Our Privacy Policy

This privacy statement outlines Norske tog’s guidelines on collecting and processing of personal data.

“Personal data” comprise all information directly or indirectly linked to a person. Norske tog is responsible for ensuring that our personal data processing is in accordance with the applicable privacy regulation, including "GDPR" regulation.

Which type of personal data are Norske tog processing?

Recruitment

Norske tog use and store personal data in recruitment processes. How personal data is processed in recruitment processes will be outlined in the job advertisement, possibly as a minimum of the website of our recruitment partners

Employees, consultants and relatives

Personal data of employees, consultants and relatives is collected at start and during the employment period. We use the information to handle emergencies and to manage employee schemes such as pensions, insurance etc. The data may be shared with authorized third parties when necessary for the purposes stated above.

Suppliers and other business associates

Norske tog collects data about suppliers and business associates. The information can be name, company, CV etc. The data is used when tenders is evaluated and in the management of the Norske tog’s business operation.

In tender and contract follow-up, Norske tog will be able to carry out IDD and supplier/provider audit. The process may involve data collection from third parties such as owners, board members, shareholders, key personnel etc. The data collected will depend on the specific need, but may comprise name, business role, contact information, entries in sanction and restriction lists, as well as data on corruption, crime, regulatory fines and penalties. Norske tog can use third parties in the data collection process. In that case, a separate data processing agreement will be signed. Norske tog obtains permission from the Norwegian Data Protection Authority to process personal data in connection with IDD. Norske tog are collecting such data to ensure collaboration with professional parties when entering into new and existing business relations.

When visiting or contacting Norske tog

Norske tog are able to collect name, company, time of arrival/departure and e-mail address when you visit or contact the company due to security reasons.

Storage, deletion and rights in case of suspected abuse

Norske tog store personal data for as long as necessary based on the purpose of the data collection. Storage guidelines are regularly reviewed and when the data are deleted will depend on the nature of the personal data, including the law of xxx or the need to establish, apply or defend legal requirements.

You have the right to request access to, and correction or deletion of, personal data or limitation of data processing. In addition, you have the right to protest against the data processing, as well as the right to data portability. You also have the right to appeal to the Norwegian Data Protection Authority or other EU/EEA privacy authorities.

Your rights include:

  • Right of access
  • Right to correction
  • Right of restriction
  • Right to protest
  • Right to data portability
  • Right to information
  • Right by automated decisions

For further description, please visit the Norwegian Data Protection Authorities website.

Last revision: 30.06.20

Iren Marugg
Iren Marugg
General Counsel