Last revision: January 2019
PRIVACY STATEMENT OF SEKSE & PARTNERS AS
InterSearch is an international executive search alliance organization, with more than 90 members in over 50 countries.
We are delighted that you have shown interest in our enterprise. Data protection and privacy is of a particularly high priority for Sekse & Partners AS, a company registered in Norway (registration number 965950044) whose registered office is at Stokkamyrveien 13, 4008 Stavanger, Norway (hereafter ‘Sekse & Partners, we, us’).
Sekse & Partners takes the necessary measures to process Personal Data of a Data Subject in line with the General Data Protection Regulation (GDPR), and in accordance with the country-specific data protection regulations applicable to Sekse & Partners.
This statement only applies to Personal Data processed by Sekse & Partners as Controller. By means of this privacy statement, we would like to inform you of the nature, scope, and purpose of the Personal Data we collect, use and process.
The privacy statement of Sekse & Partners should be legible and understandable for our customers and business partners. To ensure this, we would like to first explain the terminology used.
In this privacy statement, we use the following terms:
- PERSONAL DATA
Personal Data means any information relating to an identified or identifiable natural person (“Data Subject”).
- DATA SUBJECT
Data Subject is any identified or identifiable natural person, whose Personal Data is processed.
Processing is any operation or set of operations which is performed on Personal Data or on sets of Personal Data, such as collection, storage or use.
Controller is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data.
Processor is a natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the Controller.
Recipient is a natural or legal person, public authority, agency or another body, to which the Personal Data are disclosed, whether a third party or not.
- PERSONAL DATA
2. WHEN DO WE COLLECT YOUR PERSONAL DATA AS CONTROLLER?
We can process Personal Data from you if:
- you contact or have contacted us:
- Ex. a visit to the website;
- Ex. filling out our contact form on our website;
- we or our members provide or have provided services to you;
- we or our members could provide you with services in the future;
- you are our contact person for one of our clients or members.
This statement applies to the Processing of Personal Data of our (ex-)customers and the (ex-)customers of our members, our website visitors and prospects. Your Personal Data will be treated as carefully and carefully as possible and secured, in accordance with this privacy statement.
3. WHAT PERSONAL DATA DO WE COLLECT?
We can process the information below from you. Depending on the situation, however, we do not always have all the following information:
- Your identification data;
- Your electronic identification data;
- Your personal details;
- Your contact information;
- Your contact history;
- Your public data.
We will not process any special categories of Personal Data (medical data, political opinions, religious or philosophical convictions, trade union membership).
4. LEGAL BASIS FOR THE PROCESSING
We only process your Personal Data for legitimate purposes where Processing will be based on the Processing grounds that are listed in the general data protection regulation (GDPR).
In general we process your Personal Data based on your consent. If you have given us your oral permission to process your Personal Data, we will always send you an e-mail confirming your agreement. You can withdraw your consent at any time by contacting us. We ask you to always confirm an oral withdrawal of your consent in writing, or to withdraw your consent by e-mail or by letter.
In addition, we may process your Personal Data based on our legitimate interests which in specific cases outweigh any possible harm to your rights. For example, our use of a very limited part of your Personal Data that one of our members has. The only purpose to use your Personal Data in that example is to be able to do a quality appraisal of the services provided by our members. Due to the nature of the available Personal Data, we judge that any possible disadvantage for your rights is very limited, while the information is important for us and our members to be able to offer you services of the highest possible quality. Where we rely on this legal basis for Processing, we will limit the effects this may have on your privacy by minimizing our use and by providing adequate access and security guarantees to prevent unauthorized use.
In very limited case, we process Personal Data because this is necessary for the execution or termination of the agreement with you or we are required to do so by law.
5. WHY DO WE COLLECT YOUR PERSONAL DATA?
We collect your Personal Data for different purposes.
- operational purposes: for example answering your contact question;
- business purposes: for example to manage the relationships with our customers and those of our members, , to perform an appraisal of the quality of the services provided by our members
- historical, statistical or scientific purposes;
- commercial and marketing purposes: for example sending newsletters.
If we wish to process your Personal Data for a purpose other than that for which the Personal Data has been obtained, we will contact you before further Processing of that Personal Data.
6. PERIOD FOR WHICH THE PERSONAL DATA WILL BE STORED
We do not store your Personal Data for longer than is necessary for the purpose for which the Personal Data were collected or processed.
