Privacy policy
We are committed to protecting your personal information, and we strive to be fully responsible and transparent in relation to the collection and use of information on our website. We will now present our Privacy Statement and Statement on Cookies (hereinafter – the “Statements”), where you will find our rules and principles for the protection of personal data.
These guidelines apply when you visit the website of LHM Gruppen (hereinafter – “the Company”), register for meetings or conversations, submit an inquiry or job application, and when the Company sends out newsletters. We process personal data in accordance with the European Union’s Personal Data Protection Regulation 2016/679, the Personal Data Act and the instructions from the supervisory authorities.
If you have any questions about our Statements, please contact us at this email address: marketing@lhmmountainhomes.com
PRIVACY STATEMENT AND STATEMENT ON INFORMATION CAPSULES
The company’s processing of personal data.
In order to ensure transparency and responsible processing of personal data, we ensure that the Company processes personal data for the following purposes:
Direct marketing, including newsletters and feedback forms;
What personal data is collected?
The company collects and processes the following categories of personal data:
Basic information, necessary for direct marketing: name, surname, address and contact details;
Necessary information for the sale of products: order details and information necessary for inquiries about production or invoicing, etc.;
Additional information, collected with your consent; the purpose of the collection will be described in detail. This information will also be processed in accordance with the standards in the Declaration.
What is the processing basis for collecting your personal data?
The Company can only collect your personal data in accordance with the basis of processing to enter into and complete a contract, either when you yourself enter into a sales contract with the Company, or if you request information about a possible agreement. The company may also process information as part of legal customer communication, such as sending feedback forms, newsletters and new information about products and services. With another processing basis, the Company may process your personal data with your consent, so that the Company can offer direct marketing via individual offers, or to carry out individual customer analyses. The company may also process your personal data in connection with legal obligations, such as to fulfill the requirements of the legislation, respond to legitimate inquiries from state or local authorities, or other lawful reasons for legal processing.
Information cookies
The information collected through the cookies enables us to provide you with a user-friendly website and attractive offers, while also providing us with useful information about the behavior of visitors to our website so that we can analyze trends and improve the website, our customer service and The company’s services.
We also use cookies to record whether you have accepted the use of cookies on the Company’s website, so that you do not have to answer this question every time you visit the website.
The Company’s employees have access to the statistics on visitors to the Company’s website, and are responsible for data analysis and improvement of the website. The company’s official representatives, as indicated on our website, are responsible for our production, sales and development, as well as providing website content management tools.
Visit www.allaboutcookies.org, or use your browser’s help function, to learn more about cookies and how to manage or remove them.
How do I manage my cookies?
On the Company’s website, you can choose whether you want to use cookies. You can manage and/or delete cookies according to your preferences. In your browser settings (Internet Explorer, Safari, Firefox, Chrome, etc.), you can choose which cookies you want to accept or reject. You can delete all cookies that are already on your computer, in most browsers you can choose not to save cookies. Where these settings are selected depends on which browser you use.
In most browsers you can do the following:
check which cookies are stored and delete individual cookies;
block cookies from third parties;
block cookies from specific websites;
block all storage of cookies;
delete all cookies when the browser is closed.
If you do not agree to save cookies on your computer or other device, you can withdraw your consent at any time by changing your settings and deleting the saved cookies
one. If you have chosen to delete cookies, remember that this will delete all settings that you have chosen previously. In addition, many websites (including the XTrapp website) will not function correctly when cookies are blocked completely. For this reason, we do not recommend disabling cookies when using the Company’s website.
Visit www.allaboutcookies.org, or use your browser’s help function, to learn more about cookies and how to manage or remove them.
SECURITY OF PERSONAL INFORMATION
Your personal data is processed in a responsible and secure manner, in accordance with the Personal Data Act, EU regulations (GDPR) and other applicable laws (if any). In connection with the processing of information, and when we use tools for the processing of personal data, we implement appropriate legal, technical and organizational protection measures to protect your personal data from unauthorized processing.
