Newsletter and other types of direct marketing communications
Privacy Policy – Newsletter and other types of direct marketing communications
Information on how we process your personal data
In this Privacy Policy (the “Policy”), we provide information about our processing of personal data in connection with our provision of our newsletter and other types of direct marketing communications to you as a representative of a company or organization. This Policy will, for example, include information on for what purposes we process your personal data, with which parties we share your personal data as well as information on your rights as a data subject.
This policy was last updated: 3rd of March 2025
1. INTRODUCTION
1.1 This Policy describes how Blåkläder AS, org. no. 812806602 (“Blåkläder”, “we”, “us” or “our”), at the address Solgaard skog 110, 1599 MOSS, processes your personal data.
1.2 We are responsible for the processing of your personal data as described in the Policy in the capacity of data controller. If you would like to know more about our processing of your personal data, you are welcome to contact us, e.g., via the address above or via our e-mail address: gdpr@blaklader.com.
1.3 We respect and safeguard your personal integrity. It is important to us that you feel comfortable with how we process your personal data, and we therefore ask you to read through this Policy, which we may update from time to time. If we make changes to the Policy, the new version will apply from the time it is published on our website www.blaklader.no. At the top of the page, you can see when the Policy was last changed.
2. HOW WE COLLECT YOUR PERSONAL DATA
The personal data we process relating to you is collected directly from you, including when you subscribe to our newsletter or other types of direct marketing communications. Additionally, we may collect information from your interactions with our website, social media platforms, events, and promotions you participate in.
3. HOW WE PROCESS YOUR PERSONAL DATA
3.1 We only process your personal data to the extent permitted in accordance with applicable data protection legislation. This means inter alia that we need to have a legal basis for the purposes for our processing of your personal data, which in this context means the following legal basis:
Legitimate interests – the processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, provided that they are not overridden by your interests or fundamental rights or freedoms (in which case the processing would not be allowed).
Below, we explain more about the categories of personal data we process, for what purposes we process them and what legal basis we rely on when processing your personal data, including for how long we store your personal data.
3.2 To provide you with our newsletter and other types of direct marketing communications
| What we do and why: | The personal data that we process: |
| We will process your personal data to administer and send our newsletter to you, along with other types of direct marketing communications regarding our business, services and current activities. For this purpose, we will collect your personal data and use it to send newsletters to you and contact you with other direct marketing communications. Additionally, we may retain your contact information to inform you about our business, services, and current activities via regular mail or e-mail. Profiling We use profiling to better understand your interests and preferences so that we can tailor our direct marketing communications to suit your needs and interests more effectively. Profiling involves analyzing your interactions with our communications (such as open rates, click rates, and website visits) to create a profile of your interests and preferences. You have the right to object to the processing of your personal data for profiling purposes at any time. If you object, we will cease profiling your data and will no longer use it for direct marketing. | - First and last name. - E-mail address. - Regular address. - Telephone number. - Industry. - Company name and size (including number of employees). - IP-address. - User generated data (e.g. purchases, click and browsing history). |
| Our legal basis for processing: | |
| Our marketing is based on our legitimate interests, where our legitimate interest is to be able to market our products and services to you and the company or organization you represent. | |
| How we share and transfer your data: | |
| We will share your data with the following parties: Companies within our corporate group: We may share your personal data with companies within our corporate group. If we share your personal data with companies within our corporate group, we will make sure that your personal data are being processed in a way that conforms with this Policy. Suppliers of IT services: We use third party suppliers in order to manage parts of our business. We may share personal data with these suppliers in connection to them providing services to us. Whenever using suppliers, we establish data processor agreements as well as take adequate measures in order to make sure that your personal data is processed in a way that conforms with this Policy. Suppliers of marketing services: We use third party suppliers in order to send you physical marketing materials, such as catalogues. We may share personal data with these suppliers in connection to them providing services to us. Whenever using suppliers, we establish data processor agreements as well as take adequate measures in order to make sure that your personal data is processed in a way that conforms with this Policy. For the purpose of this processing activity, we or any of the companies listed above may transfer your personal data to a country outside the European Union (“EU”)/European Economic Area (“EEA”). The countries outside the EU/EEA to which your personal data may be transferred are: the USA, Canada and the United Kingdom. | |
| How long we keep your data: | |
| We will keep your personal data for a maximum of twenty-four (24) months, calculated from the time you subscribed to our newsletter or since our last mutual interaction. You can opt-out of receiving our newsletter or other types of direct marketing communications at any time. A procedure for opt-out is included in every newsletter or other type of direct marketing communication. If you are a customer, (or customer representative) to us, we may keep necessary personal data to administer our customer relationship. We will keep such personal data for as long as we have a customer relationship with you or the company or organisation you represent, but no longer than two (2) years after the last time we were in contact in our customer relationship, unless we are obliged to do so by Norwegian law. | |
4. SECURITY MEASURES
We have taken measures to ensure that your personal data is handled in a safe way. For example, access to systems where personal data is stored is limited to our employees and service providers who require it in the course of their duties. Such parties are informed of the importance of maintaining security and confidentiality in relation to the personal data we process. We maintain appropriate safeguards and security standards to protect your personal data against unauthorized access, disclosure or misuse. We also monitor our systems to discover vulnerabilities.
