This privacy statement covers our collection, use and disclosure of information collected through our website, www.admincontrol.com, our service Admincontrol including any connected applications that have been developed by Admincontrol to work as a part of our services.
The use of information collected through our service and connected applications shall be limited to the purpose of providing the service for which the Client has engaged Admincontrol AS.
Admincontrol AS collects and processes information under the direction of our Clients, and has no direct relationship with each individual user of our service. Each of our Clients acts as Data Controller whereas Admincontrol is the Data Processor. A Data Processor Agreement has been entered into between our Clients and Admincontrol that governs the processing of your data.
Admincontrol will act as the Data Controller for information obtained through the “Request a Demo” as well as Information we collect when you access Our Site.
All customer and personal data are processed under the control of Admincontrol in Norwegian datacentres within the EU/EEA area.
A more detailed description of our processing when we act as Data Processor for our Clients is found here: www.admincontrol.com/data-processing/
Our contact details are as follows:
Lille Grensen 7,
+47 22 83 61 00
Information we collect
- Information obtained by completing any forms on our web site, www.admincontrol.com (Our Site).
- Details of your visits to Our Site, including but not limited to, traffic data, location data, browser version and details, weblogs and other communication data, and the resources that you may access.
- As a user of our Admincontrol service, we store and process your name and contact details such as phone number and registered e-mail address including any other kind of information you may enter or upload into our service.
Use of information
The information collected is maintained for the purpose of fulfilling our contractual obligations with our Client and is used as such or in order to contact you for the purpose of demonstrating our services.
The information we collect is not shared with any organisations, except to provide products or services requested, when we have your permission, or under the following circumstances:
- As required by law, such as to comply with a subpoena, legal proceedings, or similar legal process.
- To investigate potential violations of our Terms of Service
- To security approved Sub-contractors as stated in our Data Processing Agreement with our Clients
- To third-party service provider as stated under 3rd Party disclosure
If Admincontrol is involved in a merger, acquisition, or sale of all or a portion of its assets, our Clients will be notified via email and/or a prominent notice on our Web site of any change in ownership.
Cookies and Tracking Technologies
Admincontrol and our analytics provider use technologies such as cookies, beacons, tags and scripts, to analyse trends, administer Our Site, tracking users movements and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual and aggregated basis.
Some tracking providers will collect and store personal data such as IP address and browser version info and device. Where possible anonymization technologies will be used to minimize the amount of personal data transferred to analytics providers.
Where you have consented to product related information on email, user behaviour analytics and tracking may be used in the email communication.
See our Cookie Declaration for an overview of all cookies on Our Site, or to change your consent.
As is true of most web sites, we gather certain information automatically and store it in log files.
This information includes internet protocol (IP) addresses, browser type, referring/exit pages, operating system, date/time stamp and clickstream data and may be stored in system logs such as network, intrusion prevention logs, firewall logs, webserver logs in order to maintain our high level of security of our service.
Admincontrol is the Data Controller for these logs and they are maintained for a period of 12 months. Our legal basis for this processing is our legitimate interest to maintain sufficient network and information security.
3rd Party disclosure
Only aggregated, anonymized data is periodically transmitted to external services to help us improve Our Site and the Admincontrol service. This is true in the following cases:
For Our Site, we use Google Analytics as an Analytics Provider. Only aggregated and anonymized data is transferred.
Admincontrol does not process payments for services on Our Site.
Access to your information
The Norwegian Data Protection Act and EU General Data Protection Regulation (GDPR) give you the right to access the information we hold about you.
An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct their query to the responsible person within their organisation for the agreement with Admincontrol. Admincontrol will make reasonable commercial efforts to promptly fulfil our Clients request. Requests relating to information we process for our own purposes may be directed to us to the address set out under “Further Information”.
Admincontrol has security and the protection of our customer’s data as a top priority and is certified against ISO:27001:2013. The ISO 27001:2013 standard govern our information security work.
The following are our primary information security goals:
- Admincontrol must ensure the confidentiality, privacy and integrity to customers data.
- The Admincontrol services must be available to authorised users in accordance with Admincontrol’s SLA.
- Admincontrol must actively work to minimise the risks and any potential damage by preventing security incidents and their potential impact.
- Admincontrol must comply with relevant customer requirements, laws and regulations for information security.
For further details see www.admincontrol.com/information-security/
Admincontrol complies with the following Norwegian laws and regulations concerning IT security for banks and finance institutions, including Norwegian and European (EU/EEA) regulations for protection of personal data:
- EU General Data Protection Regulation (GDPR)
- Norwegian Personal Data Act
- Regulations on use of information and communication technology (ICT)
All Clients need to ensure that any local laws and regulations within their sector and/or their country is covered. When ensuring compliance with your sector specific or local regulation needs, you may contact Admincontrol for a more detailed description of our security controls.
Admincontrol has taken appropriate steps to ensure compliance with the EU General Data Protection Regulation (GDPR) once entered into force.
Admincontrol will retain personal data we process on behalf of our Clients as long as needed to provide services to our Client. Admincontrol will retain and use this personal information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Information we collect in order to demonstrate our services is maintained until the purpose of the collection has been fulfilled.
Cancellation or termination of account
Admincontrol can completely remove all the Client’s documents, files and meta-data upon request. If your account is terminated for any reason, please contact us with any request to access your data.
Changes to this Policy
Data Protection Officer
To ensure proper Data Protection and Privacy is in place Admincontrol has appointed an internal Data Protection Officer that monitors Admincontrol compliance with GDPR, provide advise in privacy related matters and act as a point of contact for our Clients and the Data Protection Authorities.
For further data processing details, compliance or security,
please contact the DPO on e-mail: firstname.lastname@example.org