Privacy statement

1. Contact person for inquiries

Inquiries about requests for access, correction and deletion must be directed to the Privacy Correction Officer or to K.A. Rasmussen AS att. Privacy Correction Officer, PO BOX 4455, 2326 Hamar.

2. What are the legal bases and purposes of processing personal data?

The basis for the processing of personal data is K.A. Rasmussen AS´s legitimat interest based on a customer relationship and identification of the customer, employment relationship or other factual basis.

The purpose of the processing of customer information is to:

  • deliver and develop our products and services in the precious metals industry
  • manage our customer relationships and fulfil our agreements
  • analyze and keep statistics on our customers´ purchasing patterns, perform direct marketing and market research
  • to comply with the law on measures against money laundering and terrorist financing etc.

We operate a large part of our systems ourselves, but we also use subcontractors in the processing of personal data.
Where K.A. Rasmussen AS uses subcontractors for the processing of personal data, this will be regulated through a data processor agreement.

3. What kind of information do we process?

In connection with the customer and direct marketing register, we process the following personal information from our customers or other registered persons (e.i the customer´s representative)

  • The data subject´s basic contact information, such as:
    • first and last name*
    • social security number*
    • customer number
    • username and/or another form of identification
    • password
    • language
    • e-mail address*
    • telephone number* and address information*
  • Information about a potential customer company and its contact persons, such as:
    • organization number*, and names, titles and contact information of the contact person*.
  • Other identifying information about the customer in connection with money laundering legislation*, such as:
    • the routine used to verify the identity, nationality of a foreign customer
    • information in travel documents, name, date of birth
    • nationality of the legal person´s board members or members of other decision-makers,
    • the customer’s political influence and information about the customer’s financial position and other necessary identifying information required by law.
  • Information about the customer relationship and the agreement, such as:
    • information about previous and current agreements and orders
    • customer correspondence
    • information about cookies and user information about network services including the latest time for login, the latest IP address and statistical information about usage
  • Information about invoicing and debt collection
  • Any information that the customer has provided. The submitted personal information marked with an asterisk is a prerequisite for a contractual relationship. Without this necessary personal information, we can not deliver the product (item) and/or services. In connection with the direct marketing register, we process the following personal information of the customer or other object for direct marketing:
    • name, title, date of birth, gender, language
    • address and other contact information requested for contact
    • reactions to marketing measures, consent or refusal regardin direct marketing.

In connection with personnel administration, we process the following information about our employees and jobseekers:

  • personal information, salary information, evaluations, information about relatives and education / position level.

4. Where do we receive information from?

We receive information primarily from the following sources:

  • the registered person
  • the population register
  • Norwegian Central Coordinating Register for Legal Entities
  • authorities
  • credit information agencies
  • providers of contact information services such as Bring and from other similarly reliable sources.

For the purposes described in this privacy statement, personal data may also be collected and updated form publicly available sources and based on information received from authorities and third parties within the frameword of applicable law. This type of information update is regularly performed manually or automatically.

As an important part of the work to create a user-friendly website, we look at the user pattern of those who visit the website. To analyze the information, we use the analysis tool Google Analytics.

Google Analytics uses cookies, which register the user’s IP address, and which provide information about the individual user’s online movements. Examples of what the statistics give us answers to are: how many people visit various pages, how long the visit lasts, which websites the users come from and which browsers are used. IP addresses and general online movement patterns are aggregated by Google before we gain access to it. This means that none of the cookies enable us to link information about your use of the website to you as an individual.

5. To whom do we provide information and do we transmit data outside Eu or EEA?

We transfer personal information to our auditors to fulfil their obligations and to debt collection agencies to carry out any debt collection assignments. We can also hand over information to the authorities if this is authorized by law.

Data may also be provided for third party direct marketing, provided that the customer has consented to this.

We do not provide personal information outside the EU/EEA.

6. How do we protect the information and how long do we store it?

Only those of our employees or employees of our subcontractors mention under point 4, and who through their work have the right to process personal data, have the right to use the system that contains the customer and direct marketing register.
Each user has a personal username and password for the system. The data is collected in databases protected by firewalls, passwords and other technical measures. The databases and backups are located in locked locations and only a few pre-selected people have access to these locations.

We store the information for as long as it is necessary for the purpose of the processing. The information required by the Act on Measures against money laundering and terrorist finanicing etc, is stored for five years after a permanent customer relationship has been terminated, and in the case of temprary transactions for five years after completion of the transaction.

Personal information associated with the personnel administration will be stored as long as the person in question is employed by K.A. Rasmussen AS, and will be deleted no later than one year after the person in question has left. Exceptions apply to information that requires a longer storage period in accordance with law.

Personal information about applicants for positions will be deleted no later than four months after the person in question applied for a position with K.A. Rasmussen AS unless the person in question is employed or agrees to the information being kept longer. It is emphasized that jobseekers can have the information deleted whenever they wish

We regularly review the need to store data, taking into account current legislation such as the Money Laundering Act. In addition, we take all reasonable steps to ensure that no incorrect personal information about the data subject is stored in the register in light of the purpose of the processing. We correct or delete data as soon as it is detected.

7. What are your rights as registered?

As a registered person, you have the right to access personal information that concerns you. As a registrant, you also have the right to demand corrections or deletion of personal information, as well as the right to refuse or withdraw your consent to direct marketing..

As a registered person, in accordance with the Personal Data Act, you have the right to oppose or limit the processing of your personal data, as well as the right to lodge a complaint about the processing to Datatilsynet.
Contactinformation can be found on this website

8. Privacy Officer

K.A. Rasmussen AS has its own privacy representative who assists with guidance so that personal information is processed in a good way and in accordance with the regulations. The Privacy Officer is a voluntary scheme and is administered by the Norwegian Data Protection Authority

9. Who can you contact?

All questions regarding this description must be sent in writing to the address mentioned in point no.1 (1).

10. Changes to this Privacy Statement

Should we make changes to this privacy statement, we will place the changed description on our website and indicate the date of the change. If the changes are extensive, we may also inform you of the changes in other ways, for example by sending an e-mail or posting a bulletin on our website. We recommend that you visit our website from time to time to be aware of any changes.

Last update November 17th, 2022.