This privacy statement applies to any processing of personal data on dnv.com and local websites which is hereinafter referred to as the “Website”.
Personal data in this regard shall mean any information relating to an individual who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that individual.
Processing shall mean any operation which is performed on personal data, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
How we process your personal data
Personal data automatically collected when you browse the Website
When you visit the Website for informational reasons, i.e. without being registered, we will automatically gather and store certain information (e.g. device type, the browser used, the date and time of visit, pages visited).
We use such data only to assist us in providing an effective service (e.g., to adapt our website to the needs of your end user device or to allow you to log into our website). The personal data collected is necessary to provide you with the website. The legal basis for this processing activity is Article 6 (1) 1 lit. b of the European General Data Protection Regulation (“GDPR”).
Registration for and use of our services and productsWe will process personal data actively provided by you, e.g. when you register with us by setting-up a contact record, sending us requests or questions, prepare orders, or place orders or access downloads or conclude a service contract. Such personal data may contain inter alia your name, e-mail address, contact details, company affiliation, country, request and order information.
DNV collects and uses personal data only to provide you with the services you requested, to administer your contact record, identify you and to communicate with you. We also interact with you via our general enquiry sections or responding to complaints or general feedback given by you on our services or because we had or have a contract with you in place. For this, the legal basis is Article 6 (1) 1 lit. b GDPR (i.e., the processing is necessary for entering into or the performance of a contract with you).
As the case may be we may also contact you with regards to your satisfaction with our products and services and may conduct other surveys.
We use the personal data and contact data you provide by registration to inform you directly about our additional products and services. The use of your personal data for directly advertising related products and services is a legitimate interest for us as a provider of this website, Article 6 (1) 1 lit. f GDPR.
You can object to the use of your personal data for direct marketing at any time. We will then refrain from any processing to the extent it is related to such purposes. You can inform us about your objection by submitting this form - the Group Contact form.
We process your personal data as far as necessary for compliance with legal obligations to which we as the data controller are subject, in particular the applicable commercial accounting obligations and tax law requirements. The legal basis for this processing activity is Article 6 (1) 1 lit. c GDPR.
Your personal data is, in the absence of exceptions within the specific services mentioned below, retained for as long as your user account is used. If there has been no activity on your account, your personal data will be erased once the purpose has been fulfilled. Statutory storage obligations or the need for legal actions that may arise from misconduct within the services and can lead to a longer retention of your personal data. In this case, we will inform you accordingly.
Data collected from third party sources
We may also collect personal data about you such as your name and contact details for providing you with information on products and services, coming from third party resources on trade fairs and webinar vendors we are participating in.
Legal basis for this processing is Article 6 (1) 1 lit. f GDPR as it is our company group’s legitimate interest to maintain our user base, bring new users to the Website and inform (potential) users about services organized and provided by DNV.
With your email address you can subscribe to our informational e-mails that provides you with the latest news about our products and services if you consent to receiving such e-mails. The legal basis for this processing is Article 6 (1) lit. a GDPR. Your email address will be retained for as long as you are subscribed to our informational e-mails and for 36 months of inactivity thereafter.
This service is partly provided by means of a double-opt-in. Thus, you will receive an email containing a link by which you can confirm that you are the owner of the email address and wish to be notified via our email service. If your subscription is not confirmed we will not send you informational e-mails.
You can unsubscribe from this service by opting-out via the link provided in each informational e-mail.
Automated decision making
We do not use your personal data for automated decision making which produces legal effects concerning you or similarly significantly affects you.
Recipient of your personal data
Your personal data will be disclosed to the following parties:
Group internal recipient
Within the DNV company group, your personal data may be transferred to various entities of the DNV Group. DNV consists of DNV Group AS with subsidiaries (“DNV”). The legal basis for such transfer is DNV Group’s legitimate interest in the provision of a shared custom support, administration and internal IT department as well as our company group’s legitimate interest to guarantee smooth operations between our entities for the purposes set out above. Personal data may be transferred outside of the country in which it was collected for.
DNV is a Binding Corporate Rules (Controller) certified company and therewith personal data transferred to a third country outside the European Union / European Economic Area is subject to these.
Third party recipients
We engage third party companies and individuals who assist us in providing our services and products or support us with certain functions of this website. Your personal data will be shared with the following categories of third parties and partly their sub-processors:
- Hosting and content delivery network services (e.g., Oracle Norge AS)
- Billing and payment service providers
- Customer support services
The legal basis for this data transfer and processing activity is Art. 28 GDPR in conjunction with the data processing agreements we concluded with respective third party companies. Therefore, our contractors will only use your personal data to the extent necessary to perform their functions and will be contractually bound to process your personal data only on our behalf and in compliance with our requests.
We may disclose your personal data if legally entitled or required to do so (for example if required by law or by a court order). The legal basis for this processing is Art. 6 (1) 1 lit. C GDPR.
International data transfer
Within the scope of our information sharing activities set out above, your personal data may be transferred to other countries (including countries outside the European Union) which may have different data protection standards than your country of residence. Please note that data processed in a foreign country may be subject to foreign laws and accessible to foreign governments, courts, law enforcement, and regulatory agencies. However, we will endeavour to take reasonable measures to keep up an adequate level of data protection also when sharing your personal data with such countries.
In the case of a transfer outside of the European Union, this transfer is safeguarded by the EU Standard Contractual Clauses. You can find further information about the aforementioned safeguards under: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en.
