Privacy policy

This privacy policy describes how Safetec Nordic AS (hereinafter referred to as Safetec) collects and uses personal data. The policy contains information you are entitled to when data is collected from our website and general information about how we process personal data.

Contact Information

For questions related to this privacy policy, or to exercise your privacy rights, please contact us by email or phone:

  • Phone: +47 73 90 05 00
  • Postal Address: Sluppenvegen 6, 7037 Trondheim

If you have questions related to this privacy policy or our responsibility as a data controller, you are entitled to a response without undue delay, and no later than one month.

Personal data we collect and process

We primarily process personal data in the following cases:

  • You have sent us an inquiry
  • You have a customer relationship
  • You have signed up for a course or event organized by Safetec
  • You have participated in a survey conducted by Safetec
  • You have applied for a job, or a job applicant has listed you as a reference
  • You are or have been employed by Safetec

Safetec has an IT operations model where we manage a large part of our systems ourselves, but we have also outsourced the operation of some systems to external parties. Where we manage the systems ourselves, we also use external consultants. All infrastructure and data are located within the EU/EEA or countries approved by the EU Commission.

Inquiries

Safetec uses email and phone to follow up on inquiries, operational activities, and general dialogue with internal and external contacts. Information from phone calls and email exchanges is recorded and stored if necessary to respond to requests, fulfill agreements, or legal obligations. This information is processed as described under "Client relations".

Employees have an overview of the latest calls on their phones, but there is no systematic recording or logging of phone calls. When an employee leaves, email accounts are deleted, but some relevant emails will normally be transferred to colleagues. Please note that regular email is unencrypted. We therefore encourage you not to send confidential, sensitive, or other private information via unencrypted email.

The legal basis for processing inquiries is Article 6(1)(f) of the GDPR, which allows us to process information necessary to pursue a legitimate interest that outweighs the individual's interests or fundamental rights and freedoms. The legitimate interest is to follow up on email and phone inquiries as needed.

Client relations

In connection with customer relationships, we are required to collect information such as name, address, organization number, and other necessary information. We use this information only to manage your customer relationship, for example, to respond to requests, send offers, and fulfill orders. Customer information is recorded in our internal project room and associated customer database.

We retain the information you provide us with as long as our customer relationship exists. You have the right to access, correct, and delete data we have stored about you. After the customer relationship ends, we will also retain data as long as we deem it appropriate. This is to help you with any history you may need.

The legal basis is Article 6(1)(b) of the GDPR, which allows us to process information to fulfill a contract or with the intention of entering into a contract; and Article 6(1)(c) of the GDPR, which allows us to process information to fulfill a legal obligation.

Courses and events

When registering for a course or event organized by us, we will ask for information such as name, contact information, and workplace. We may also ask for information about food allergies. The purpose of the information is to provide information to participants, prepare participant lists for participants, collect course fees, and manage and facilitate events.

The legal basis is Article 6(1)(f) of the GDPR, which allows us to process information necessary to pursue a legitimate interest that outweighs the individual's privacy. The legitimate interests are to conduct courses and events in a good manner.

Surveys

Safetec uses SurveyXact from Rambøll to conduct surveys. Only Safetec and Rambøll have access to the collected information. A separate data processing agreement between Safetec and Rambøll regulates what information the provider has access to and how it should be processed. In cases where Safetec conducts surveys involving the processing of personal data for customers, there will be processing agreements with these customers. In connection with surveys, we will always inform about the purpose of the survey, how long the data will be retained, and other rights through informed consent. Safetec will not share the information with others or use the information for purposes other than those specified. Data from surveys used for future comparisons and research will always be anonymized.

Website visits

Blåis and Nordhost are service providers for (http://www.safetec.no). The provider Blåis contributes to the operation and development of the websites. Only Safetec and the service provider, with any subcontractors, have access to the collected information. Separate data processing agreements between Safetec and the service providers regulate what information the providers have access to and how it should be processed.

Cookies

Cookies are small text files placed on your computer when you download a website to provide you with better services. When you visit (http://www.safetec.no), we use cookies necessary for you to use our websites and to compile visitor statistics.

