Privacy Policy for Nordlys Renhold AS

This privacy policy explains how Nordlys Renhold AS collects, uses, stores, shares, and protects personal data when providing cleaning services and operating its business. It applies to customers, prospective customers, website visitors, business contacts, and other individuals whose personal data is processed by Nordlys Renhold AS.

1. Introduction and company information

Nordlys Renhold AS is the data controller for the processing of personal data described in this privacy policy.

Company name: Nordlys Renhold AS
Address: Storgata 12, 0184 Oslo, Norway
Email: [email protected]
Phone: +47 23 89 47 16

As a cleaning company, Nordlys Renhold AS may process personal data in connection with quotations, customer management, service delivery, invoicing, communication, complaints, and compliance with legal obligations.

2. Data collection and processing

Nordlys Renhold AS may collect and process the following categories of personal data:

• Identification data: name, contact details, company name, job title, and address.
• Communication data: emails, phone calls, messages, and other correspondence.
• Customer and service data: service requests, booking details, preferences, instructions, access information necessary for service delivery, and service history.
• Billing and payment data: invoice details, payment status, and accounting records.
• Technical data: IP address, device information, browser information, and usage data if you visit our website.
• Other data provided voluntarily: information you choose to share with us in connection with our services.

We normally collect personal data directly from you, but we may also receive data from business partners, public sources, or third parties where this is necessary for the provision of our services or for legal compliance.

3. Purpose of data processing

Nordlys Renhold AS processes personal data for the following purposes:

• to respond to inquiries and provide quotations;
• to enter into and perform customer agreements;
• to deliver cleaning services at private, commercial, or other premises;
• to manage bookings, schedules, and service coordination;
• to communicate with customers and business contacts;
• to issue invoices, handle payments, and maintain accounting records;
• to handle complaints, claims, and customer support;
• to comply with legal obligations, including accounting and tax requirements;
• to improve our services, operations, and customer experience;
• to maintain security, prevent misuse, and protect our rights and property.

4. Legal basis for processing

Nordlys Renhold AS processes personal data only where there is a valid legal basis under applicable privacy laws. Depending on the context, the legal basis may be:

• Performance of a contract: when processing is necessary to provide requested services or fulfill an agreement with you.
• Legitimate interests: when processing is necessary for our legitimate business interests, such as customer administration, service improvement, security, and communication, provided that your interests and rights do not override those interests.
• Consent: where you have given clear consent for a specific purpose, such as certain marketing activities or optional communications.
• Legal obligation: when processing is required to comply with applicable laws, including accounting, tax, and record-keeping obligations.

5. Data sharing and third parties

Nordlys Renhold AS may share personal data with third parties only when necessary and in accordance with applicable law. Such third parties may include:

• IT and hosting providers;
• accounting, bookkeeping, and payroll service providers;
• payment service providers and banks;
• professional advisors, including lawyers and auditors;
• subcontractors or service partners involved in delivering cleaning services;
• public authorities where disclosure is required by law.

Where third parties process personal data on our behalf, they act as data processors and are bound by appropriate contractual and security obligations.

6. Data transfer to third countries

Nordlys Renhold AS aims to process personal data within Norway and the EEA whenever possible. If personal data is transferred to a country outside the EEA, we will ensure that appropriate safeguards are in place in accordance with applicable privacy laws. These safeguards may include:

• an adequacy decision by the relevant authority;
• standard contractual clauses;
• additional technical and organizational measures where necessary.

You may contact us for more information about such transfers and the safeguards used.

7. Storage duration

Nordlys Renhold AS retains personal data only for as long as necessary for the purposes for which it was collected, or as long as required by law.

• Customer and service records: kept for the duration of the customer relationship and for a reasonable period thereafter.
• Accounting and invoice data: retained for the period required by applicable accounting and tax laws.
• Communication and support records: kept as long as needed to handle the inquiry or dispute.
• Consent-based data: retained until consent is withdrawn, unless another legal basis applies.

When personal data is no longer needed, it will be deleted or anonymized in a secure manner.

8. User rights

Subject to applicable law, you may have the following rights regarding your personal data processed by Nordlys Renhold AS:

• Access: to request confirmation of whether we process your personal data and to receive a copy of it.
• Rectification: to request correction of inaccurate or incomplete data.
• Erasure: to request deletion of your data in certain circumstances.
• Restriction: to request that processing be limited in certain situations.
• Data portability: to receive certain data in a structured, commonly used, machine-readable format and, where technically feasible, to have it transferred to another controller.
• Objection: to object to processing based on legitimate interests or to direct marketing, where applicable.

To exercise your rights, please contact us using the details provided below. We may need to verify your identity before responding to your request.

9. Withdrawal of consent

Where processing is based on your consent, you may withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing carried out before the withdrawal.

If you withdraw consent, Nordlys Renhold AS will stop the relevant processing unless another legal basis applies or we are legally required to continue processing.

10. Right to complain

If you believe that Nordlys Renhold AS has processed your personal data in violation of applicable privacy laws, you have the right to lodge a complaint with the relevant supervisory authority. In Norway, this is the Norwegian Data Protection Authority (Datatilsynet).

We encourage you to contact us first so that we can try to resolve your concern directly.

11. Data security

Nordlys Renhold AS takes appropriate technical and organizational measures to protect personal data against unauthorized access, loss, misuse, alteration, or disclosure. These measures may include:

• access controls and user permissions;
• secure storage and encrypted communication where appropriate;
• staff confidentiality obligations and training;
• regular review of internal procedures and security practices;
• use of trusted service providers with appropriate safeguards.

While we strive to protect personal data, no method of transmission or storage is completely secure. We therefore cannot guarantee absolute security.

12. Contact information

If you have questions about this privacy policy or how Nordlys Renhold AS processes personal data, please contact us:

Nordlys Renhold AS
Storgata 12, 0184 Oslo, Norway
Email: [email protected]
Phone: +47 23 89 47 16

13. Changes to privacy policy

Nordlys Renhold AS may update this privacy policy from time to time to reflect changes in our practices, services, or legal requirements. The updated version will be published when appropriate, and the date of the latest revision may be indicated if required.

We encourage you to review this privacy policy periodically to stay informed about how we process personal data.