Since the period for which the Personal Data can be retained depends on the purposes for which the Personal Data were collected, the storage period may vary in each situation. Sometimes specific legislation will oblige us to retain the Personal Data for a certain period of time. Our retention periods for personal information are based on legal requirements and a balancing of your rights and expectations with what is useful and necessary for providing our services.
When it is no longer necessary to process your Personal Data, we will delete or anonymize your Personal Data. If this is not (technically) possible, for example because your Personal Data is stored in backup archives, we will save your Personal Data but we will not process it further and delete it when this becomes possible.
7. FROM WHO DO WE RECEIVE YOUR PERSONAL DATA?
We may obtain Personal Data from you directly or from our members.
If we obtain your Personal Data from our members, we will inform you about the Processing of your Personal Data (for quality control purposes) no later than at the time of our first contact with you.
8. WHERE DO WE STORE YOUR PERSONAL DATA?
We store your Personal Data mainly on IT systems in the EEA. Some of our IT systems are however outsourced to third parties where the Personal Data can be stored in the European Economic Area (EEA). We have also enabled some IT service providers outside of the EEA, which means that your Personal Data can also be stored outside of the aforementioned countries. All (IT) service providers act as Processors on our behalf.
We have taken the necessary physical and appropriate technical and organizational (precautionary) measures with a view to securing your Personal Data against loss or any form of unlawful Processing. We restrict access to personal information to staff and third parties if they need access to such information for legitimate, relevant business purposes.
9. DO WE SHARE YOUR PERSONAL DATA?
We have enabled several Processors to process your Personal Data on our behalf, including affiliated companies, our members, IT service providers and other business service providers. We may also share your personal information with other third parties if this is necessary for the purposes for which the Personal Data was collected. When we transmit Personal Data to external parties outside the EEA, we ensure that transfers of Personal Data take place in accordance with the legislation and that there is an appropriate level of protection. In addition, we will implement safeguards for such transfers, such as model contract clauses, consent of individuals or other legal grounds.
THE APPLICATION AND USE OF SOCIAL MEDIA ON OUR WEBSITE
On this website, the Controller has integrated components of the enterprise Facebook.
The operating company of Facebook is Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, United States. If a person lives outside of the United States or Canada, the Controller is the Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
With each visit to one of the individual pages of the website of Sekse & Partners into which a Facebook component (Facebook plug-ins) was integrated, the web browser of the Data Subject is automatically prompted to download display of the corresponding Facebook component from Facebook. An overview of all the Facebook Plug-ins may be accessed under https://developers.facebook.com/docs/plugins/.
During the course of this technical procedure, Facebook is made aware of what specific sub-site of our website was visited by the Data Subject.
If the Data Subject is logged in at the same time on Facebook, Facebook detects with every visit to our website by the Data Subject—and for the entire duration of their stay on our Internet site—which specific sub-site of our Internet page was visited by the Data Subject. This information is collected through the Facebook component and associated with the respective Facebook account of the Data Subject. If the Data Subject clicks on one of the Facebook buttons integrated into our website, e.g. the “Like” button, or if the Data Subject submits a comment, then Facebook matches this information with the personal Facebook user account of the Data Subject and stores the Personal Data.
Facebook always receives, through the Facebook component, information about a visit to our website by the Data Subject, whenever the Data Subject is logged in at the same time on Facebook during the time of the call-up to our website. This occurs regardless of whether the Data Subject clicks on the Facebook component or not. If such a transmission of information to Facebook is not desirable for the Data Subject, then he or she may prevent this by logging off from their Facebook account before a call-up to our website is made.
The data protection guideline published by Facebook, which is available at https://facebook.com/about/privacy/, provides information about the collection, Processing and use of Personal Data by Facebook.
In addition, it is explained there what setting options Facebook offers to protect the privacy of the Data Subject. In addition, different configuration options are made available to allow the elimination of data transmission to Facebook. These applications may be used by the Data Subject to eliminate a data transmission to Facebook.
Sekse & Partners has integrated components of the LinkedIn Corporation on this website.
With each visit to one of the individual pages of the website of Sekse & Partners into which a LinkedIn component (LinkedIn plug-ins) was integrated, the Internet browser of the Data Subject is automatically prompted to download display of the corresponding LinkedIn component from LinkedIn. An overview of all the LinkedIn Plug-ins may be accessed under https://developer.linkedin.com/plugins.
