contact person, with the exceptions mentioned above.
Contact with others
Diller will process personal information about those who contact us to answer and document the communication. This applies to all forms of communication, physical and digital, written and oral.
The processing of information is based on the Privacy Ordinance, Article 6, No. 1, letter f. We have considered that it is in our legitimate interest to have contact with the outside world as part of our business and to document the business we run, as well as to answer those who contact us and register such contact. We have assessed that this is necessary for us to handle inquiries we receive, and that the data subjects’ privacy does not take precedence over these interests.
It is voluntary to provide us with personal information, but it will be necessary to provide us with the information in order for us to be able to answer inquiries.
We process the information until we expect that there will be no further follow-up of the contact, normally for two years.
Use of Websites
We process personal information collected on our website on the basis of the Privacy Ordinance Article 6 No. 1 letter f. We have assessed it as necessary for us to do so in order to adapt the website to our users. However, we safeguard the privacy of visitors to the website by only using the information for statistics. In these statistics it is not possible to identify individuals.
We use the information collected to improve the customer experience on websites and services, as well as to offer functionality in the services. We also use the information to provide visitors with recommendations and service adjustments that are as relevant to you as possible. This will both be given on the basis of visitors’ behavior, e.g. on the basis of services used, links clicked on, or information read, and on the basis of the behavior of other users with similar usage patterns.
The personal information is also used to improve our websites, and to compile statistics and understand the use of the pages. As far as practicable, we try to do this with anonymous information, without knowing that the information is specifically related to the individual visitor.
Disclosure and transfer of personal information
Diller does not pass on personal information to others in cases other than those mentioned in this statement and unless there is a legal basis for such disclosure. Examples of such a basis will typically be an agreement with or consent from the data subject or a legal basis that requires us to release the information.
Diller uses data processors to collect, store or otherwise process personal information on our behalf. In such cases, we have entered into agreements to ensure information security in all stages of the processing.
All processing of personal data that Diller carries out will take place within the EU / EEA area, but it will be that we use suppliers or process personal data outside the EU / EEA area. In such cases, the transfer and processing outside the EU / EEA area will take place in countries approved by the EU Commission, in accordance with a valid legal basis for the transfer of personal data.
Personal information may in some cases be disclosed to public authorities. Such extradition will only take place if we are required to do so in accordance with applicable laws and regulations.
Processing and storage time (deletion)
Diller stores personal information for as long as is necessary for the purpose for which the personal information was collected, and deletes the information in accordance with requirements in the regulations. How long we process the individual types of information we process is included in the above where the individual treatments are discussed.
Instead of deleting the personal data, in some cases it may be relevant to anonymise the personal data. By anonymisation is meant that all identifying or potentially identifying characteristics are removed from data sets that are taken care of.
Your rights when we process personal information about you
The rights below apply where Diller is responsible for processing. For claims for the use of rights where Diller is the data processor, the claim will be forwarded to the data controller. You can read more about these rights on the Data Inspectorate’s website: www.datatilsynet.no .
Right of access, correction and deletion
Those about whom we process personal data have the right to demand access, correction or deletion of the personal data we process.
In order to exercise your rights, as for access, you must contact us using the contact information included above in this statement. We will respond to your inquiry to us as soon as possible, and within 30 days. If it takes more than 30 days, you will be notified.
As a registered user, you can also ask us to correct incorrect information we have about you or ask us to delete personal information. You can delete information on My Page by deleting your profile. We will as far as possible accommodate a request to delete personal information, but we can not do this if we still need the information, for example that we must store the information for documentation reasons related to claims or accounting.
If necessary, we will ask you to confirm your identity or provide additional information before we allow you to exercise your rights against us. We do this to make sure that we only give access to your personal information to you – and not someone who pretends to be you.
Right to restrict processing
You also have the right to have the treatment restricted in certain cases, see Article 18 of the Privacy Regulation.
The right to data portability
For information about you that is based on consent or necessary to carry out an agreement with Diller, and which is processed automatically (ie not manually by Diller), you can request that the personal information about you be handed over or transferred to another supplier in a structured , commonly used and machine readable format (data portability).
Automated decisions, including profiling
No automated decisions will be made as mentioned in Article 22 (1) and (4) of the Privacy Regulation based on your personal information.
The right to complain to a supervisory authority
If you believe that our processing of personal data is not in accordance with what we have described here or that we in other ways violate the privacy legislation, then you can complain to the Data Inspectorate.
You will find information on how to contact the Data Inspectorate, see more on the Data Inspectorate’s website: www.datatilsynet.no .
Should there be a change in our processing of personal data or changes in the regulations on the processing of personal data, it may lead to a change in the information provided here. If we have your contact information, we will notify you of these changes by contacting you. Otherwise, updated information will always be available on our website.
You have the ability to prevent us from placing cookies in your browser. Many browsers or devices are set to accept cookies automatically, but you can choose to change the settings yourself so that the cookies are not accepted. The disadvantage of disabling cookies in your browser is that the web pages will not work optimally. The reason is that the purpose of most cookies we use is to provide just functionality on the services.
We also use tools other than cookies to obtain information about your IP address, the type of browser you use, your broadband provider, operating system, date and time of website visits and services. We use this information to analyze trends so that we can make the website and services more user-friendly.
What types of cookies do we use?
Cookies on our website can be divided into four categories:
Some cookies are essential for the operation of our website. For example, cookies will allow us to identify users so that they can log in to their accounts. If you choose to disable cookies, you will not be able to access your account.
We use functionality cookies to remember your preferences. For example, to remember any changes you have made to your account settings preferences. We may also use functionality cookies to provide you with other services, such as allowing you to view video clips on our website.
We use the following cookies on the website:
Cookies are used in connection with the analysis of the use of our websites. This will be statistics and registration of usage patterns.
Change browser settings
You can change the settings on your browser to limit which cookies can be used.
If you change the settings and block cookies, this will mean that certain functions on the website will not work, and you will not take full advantage of all the functions the website can offer.
Legal entity. Contact Information
The legal name and contact information for Diller are:
Vestre strandgate 23, 4611 Kristiansand
Tel: +47 969 24 642
Org. No .: 918022031
See also our website for more information: Diller.no .