Storage of data and personal data on users of our websites.
1.1 The purpose of collecting data
We collect data on visitors to our website/blog. The purpose of this is to gather statistics that can contribute to the further development of both the user experience and the content of our channels. We use this information exclusively for:
- Measuring the use of the services we offer.
- Measuring user behaviour for the services we offer, so that we can optimise and further develop the user experience in order to improve it for you as a user.
In order to collect data, we use information capsules, also known as cookies. Information capsules are small data files that store information on how you use our websites.
The information capsules are used to:
- Make it easier for you to obtain information in the future. For example, by not having to fill out forms repeatedly.
- Recognise visits from returning users.
- Record general statistics such as web browser type, time, language and which website the user comes from.
You can delete information capsules by following the instructions for deleting information capsules in your browser.
1.3 This data is stored by means of information capsules
Anonymised behaviour data
- Which browser is being used
- Date and time
- Pages that are being visited
- Amount of time spent on our website
- Conversions (such as the number of fund units purchased, registering for a newsletter, number of completed forms)
Behavioural data relating to you and your profile
This data is stored if you have given your consent to this on our websites.
- The average number of times you have visited our website
- The first page you visited
- The first page you came from before arriving at our website
- The first campaign you converted to (could have been a registration for a newsletter, a fund unit purchase, completion of a form)
- The last page you visited
- The last page you came from before arriving at our website
- The last campaign you converted to (could have been a registration for a newsletter, a fund unit purchase, completion of a form)
- The number of activities carried out on our website
- Number of pages you have visited
- Number of sessions registered about you as a user
- Source that led you to our websites (for example, Google, an online newspaper, direct traffic, social media)
1.4 We use these tools for collecting data
We use subcontractors in connection with web analysis and marketing measures:
Google Analytics (Web Analysis)
Google Analytics Is a web analysis tool that collects data and prepares statistics to enable us to improve and develop our websites. We collect information on the pages that are visited, which source users come from, how long the users visited the site, how many times the users have visited our website, and whether you have carried out any conversions (for example, purchase, registering for a newsletter or completed the contact form). All data collected is anonymised.
HubSpot: a tool for email mailings and marketing
We use HubSpot for email mailings and inbound marketing.
Until you become a customer, or have provided your contact details, for example by registering for a newsletter, the data will be anonymous in HubSpot. When you give your consent to receive information from us, such as by email, the email will be stored. The information about you remains in Hubspot until you either unsubscribe from the email list or are no longer a customer of ODIN.
HubSpot is an American company that stores and processes data in the USA. The company is Privacy Shield-certified. This means that they are subject to rules that protect your data in the same way as if the data had been stored in Europe. You can read more about what Privacy Shield means for you as a customer.
We have signed a data processing agreement with HubSpot to ensure that your personal data is processed in accordance with the regulations. This provides a clear framework for how HubSpot should process information about you.
Hubspot: CRM and customer follow-up
HubSpot is also our (CRM) system for following up existing and potential customers. In order to give our customers relevant, useful and personalised information, this data will be available to us in HubSpot. This is important as it enables us to give our customers a better experience of being a customer of ODIN. We also document communications with you as a customer or potential customer, such as emails and meetings that have been held. We can also see whether you have opened an email or not. This tells us instantly whether what we send you is interesting, and we avoid calling you before you are actually ready for it.
This data is stored by us as long as you as the customer have a customer relationship with us.
2. Storage of customers’ personal data
2.1 This is personal data
Personal data is all information that directly or indirectly can be associated with an individual person, such as, name, address, telephone number, email address, personal identification number, information about bank account and securities account.
All information about you is stored in a structured system in the company’s internal customer register. See section on information security below.
Personal data processed by us:
- Identification information (for example, name, personal identification number, IP address)
- Contact information (for example, email, address, telephone number)
- Statutory information (for example, citizenship, country of taxation)
- Financial information (for example, account number, transaction data)
2.2 The purpose of personal data
We can only collect personal data for specific, legitimate purposes and the data must not be used for any other purpose than that for which it has been collected.
- Fulfilling the agreement with you: It is necessary for us to process your personal data, to be able to provide the services you have ordered. The personal data is constantly used to administer and execute the contractual relationship we have.
