Privacy policy

Customers and representatives of corporate customers,
24 Center AS, 25.05.2018

Personal data controller

24 Center AS
Østensjøveien 43
0667 Oslo

Personal data to be processed

Data categories: 24 Center AS's one-time customers and business customer representatives.

The following personal data is always collected from a one-time customer:

The following personal data is collected from one-time customers when needed:

Information collected from contract customers includes the information from one-time customers in addition to the following information:

Purpose and reason for treatment

24 Center AS processes personal data so that it can carry out the agreements it has entered into with its customers. With the consent of the data subject, 24 Center AS also uses the collected personal data for marketing purposes.

The processing criteria according to the General Data Protection Regulation are as follows:

Recipient categories

The company's internal positions are described in information accounts.

Auditor: information necessary for accounting to partners.

Currently, software or online services from Accountor Finago and Hubspot are used.

In addition, the information is handed over to LINK Mobility Oy, where SMS messages are forwarded from the 24 Center's system to the operators' networks in addition to partners/customers.

The contractual changes required by the GDPR shall be carried out by the aforementioned personal data representative outside 24 Center AS.

Retention period of personal data

Personal information is stored for the time required to complete the agreement and as long as the customer relationship exists. For one-time customers, the customer relationship begins when the customer orders the service from 24 Center AS and ends when the customer or 24 Center AS requests it. For contract customers, the customer relationship lasts as long as the contract states. In addition, storage shall be extended by a maximum of 10 years from the time the information is received, if the data subject has consented to his information being used for marketing purposes, as long as the data subject does not withdraw his consent earlier.

If the information becomes redundant or obsolete, the information may be archived in an archive accessible to the CEO of 24 Center AS, provided that the use of the data subject's rights does not require complete deletion of the information. In such a case, appropriate security measures are chosen.

Furthermore, an annual review is carried out to determine whether there is a legitimate reason for processing all personal data, and any remaining data must be removed.

The rights of the data subject

The data subject has the following rights:

For all questions relating to these rights, the data subject must contact the CEO of 24 Center AS.

Right to protest

Article 21 of the GDPR states that the data subject has the right to object to the processing of their personal data in such a way that the data controller cannot process it when certain conditions are met. For example, you can object to personal data being used for marketing purposes. For questions regarding how this right can be used, the data subject is encouraged to contact the CEO of 24 Center AS.

Withdrawing consent

The data subject may at any time revoke his or her consent given for the use of his or her personal data for marketing purposes. This is achieved by contacting the CEO of 24 Center AS.

Right to complain to the supervisory authority

Under Article 77 of the GDPR, the data subject has the right to lodge a complaint with the supervisory authority if he or she considers that the processing of personal data infringes the Regulation.

Mandatory to provide information

Only the information required for the fulfillment of the criteria stated above shall be collected and therefore the information is mandatory and necessary for the conclusion of the agreement. In the case of personal data processed on the basis of consent, it is of course voluntary to disclose this.

Security offerings

The company's CEO handles security breach notifications to the authorities and the data subject in accordance with the requirements of the General Data Protection Regulation.

Risk to the rights and freedoms of the data subject

The risk to the data subject's rights and freedoms is considered low. The matter is handled by an appropriate and competent data protection administration. The risk assessment is carried out in the company's information accounts.

Note!

24 Center has not yet started operations.
Please check back in the fall of 2021 when we become active!

Our website uses cookies. By using our services, you agree to the use of cookies. Read More