5. WHERE WE PROCESS YOUR PERSONAL DATA
Our goal is to always process your personal data within the EU/EEA. However, as some of our suppliers are international, your personal data will be transferred to countries outside the EU/EEA in accordance with our agreements with the suppliers. In such cases, we are obliged to ensure that the transfer is made in accordance with applicable data protection legislation before it occurs, e.g. by ensuring that the country in which the recipient is located ensures an adequate level of data protection according to the European Commission, or by ensuring appropriate safeguards based on the use of standard contractual clauses that the European Commission has adopted and other appropriate measures to safeguard your rights and freedoms.
The following link provides information on the non-EU/EEA countries decided by the European Commission to provide an adequate level of protection for the authorised transfer of personal data:
You may access the European Commission’s standard contractual clauses at https://eur-lex.europa.eu/legal-content/en/TXT/?uri=CELEX%3A32021D0914.
6. YOUR RIGHTS
You have rights in relation to us and our processing of your personal data. Information about your rights and how to exercise them is set out below.
Please note that your rights apply to the extent that follows from applicable data protection legislation and that there may be exceptions to the rights where applicable. We also ask you to note that we may need more information from you in order to e.g., confirm your identity before proceeding with your request to exercise your rights.
To exercise your rights or request information about them we ask that you contact us, which is most easily done via e-mail: gdpr@blaklader.com.
6.1 Right of access
You have the right to receive confirmation as to whether or not we process your personal data. Where that is the case, you also have the right to access your personal data through a so-called register extract as well as receiving additional information about the processing in question, such as for which purpose or purposes the processing takes place, the categories of personal data concerned, and the recipients to whom the personal data have been disclosed.
6.2 Right to rectification
You have the right to, without undue delay, have incorrect personal data about you rectified. You may also have the right to have incomplete personal data completed.
6.3 Right to erasure
You can request that we delete your personal data without undue delay if:
- The personal data is no longer necessary in relation to the purposes for which they were collected or otherwise processed;
- You object to processing that we carry out based on a legitimate interest, and your objection overrides our or another party’s legitimate interest of the processing;
- The processed personal data is unlawfully processed; or
- The processed personal data has to be erased for our compliance with one or more legal obligations.
6.4 Right to restriction
You have the right to request that we restrict the processing of your personal data in the following circumstances:
- You contest the accuracy of the personal data, for a period which enables us to verify whether the data is correct or not;
- The processing is unlawful and you oppose erasure of the personal data, and request restriction instead;
- We no longer need to process the personal data for the purposes of the processing, but the data is required by you to establish, exercise or defend legal claims;
- You have objected to the processing made on the basis of a legitimate interest and are awaiting our assessment of whether your reasons for objecting override our, or someone else’s, legitimate interest.
6.5 Right to object
You have the right to object to our processing of your personal data when it is based on our or another party’s legitimate interest. For us to be allowed to continue with the processing in case of such objection, we must demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms.
7. COMPLAINTS WITH THE SUPERVISORY AUTHORITY
In Norway, the Norwegian Authority for Privacy Protection (“Datatilsynet”) is the authority responsible for supervising the application of current data protection legislation. If you believe that we process your personal data in a wrongful manner, we encourage you to contact us so that we can review your concerns. However, you may file a complaint with Datatilsynet at any time.
__________