1. GENERAL TERMS AND CONDITIONS

The following Privacy Policy informs about the methods of personal data protection for users of mFinans, MultiNOR, and Moja Norwegia special websites for financial services within Norwegian institutions, hereinafter referred to as „the website” or „the portal”.

The content of the website is the property of the Data Controller and is protected by law.
In order to use the website, the user should have access to a computer or a device with software that allows browsing the web and access to the Internet. The website can be reached by the most popular Web browsers.
The Data Controller hereby declares that the website is free of content that violates third party rights or the applicable laws, in particular the content that constitutes or threatens the privacy or security of any person, provides information that promotes illegal activities or conduct that is abusive, threatening, obscene, defamatory or libellous, promotes racism or harassment on grounds of ethnic, cultural or religious identity, promotes or induces to criminal activities, violates the rights of third parties, including intellectual property rights, or constitutes another form of infringement of legally protected rights.

2. DEFINITIONS

The Data Controller processes personal data of the users (in particular the users who fill in the forms provided by the Data Controller) to the extent and scope necessary for their use of the website. Form data processed for this purpose is the data required for the provision of services. Depending on the voluntarily granted consent, the Data Controller may process the users’ data in order to send them commercial information by electronic means within the meaning of the Act of 18 July 2002 on the provision of electronic services (Polish Journal of Laws of 2002, No. 144, item 1204 as amended).

3. PROCESSING OF PERSONAL DATA

  1. We process your personal data first and foremost in order to provide consulting services related to work, residence and business in Norway. It can include verification of provided information and documents, as well as assistance related to preparation of credit inquiries in Norway. Therefore, the legal basis and the purpose for processing provided personal data is usually the execution of an agreement made with you. On that basis, we can process given information in order to provide the services requested by you, contact you in relation to their execution, as well as solve technical problems and reply to your potential problems or complaints.

  2. In addition, we may process your personal data based on the legitimate interest related to the provision of services by iLogic and our trusted partners, including:

    1. conducting research and analysis of users’ expectations and needs as well as those related to improvement and introduction of new services, also for statistical purposes,

    2. providing the user with commercial information and marketing content regarding products or services offered by us or our partners – to the extent permitted by law, including with user’s consent, using various means of communication available,

    3. adjusting advertising and marketing communication channels to user’s interests depending on the provided data, your account settings, and the content you are browsing; like many other providers, depending on your consent or browser settings, we can use cookies and other similar technologies to find out how you learned about our services or which websites you browsed before or after visiting the Portal, so that we can better understand your needs and improve our services,

    4. organisation or co-organisation of promotional campaigns or loyalty programmes with our partners,

    5. maintaining payment services and other auxiliary services from third parties, which we use to provide services for you,

    6. communication with the user for purposes other than those directly related to the conclusion of the contract,

    7. ensuring safe usage of the website and databases, enforcing terms of service, preventing frauds and abuses, and maintaining the correctness and continuity of our systems, including by creating backup copies,

    8. determine, pursue or defend iLogic’s claims and demonstrate compliance with iLogic’s obligations under the law.

  3. If we process your data on the basis of your consent – for example, in order to send commercial information – you can always withdraw consent by clicking the link in the email, changing the account settings in the customer panel or by contacting us. We may also be lawfully obliged to process your data for taxation and accounting purposes as payment for the services we provide.

  4. We will process your personal data for the period necessary to achieve the aforementioned objectives, i.e. in particular for the period we provide service, as well as after that – for the period and within the scope required by law or for the legitimate interests of iLogic’s Data Controller within the above-mentioned scope (including, in particular, pursuing and defence of iLogic’s claims), unless you request that we mutually agree that we could store your data for a longer, predefined period of time. If we process your data based on your consent, we will process it until you withdraw consent.

  5. Providing personal data is always voluntary, but some of the information is necessary for us to conclude and perform a contract for the provision of services, or for you to take advantage of other offers from us or our partners. We always mark the fields and information that is required for us to make a deal with you and execute the contract, or for performing legal obligations.

  6. Your data and the content provided by you may be made available to public authorities or our trusted partners – depending on the type of service you choose, these may include Norwegian financial institutions, credit rating agencies, as well as credit and insurance intermediaries. We can also transfer your data to partners who provide support services for us, such as customer service, payment service, professional advisors or hosting and analytical services. We do not provide our partners with any identification data, unless it is necessary to conclude or fulfil your contract (in this case, such data can be transferred to financial institutions, credit assessment agencies, credit and insurance intermediaries, or translators) or if you agree to this beforehand. We will be able to share your data with public authorities and entities performing public tasks or acting on behalf of public authorities, to the extent and for purposes that in our reasonable belief result from legal provisions.

  7. Your data will be transferred outside the European Economic Area to our service providers in countries that ensure an adequate level of protection in accordance with the decision of the European Commission, including entities based in the United States participating in the Privacy Shield programme, or on the basis of the specific contract for the processing of personal data – the so-called Standard contractual clauses for data transfers between EU and non-EU, approved by the European Commission. You will be able to obtain a copy of the transferred data by contacting us.

  8. By providing services to you on the website, we will process your data automatically, including profiling by using some of the information you share with us to analyse or predict your personal preferences, interests or needs, but we will do it only in order to personalise the usage of the website or to better adjust ads and commercial information to your needs. Therefore, it will never produce any legal effects or significantly affect your situation in a similar manner.