- Fulfilling our statutory duties: We will occasionally use your personal data to be able to fulfil legal obligations we are bound by. Laws and measures to combat money laundering and terrorist financing oblige us, and all other players within the financesector, to register and store information in ODIN about the purpose of the customer relationship, the source of the money you invest and whether you fall under the definition of a politically exposed person (PEP). The law also obliges us to carry out a risk classification of you as a customer. We carry out this risk classification, among other things, on the basis of the size of the invested amount, the volume and frequency of the transaction for the duration of the customer relationship.
2.3 Basis for processing
The basis for our collection and processing of personal data is our fulfilment of an agreement with the data subject (for example, savings in one of our securities funds) and our being bound by a legal obligation (for example, the anti-money-laundering or taxation law).
2.4 Disclosure of the personal data
We will never disclose your personal data to others, unless you have given your consent to the disclosure or there is another legal basis for the disclosure.
ODIN processes personal data in accordance with the provisions of the personal data legislation. We have a duty of non-disclosure regarding any customer information we obtain through our activities, unless otherwise specified in acts or regulations, or we have received written consent to release confidential information.
2.5 Storage and deletion of personal data
We store and save our communication with you as long as you are a customer.
We also register and store information on any guardians, beneficiaries or other persons entitled to access a customer’s account. We ask about tax residency in order to be able to report correctly to the respective countries’ tax authorities.
We are obligated to correct or delete data about our customers if it is defective, Incorrect or unnecessary. The obligation to delete data about the customer relationship in accordance with the Norwegian Personal Data Act can, in some cases, be time restricted by other legislation.
2.6 Information security at customer database
Customer data is stored in an internal database at ODIN Forvaltning and is protected against unauthorised access, change, destruction or distribution. We continuously evaluate which of our employees are authorised to access the database, and strive to maintain optimal administrative and technical measures for protecting the data.
3. Secure communication
The law on personal data processing requires us to make provision for secure communication with you as a customer. Insecure email is not considered to be safe, and we therefore ask you to avoid sending us personal data by email.
For reasons of personal security, the we ask that you send documentation, forms and communication containing personal information via post or fax. You are welcome to contact customer service on +47 24 00 48 04.
4. Your rights
4.1 Information and access
As our customer, you have a right to view the company’s procedures for processing personal data and to view personal data about you which is registered and stored. If you wish to view data, or would like more information about this, please get in touch with email@example.com. Never give confidential personal data in your email to us. We will process your request as quickly as we can, and send you a reply by post to your registered address.
ODIN cannot disclose personal information and what we have stored about you as a customer on the basis of a telephone enquiry. We need to know for sure who is calling us asking to view data, and that the request for viewing relates to this person.
4.2 The right to be forgotten
The new General Data Protection Regulation gives you as a customer the right to “be forgotten”, in other words, have your personal data deleted. This happens when the information we have about you is no longer necessary for the purpose for which it was collected. In some situations, however, when another law applies, we are not always in a position to delete information we have about you. As a management company for securities funds, various laws oblige ODIN Forvaltning to retain the information for certain periods of time. The accounting law, the anti-money-laundering law and the law on taxation can be mentioned here.
You can also request that incorrect information about you is deleted. We will attempt to keep the information about you updated and correct ourselves, but if you discover any errors, please feel free to contact our funds centre on +47 24 00 48 04.
5. Audio recordings
You should feel secure when you receive advice about saving and investing with us. There should be no doubt regarding the advice you have received and which agreements you have entered into with us. ODIN is subject to the MiFID II regulation, and is therefore obliged to record and store all telephone calls that are made between the advisor/funds centre and the customer.
The recordings are stored for at least five years from the time of recording. We treat the recordings as sensitive information and they are subject to a duty of confidentiality, both for ODIN as a company and those who are employed by ODIN. The recordings are stored in such a way that they are not accessible to unauthorised persons.
6. Complaints to the Norwegian Data Protection Authority
The privacy regulations shall protect individuals from personal data processing in a way that infringes their privacy. The job of the Norwegian Data Protection Authority is to check that these regulations are complied with. If you have experienced anything you believe to be a contravention of the regulations, you may complain by sending a written enquiry to the Data Protection Authority. Read more about how to complain here.