During the course of this technical procedure, LinkedIn gains knowledge of what specific sub-page of our website was visited by the Data Subject.
If the Data Subject is logged in at the same time on LinkedIn, LinkedIn detects with every visit to our website by the Data Subject—and for the entire duration of their stay on our Internet site—which specific sub-page of our Internet page was visited by the Data Subject. This information is collected through the LinkedIn component and associated with the respective LinkedIn account of the Data Subject. If the Data Subject clicks on one of the LinkedIn buttons integrated on our website, then LinkedIn assigns this information to the personal LinkedIn user account of the Data Subject and stores the Personal Data.
LinkedIn receives information via the LinkedIn component that the Data Subject has visited our website, provided that the Data Subject is logged in at LinkedIn at the time of the visit to our website. This occurs regardless of whether the person clicks on the LinkedIn button or not. If such a transmission of information to LinkedIn is not desirable for the Data Subject, then he or she may prevent this by logging off from their LinkedIn account before a visit to our website is made.
LinkedIn provides the possibility to unsubscribe from e-mail messages, SMS messages and targeted ads, as well as the ability to manage ad settings under https://www.linkedin.com/psettings/guest-controls.
THE APPLICATION AND USE OF GOOGLE ANALYTICS (WITH ANONYMIZATION FUNCTION)
We have activated the IP anonymization feature on this website. Your IP address will be shortened by Google within the European Union or European Economic Area prior to transmission to the United States. Only in exceptional cases is the full IP address sent to a Google server in the US and shortened there. Google will use this information on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity, and to provide other services regarding website activity and Internet usage for the website operator.
The IP address transmitted by your browser as part of Google Analytics will not be merged with any other data held by Google.
You can prevent these cookies being stored by selecting the appropriate settings in your browser. However, we wish to point out that doing so may mean you will not be able to enjoy the full functionality of this website. You can also prevent the data generated by cookies about your use of the website (incl. your IP address) from being passed to Google, and the Processing of these data by Google, by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
OBJECTING TO THE COLLECTION OF DATA
You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will be set to prevent your data from being collected on future visits to this site: https://tools.google.com/dlpage/gaoptout.
OUTSOURCED DATA PROCESSING
We have entered into an agreement with Google for the outsourcing of our data Processing and fully implement the strict requirements of the EU data protection authorities when using Google Analytics.
Further information and the applicable data protection provisions of Google may be retrieved under https://www.google.com/intl/en/policies/privacy/ and under http://www.google.com/analytics/terms/us.html.
Google Analytics is further explained at the following link: https://www.google.com/analytics/.
SUBSCRIPTION TO OUR NEWSLETTER(S)
If you would like to receive our newsletter, we require your name and a valid email address as well as information that allows us to verify that you are the owner of the specified email address and that you agree to receive this newsletter.
We store your IP address assigned by your Internet service provider (ISP) and used by the Data Subject at the time of the registration, as well as the date and time of the registration as a technical measure to protect our service. No additional Personal Data is collected.
We will, therefore, process your Personal Data for sending you a newsletter with your consent. You can revoke consent through the “unsubscribe” link in each newsletter. It is also possible to unsubscribe from the newsletter at any time by communicating this to the Controller in a different way. Then you will no longer receive newsletters.
The Personal Data collected as part of a registration for the newsletter will only be used to send our newsletter. We only use this Personal Data to send the requested information and do not pass it on to third parties.
The newsletter of Sekse & Partners contains so-called tracking pixels. A tracking pixel is a miniature graphic embedded in such e-mails, which are sent in HTML format to enable log file recording and analysis. This allows a statistical analysis of the success or failure of online marketing campaigns. Based on the embedded tracking pixel, Sekse & Partners may see if and when an e-mail was opened by a Data Subject, and which links in the e-mail were clicked by Data Subjects.
Such Personal Data collected in the tracking pixels contained in the newsletters are stored and analysed by the Controller in order to optimize the shipping of the newsletter, as well as to adapt the content of future newsletters even better to the interests of the Data Subject. These Personal Data will not be passed on to third parties. Data subjects are at any time entitled to object to newsletter tracking. After a revocation, this Personal Data will be deleted by Sekse & Partners.
Sekse & Partners automatically regards a withdrawal from the receipt of the newsletter as a revocation for the use of newsletter-tracking.