We strive to keep our processing activities with respect to your personal data as limited as possible. In the absence of specific retention periods set out in this policy, your personal data will be retained only for as long as we need it to fulfil the purpose for which we have collected it and, if applicable, as long as required by statutory retention requirements.
A cookie can be classified by its lifespan and the domain to which it belongs. By lifespan, a cookie is either a:
- session cookie which is erased when the user closes the browser or
- persistent cookie which remains on the user's computer/device for a pre-defined period of time.
As for the domain to which it belongs, there are either:
- first-party cookies which are set by the web server of the visited page and share the same domain
The cookies we use allow us to see:
- The Internet domain and Internet Protocol (IP) address from which you access our Website;
- The type of Internet browser and the operating system of the computer you use to access our Website;
- The date and time you visit our Website;
- The pages you visit on our Website;
- The pages you shared on social media and to which social media network;
- If you linked to our Website from another website, the address of that website; and
If you were referred to our Website from a search engine, the address of that website and the search term you used to find us. Any data processing that occur while using cookies used for the sole purpose of carrying out the transmission of a communication and/or strictly necessary to perform the services you required is based on Article 6 (1) lit. b GDPR.
In case personal data is processed in the course of using cookies and/or similar technologies that are used for other purposes, e.g. improving our website or marketing purposes, the processing is based on Article 6 (1) lit. f GDPR and represents our legitimate interest in maintaining our user base, bringing new users to the Website and informing (potential) users about services organized and provided by DNV.
You can control and/or delete cookies as you wish – for details, see www.allaboutcookies.org. You can delete all cookies that are already on your computer and you can set most browsers to prevent them from being placed. If you do this, however, you may have to manually adjust some preferences every time you visit the Website and some services and functionalities may not work.
Furthermore, you can prevent Google’s collection and use of data (cookies and IP address) by downloading and installing the browser plug-in available under https://tools.google.com/dlpage/gaoptout?hl=en. An opt-out cookie will be set to prevent the future collection of your information when you visit this Website.
Further information can be found under https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage
You can also opt-out of personalized advertising in Google AdWords Settings. For instructions, see https://support.google.com/ads/answer/2662922?hl=en
We may from time to time use Facebook pixel. This tool helps us to understand and deliver ads through Facebook. The collected data like your IP address and browser information is processed by Facebook. Facebook may be able to connect the data with your Facebook account and use the data for their own advertising purposes.
You can learn more about Facebook Pixel under: https://www.facebook.com/business/help/651294705016616
LinkedIn Insights and Ads script
We may from time to time use LinkedIn Insights or Ads Script. Provider of this tool is the LinkedIn Corporation, 2029 Stierling Court, Mountain View, CA 94043, USA. This tool helps us to track conversions, retarget website visitors and improve our website. You can learn more about LinkedIn Insight under: https://www.linkedin.com/help/lms/answer/65521/the-linkedin-insight-tag-faqs?lang=en
We take market standard precautions to protect personal data. When our download form asks users to provide personal data, that personal data is encrypted and is protected with market standard encryption software - SSL. While on a secure page, the lock icon in the top of web browsers such as Microsoft Internet Explorer is present.
Unfortunately, no data transmission or processing can be guaranteed to be 100 % secure. Accordingly, despite our efforts to protect the personal data, DNV is not in a position to guarantee or warrant the security of the personal data.
Data subjects’ rights
You may be entitled to exercise some or all of the following rights free of charge:
a. require (i) information whether your personal data is retained and (ii) access to and/or (iii) duplicates of your personal data retained, including the purposes of the processing, the categories of data concerned, and the recipients or categories of recipients to whom the data are disclosed and where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
b. request proper rectification, removal or restriction of your personal data, e.g. because (i) of the incomplete or inaccurate nature of the personal data, (ii) it is no longer needed for the purposes for which it was collected, (iii) the consent on which the processing was based has been withdrawn, or (iv) you have taken advantage of an existing right to object to the data processing; in case your personal data is processed by third parties, we will forward your request for rectification, removal or restriction also to such third parties unless this proves impossible or involves disproportionate effort;
c. receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and to transmit those data to another controller without hindrance from our side; where technically feasible you shall have the right to have the personal data transmitted directly from us to another controller,
d. refuse to provide and – without impact to data processing activities that have taken place before such withdrawal – withdraw your consent to processing of your personal data at any time;
e.object at any time that your personal data will be used for direct marketing purposes, or – based on grounds relating to your particular situation, that your personal data shall be subject to data processing for other purposes;
f. not to be subject to any automatic individual decisions (automatic decisions based on data processing by automatic means, for the purpose of assessing several personal aspects) which produce legal effects on you or similarly significantly affect you;
g. take legal actions in relation to any breach of your rights regarding the processing of your personal data, as well as to lodge complaints before the competent data protection regulators.
Revision of the Privacy Statement
DNV may change or update the privacy statement without notice. All such changes will take effect once they have been posted on the Website. It is your responsibility to monitor such updates. The privacy statement was last updated on the date stated at the beginning of this privacy statement.
If you are concerned about use of the Data or have any questions regarding this Privacy Statement, please contact our data protection officer via firstname.lastname@example.org or by getting back to her using the same postal address as listed below. DNV regrets that only general queries about the privacy statement can be responded to via e-mail.
We wish you a pleasant, enhanced user experience at the Website!
DNV AS Group Communications