Privacy Statement
Nimtech consists of IT consultants and automation services. We care about privacy.
Personal data is information that can be linked to you as an individual. This can be names and contact details, but also much other information that can be linked to you more indirectly.
In this privacy statement, you can read about which personal data Nimtech is responsible for processing. It is important to us that you know what kind of personal data we process, so that you can safeguard your rights under privacy legislation.
Points
Nimtech is responsible for all processing of personal data where we ourselves determine the purposes of the processing of the data and the means we use for this. In this privacy statement, you can read more about the processing for which Nimtech is responsible.
If you have any questions about this privacy statement or the evaluations we have made, you can contact us at contact@nimtech.no.
When does Nimtech collect personal data?
We primarily process information about you in the following cases:
-
You have sent us an inquiry or complaint
-
You have signed up for an event or competition
-
You have applied for a job with us
-
You have ordered services
-
You visit our website nimtech.no or nim.io
Visits to our websites
Cookies
Cookies are small text files that are placed on your computer when you download a webpage. Some of the cookies are necessary for various services on our website to function. Nimtech uses cookies to analyze the use of our websites.
You can read more about cookies in use at nimtech.no/nim.io by clicking on settings in the cookie banner.
Web analysis
We use cookies to conduct web analysis. The use of cookies for web analysis will be based on consent..
Statistics from the Web Server
Nimtech uses logs from our website provider to generate statistics on visits to nimtech.no and nim.io. This statistic allows us to improve the information on our website. The information contains different variables, such as which page you visited, date and time of the visit, as well as technical information about your device. We never store IP addresses of visitors. In practice, it will not be possible to identify visitors from the remaining parameters. Therefore, the statistics are anonymous. This information cannot therefore be linked to you as an individual.
The legal basis for generating anonymous statistics is the General Data Protection Regulation Article 6(1)(f), which allows us to process information that is necessary to protect a legitimate interest that outweighs the need to protect the individual's privacy. The legitimate interest is to improve and further develop information on our websites.
Feedback Features
At the bottom of some of the articles on nimtech.no/nim.io, you will find a feature where you can give feedback on whether you found the information you were looking for, or not. We also have a feedback form if you come across broken links. We use the feedback to improve the content on the website.
The function is not used for guidance, and therefore we ask you not to register questions that you want answers to here. We also ask you not to enter information about yourself or others.
We review the feedback manually on a periodic basis. Usually, this will happen about once every three months. After the feedback has been reviewed, it will be deleted.
The legal basis for processing personal data through the feedback functions is the General Data Protection Regulation Article 6(1)(f), which allows us to process information necessary to protect a legitimate interest that outweighs the need to protect the individual's privacy. Our legitimate interest is to provide content that meets the information needs of the audience.
Inquiries
We use email to perform our work tasks. Emails we have received should be deleted when they are no longer necessary for our daily task resolution. In practice, this means that such emails should not be stored for more than about one year. We request that special categories of personal data not be sent unencrypted by email.
We scan all incoming and outgoing emails for viruses and malware to ensure the integrity, confidentiality, and availability of our systems that process personal data.
The legal basis for the scanning is the General Data Protection Regulation Article 6(1)(c). Nimtech has a legal duty to ensure information security under the General Data Protection Regulation Articles 5(1)(f) and 32. After a specific risk assessment, we have concluded that this measure is necessary for Nimtech to fulfill this duty. We have also considered that the processing of personal data does not exceed what is necessary to fulfill the duty
Other processing of personal data
Registration of Events and Competitions
Sometimes it is possible to register for events on nim.io/nimtech.no.
When registering for an event, we will ask for information such as name, contact information, and place of employment. The purpose of the information is to provide information to the participants, manage and facilitate events, and prepare participant lists for the attendees. The information is stored until the event is concluded.
The legal basis is the General Data Protection Regulation Article 6(1)(f), which allows us to process information necessary to protect a legitimate interest that outweighs the consideration of individual privacy. The legitimate interests are to conduct events in a proper manner.
Job Applicants
If you apply for a job at Nimtech, we need to process information about you to assess your application. The employment process involves processing the information you provide to us through the documents you send us, including an application, CV, diplomas, and references. In addition to possible interviews, Nimtech may also conduct its own investigations, typically conversations with the job applicant’s references.
To assess submitted documentation, conduct interviews, and call references, the legal basis is the General Data Protection Regulation Article 6(1)(b). This provision allows us to process personal data when it is necessary to take measures at the job seeker's request before entering into a contract. By applying for the position and uploading documents, we consider that the job seeker asks us to assess submitted documentation, conduct interviews, and call references with the aim of entering into an employment contract.
If we conduct our own investigations beyond this, for example contacting someone who has issued a certificate but is not listed as a reference, the legal basis for such investigations is the General Data Protection Regulation Article 6(1)(f), which allows us to process information necessary to protect a legitimate interest that outweighs the consideration of the individual's interests or fundamental rights and freedoms. The legitimate interest is to find the right candidate for the position.
You do not need to provide special categories of personal data in your application or at an interview. However, you may choose to do so. Therefore, our legal basis for processing this information is the General Data Protection Regulation Article 6(1)(c), that processing is necessary to comply with a legal obligation, per Article 9(2)(b), that processing is necessary for us to fulfill our obligations in the field of employment law in accordance with the law. In other cases, our legal basis is the General Data Protection Regulation Article 6(1)(a), that is, your explicit consent, per Article 9(2)(a). You can withdraw this consent at any time. Withdrawing your consent will not affect the legality of the processing of personal data that occurred before you withdrew your consent.
Job applications are stored in Nimtech's job applicant system. General applications are deleted within 210 days, and applications with the status of employed or interviewed are deleted within 300 days. Applicant lists and settings, as well as job applications at the department director level, are transferred to our case and archive system and are preserved and stored in accordance with archive legislation (see above regarding archive and public access legislation)."