12. RIGHTS OF THE DATA SUBJECT
- RIGHT OF ACCESS
Each Data Subject shall have the right to obtain information about the Processing of his Personal Data and a copy of his Personal Data.
- RIGHT TO RECTIFICATION
Each Data Subject shall have the right to obtain the rectification of inaccurate Personal Data concerning him.
- RIGHT TO ERASURE (RIGHT TO BE FORGOTTEN)
Each Data Subject shall have the right to obtain the erasure of Personal Data concerning him where one of the following grounds applies:
- The Personal Data are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
- The Data Subject withdraws consent to which the Processing is based, and where there is no other legal ground for the Processing.
- The Data Subject objects to the Processing and there are no overriding legitimate grounds for the Processing.
- The Personal Data have been unlawfully processed.
- The Personal Data must be erased for compliance with a legal obligation.
- RIGHT OF RESTRICTION OF PROCESSING
Each Data Subject shall have the right to obtain restriction of Processing where one of the following applies:
- The accuracy of the Personal Data is contested by the Data Subject.
- The Processing is unlawful and the Data Subject opposes the erasure of the Personal Data and requests instead the restriction of their use instead.
- The Controller no longer needs the Personal Data for the purposes of the Processing, but they are required by the Data Subject for the establishment, exercise or defence of legal claims.
- The Data Subject has objected to Processing, pending the verification whether the legitimate grounds of the Controller override those of the Data Subject.
- RIGHT TO DATA PORTABILITY
Each Data Subject shall have the right to receive the Personal Data concerning him, which he has provided, in a machine-readable format as long as the Processing is based on consent or on a contract, and the Processing is carried out by automated means.
Furthermore, in exercising his or her right to data portability, the Data Subject shall have the right to have Personal Data transmitted directly from one Controller to another.
- RIGHT TO OBJECT
Each Data Subject shall have the right granted by the European legislator to object, on grounds relating to his or her particular situation, at any time, to Processing of Personal Data concerning him or her, which is based on point (e) or (f) of Article 6(1) of the GDPR. This also applies to profiling based on these provisions.
Sekse & Partners shall no longer process the Personal Data in the event of the objection, unless we can demonstrate compelling legitimate grounds for the Processing which override the interests, rights and freedoms of the Data Subject, or for the establishment, exercise or defence of legal claims.
If Sekse & Partners processes Personal Data for direct marketing purposes, the Data Subject shall have the right to object at any time to Processing of Personal Data concerning him or her for such marketing. See article 6 above for information.
In addition, the Data Subject has the right, on grounds relating to his or her particular situation, to object to Processing of Personal Data concerning him by Sekse & Partners for scientific or historical research purposes, or for statistical purposes.
- AUTOMATED INDIVIDUAL DECISION-MAKING, INCLUDING PROFILING
Each Data Subject shall have the right not to be subject to a decision based solely on automated Processing, including profiling, which produces legal effects concerning him, or similarly significantly affects him, as long as the decision (1) is not is necessary for entering into, or the performance of, a contract between the Data Subject and a Controller, or (2) is not authorised by Union or Member State law to which the Controller is subject and which also lays down suitable measures to safeguard the Data Subject’s rights and freedoms and legitimate interests, or (3) is not based on the Data Subject’s explicit consent.
However Sekse & Partners does not use automatic decision-making or profiling.
- RIGHT TO WITHDRAW CONSENT
Each Data Subject shall have the right to withdraw his consent to Processing of his Personal Data at any time.
13. CHANGES TO THIS STATEMENT
We may unilaterally decide to make changes to this privacy statement. However, the most recent version is available on our website at any time.
Despite everything we do to protect your privacy and comply with the relevant legislation, you may not agree with the way we collect, use and / or process your Personal Data.
Of course you can always contact us in that case, but you also have other complaints options.
You can file a complaint with us.
- by e-mail: firstname.lastname@example.org
- by letter: Sekse & Partners AS
complaint – privacy department
Ledaalsgata 1, 4008 Stavanger
If the answers are not satisfactorily, you can submit a complaint to the supervisory authority, which you can contact via the following information:
- by telephone: + 47 22 39 69 00
- by e-mail: email@example.com
- by letter: P.O. Box 458 Sentrum, NO-0105 Oslo
If you suffer damage, you can also file a claim for compensation with the competent court.
For more information regarding complaints and possibilities for redress, we invite you to consult the website of the Data Protection Authority: https://www.datatilsynet.no/.