Safetec uses cookies to distinguish between users and to compile statistics that we use to improve and further develop the website. Some cookies are necessary for functionality, while others are based on consent. You can read more about our use of cookies in our Cookie Policy.

If you have accepted or reserved against certain cookies on our websites, you can change these settings by clicking on "Cookie settings" at the bottom left corner of the page.

Web statistics

Safetec collects anonymized information about visitors to (http://www.safetec.no). The purpose is to compile statistics that we use to improve and further develop the information offered on the website. Examples of what the statistics provide answers to include how many people visit different pages, how long the visit lasts, which websites users come from, and which browsers are used.

The legal basis for generating anonymous statistics is Article 6(1)(f) of the GDPR, which allows us to process information necessary to pursue a legitimate interest that outweighs the individual's privacy. The legitimate interest is to improve and further develop information on our websites.

Use of LinkedIn

We use LinkedIn as part of our digital presence and communication strategy. Through LinkedIn, we aim to connect with key audiences, deliver relevant content, and inform about our core business.

When you interact with us on LinkedIn, it means that certain personal data about you is processed. This may include information such as name, profile information, likes, comments, or other information you have chosen to share on our page or in connection with our content on the platform.

Personal data collected and processed through LinkedIn is used by us for the following purposes:

  • Visibility in the market, including sharing guidance, news, and other parts of our business
  • Debate and dialogue, including responding to questions, comments, or inquiries you make to us via social media

Our legal basis for using LinkedIn is Article 6(1)(f) of the GDPR. This gives us the right to process information necessary to pursue a legitimate interest in communicating effectively with target audiences.

Job application

If you apply for a job at Safetec, we need to process information about you to evaluate your application. We process the information you provide to us through the documents you send us, including the application, CV, diplomas, and certificates. In addition to any interviews, Safetec may also conduct its own investigations, such as conversations with the applicant's references.

The purpose of the processing is to conduct good recruitment processes and ensure that we have the documentation we need to enter into an employment contract with you.

Safetec uses Nuu's job portal for recruitment purposes. Registration in the database is based on voluntary consent. Only personal data provided by the individual candidate in connection with creating a profile is processed. Nuu processes candidate data on behalf of Safetec and uses subcontractors who assist with the processing. A data processing agreement regulates how personal data should be processed. Information about Nuu's processing of candidate data can be found here: Terms of Use for Nuu and Consent Declaration.

To evaluate submitted documentation, conduct interviews, and call references, the legal basis is Article 6(1)(b) of the GDPR. This provision allows us to process personal data when necessary to take steps at the request of the job applicant before entering into a contract.

If we conduct our own investigations beyond this, such as contacting someone who has issued a certificate but is not listed as a reference, the legal basis is Article 6(1)(f) of the GDPR, which allows us to process information necessary to pursue a legitimate interest. The legitimate interest is to find the right candidate for the position.

We take interview notes to document and evaluate your performance during the interview. The legal basis for collecting these notes is Article 6(1)(f) of the GDPR, as we have a legitimate interest in assessing your suitability for the position.

The notes are deleted when the application process is over.

Applications are stored in Nuu's job portal and are automatically deleted after 24 months. A job applicant can withdraw their consent from the processing of personal data at any time. The data will then be deleted from Nuu's candidate database.

Your rights

Access to Your Data

Those registered in one of Safetec's systems have the right to access their data.

Correction of Personal Data

You can ask us to correct or supplement information if it is incorrect or misleading.

Deletion of Personal Data

You can ask us to delete information about you. However, information we are required to retain due to legal obligations will not be deleted.

Restriction of Processing of Personal Data

In some situations, you can also ask us to restrict the processing of your data. You do this by managing consent or reservations in our solutions.

Object to the Processing of Personal Data

If we process information about you based on our tasks or based on a balancing of interests, you have the right to object to our processing.

Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format.

Complaints About Our Processing of Personal Data

If you believe we do not comply with the rules in the Personal Data Act, we hope you will let us know by contacting us. You can also complain about our processing of personal data to the Norwegian Data Protection Authority.

Changes to the privacy statement

Updated 19.06.2025