Akastor’s Binding Corporate Rules (BCR) for Processing Personal Data
Data Protection is about providing people with the right to control the use of any information concerning themselves, such as name, telephone numbers, preferences etc. The Data Protection Standard of Akastor is based on the Norwegian Personal Data Act and the EU General Data Protection Regulation 2016/679 (GDPR). Akastor’s Data Protection Standard is based on the following data protection principles:
- The processing of personal data shall take place in a fair and lawful way.
- The collecting of personal data shall only be made for explicit and legitimate purposes and the use of them shall be made accordingly.
- The collecting of personal data shall be relevant and not excessive in relation to the purpose for which they are processed.
- The personal data shall be kept accurate and where necessary, up to date.
- Personal data shall not be held longer than necessary.
- All personal data shall be kept confidential and stored in a secure way.
- Personal data shall not be shared with third parties except when necessary in order for them to provide services upon agreement.
- Data subjects shall have the right of access to and rectification of own personal data.
Akastor is committed to ensure the rights also of third parties to at any time access and rectify any personal data Akastor has collected about third parties. If a third party considers that Akastor has failed to comply with applicable rules on processing of personal data, such third party has the right to object at any time. If a third party suffers harm due to such non-compliance he/she may contact the competent authority or the court where the relevant Akastor subsidiary is based or the competent authority or the court of Akastor ASA in Norway.
Download: Privacy Principles Observed By Akastor