  9. All users whose personal data are protected on the basis of the GDPR, i.e. Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, have a number of rights resulting from the processing of their personal data, including:

    1. the right to access personal data, including the right to obtain a copy of such data,

    2. the right to request correction (rectification) of personal data – when you notice that the data is incorrect or incomplete,

    3. the right to request the deletion of personal data (the so-called „right to be forgotten”) – provided, however, that the data is no longer necessary for the purposes for which it was collected or is not otherwise processed (e.g. under the condition of removing the account) or if you object to data processing or withdraw the consent on which the processing is based and there is no other legal ground for processing, or if the data is processed illegally or must be removed in order to comply with a legal obligation,

    4. the right to request limitation of personal data processing – if you indicate that your data is incorrect, when data processing is unlawful but you do not want to delete it or when your data is no longer required, but you need it to determine, defend or pursue claims, or when you object to the processing of data – until it is determined whether the our legitimate grounds for the processing of your data take precedence over the basis of your objection,

    5. the right to transfer personal data – if the processing is carried out automatically on the basis of a contract concluded with you, or is based on your consent,

    6. the right to object to the processing of personal data, including profiling – if we process your data based on a legitimate interest and the opposition is justified by your special situation, or when we process your data for direct marketing purposes and profile your data for marketing purposes.

  10. All requests regarding the above rights can be submitted in writing or sent by e-mail to the iLogic’s addresses indicated above. We will do our best to respond to your requests promptly, no later than one month after we have received them, unless they prove to be numerous or complicated. All requests are free of charge, but should they be found evidently unreasonable or excessive, we will be able to charge a reasonable fee, including communication fees or costs related to the performance of the requested actions, as well as to refuse to take action on the request.

  11. If you believe that iLogic has violated the law by processing your personal data, please write to us at the following e-mail address: epost@multinor.no. You also have the right to lodge a complaint to the supervisory body, that is, in Poland, starting from May 25, 2018, the President of the Office of Personal Data Protection (Prezes Urzędu Ochrony Danych Osobowych).

4. ACCESS TO THIRD PARTY DATA

The personal data collected by the Data Controller is directly accessible only to authorised employees or Data Controller associates, as well as other authorised personnel who provide service support to the website and have been granted appropriate power of attorney.
Personal data may also be disclosed to entities authorised to receive such data under the applicable laws, in particular to the competent national authorities.

5. SECURITY AND PROTECTION OF PERSONAL DATA

The Data Controller declares that personal data of users are processed on the basis of the GDPR, i.e. Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and that the technical and organisational measures ensuring data protection adequate to the possible threats and specific categories of the protected data are applied, in particular protection of users’ personal data against disclosure to unauthorised third parties, loss or damage.

6. USE OF COOKIES

The Data Controller makes use of cookies and other technologies for the following purposes:

  • Website configuration

    • adjusting the content of the website to the user’s preferences and optimising the use of the website,

    • recognition of the user’s device and its location, as well as displaying the website per user’s individual needs,

    • remembering the settings selected by the user and personalising the user interface,

    • remembering the history of visited pages on the website in order to recommend relevant content,

    • font size, website appearance, etc.

  • User authentication on the website and providing user sessions

    • maintenance of the website user’s session (after logging in) to allow the user to access the website without re-typing their login and password,

    • correct configuration of selected website functions, allowing, in particular, the verification of authenticity of the browser session,

    • to optimise and improve the performance of services provided by the Data Controller

  • Implementation of processes necessary for the full functionality of the websites

    • adjusting the content of the website to the user’s preferences and optimising the use of the website. In particular, these files allow us to understand the basic parameters of the user’s device and to properly display the webpage tailored to the individual needs.

  • Remembering the user’s location

    • correct configuration of the selected functions of the website, allowing, in particular, the adjustment of the information provided to the user, taking into account their location.

  • Analysis and testing, as well as internet audience measurement

    • to create anonymous statistics to help us understand how the users utilise the website, which can improve its structure and content.

  • Ensure the safety and reliability of the website.

The Data Controller makes use of external cookies and other technologies for the following purposes:

  • presenting multimedia content downloaded from external websites (including vimeo.com, youtube.com, wrzuta.pl)

  • collecting general and anonymous statistical data via analytical tools (including Google Analytics)

  • presenting ads tailored to the user’s preferences by using an online advertising tool.

In accordance with the applicable provisions of the Act of 16 July 2004 Telecommunications Law (Polish Journal of Laws No. 171, item 1800 as amended) the user has the right to decide on the scope of the access cookies files have to their computer, by selecting appropriate files in the browser window. How to manage cookies – instructions from web browser manufacturers:

  • Mozilla Firefox: http://support.mozilla.org/pl/kb/ciasteczka

  • Internet Explorer: http://support.microsoft.com/kb/278835/pl

  • Google Chrome: http://support.google.com/chrome/bin/answer.py?hl=pl&answer=95647

  • Safari: http://safari.helpmax.net/pl/oszczedzanie-czasu/blokowanie-zawartosci/

  • Opera: http://help.opera.com/Linux/9.22/pl/cookies.html

7. EXEMPTION OF RESPONSIBILITY

This Privacy Policy does not include any information regarding services or goods (other than those in possession of Data Controller), which have been placed on the website with commercial purposes, on the basis of reciprocity or with no commercial intent.

The Data Controller is not responsible for the user’s acts or omissions that are the sources of how the Data Controller processes the personal data provided by the users, in the manner specified in this Privacy Policy.
The Data Controller reserves the right to introduce changes, withdrawals or modifications of the website functions or properties, as well as to cease operations, transfer rights to the website, and perform legal actions permitted by the applicable laws. All actions performed by the Data Controller may not violate the user’s rights.

8. CONTACT WITH THE DATA CONTROLLER

Any additional inquiries related to the Privacy Policy should be sent to Data Controller, as specified in Section 1.

9. AMENDMENTS TO THE PRIVACY POLICY

The Data Controller reserves the right to make changes to the Privacy Policy.

The date specified below is the date of application of the latest version of this Privacy Policy.

01.08.2019