The Company’s employees and official representatives, as indicated on our website, do not allow third parties to disclose or disseminate information about the Company’s customers, including visitors to the Company’s website, in the workplace.
In connection with the processing of personal data, security measures are determined based on the possible risk that may arise.
YOUR RIGHTS AND OTHER IMPORTANT INFORMATION
You have the right to:
Receive information about your personal data that is processed by LHM Gruppen, including where and how the personal data is collected and how the Company processes it;
Correct or update the information in your personal data; and/or terminate the processing of such information, if you are aware that the information is incorrect, incomplete or inaccurate;
Delete personal data or terminate the processing of such personal data, if you are aware that access to personal data was granted illegally or fraudulently, or if redundant personal data is processed, or there has been another breach of relevant laws and regulations related to the processing of personal data.
Receive a copy of the personal data the Company has stored, in a machine-readable format, and either forward this information to another controller, or ask the Company to transfer such data directly to another controller, when technically possible (the right to data portability).
If you have any questions or complaints in connection with your rights related to our use of your personal data, you can contact marketing@lhmmountainhomes.com. We will always try to solve such problems quickly and directly, however you can also contact the Norwegian Data Protection Authority if you are not satisfied with our answer.
How will I be notified of changes to this statement?
When we update this LHM Gruppen privacy and cookie statement, we will post a notice on the website www.lhmmountainhomes.com to inform you of major changes.
Rules for processing personal data
Basic concepts
1.1. The company – LHM Gruppen AS, owner of the LHM Gruppen brand, founded in accordance with Norwegian law, with office at Fossvegen 5, 2634 Fåvang in Ringebu municipality, organization no. 918 659 552, data about which is registered and stored in the Register of Legal Entities.
1.2. The registered person – a natural person, whose personal data is processed by the Company.
1.3. Personal data – any information related to a natural person – the data subject.
1.4.Processing of personal data – any action related to the use of personal data: collection, registration, storage, classification, grouping, compilation, modification (addition or change), distribution, publication, use, logical and/or arithmetic operations, search, dissemination, deletion or any other action or combination of actions.
1.5. Automatic processing – actions, fully or partially performed automatically.
1.6. Employee – the person who has entered into an employment agreement or similar agreement with the Company, and who has been designated by the Company’s management to be responsible for processing personal data.
1.7. Official Representative – a business entity or individual, listed at www.lhmmountainhomes.com, designated by the Company to represent the Company’s sales and product development interests.
1.8. Management – a legal or natural person, authorized by the Company to process personal data. Manager(s) (if any) must be registered with the appropriate authorities.
1.9. Data recipient – the legal or natural person who receives personal data. Data recipient(s) (if any) must be registered with the appropriate authorities.
1.10. Cookies – small text files, which are sent to the device of all persons who visit the website; these text files are associated with the website and temporarily stored on the device. During a person’s next visit to the website, the browser will read the cookies
and transmit information back to the website. The information collected by the site with cookies helps to customize the site’s content according to the visitor’s interests, by helping to identify visitors to the site and to store the history of the visit.
General provisions
2.1. This document regulates the actions of the Company and its employees, official representatives in relation to the processing of personal data, and the Company’s use of automatic processing of personal data. It also defines the rights of the data subject, risk factors in relation to the protection of personal data, protective measures in relation to personal data and other matters related to the processing of personal data.
2.2. Personal data must be accurate, expedient and must only be collected and processed if it is necessary for the Company’s requirements for the processing of personal data. All personal data that is necessary for the processing of personal data is continuously updated.
2.3. The purpose of processing personal data – direct marketing and other legal purposes, defined in advance of the collection of information.
2.4. The company processes, for purposes as described in section 2.3 of the Rules, the following personal data about the data subject:
(a) name;
(b) surname;
(c) email;
(d) telephone number;
(e) residential address.
2.5. The processing of personal data is regulated by the Personal Data Act and relevant laws and ordinances dealing with the processing and protection of personal data, in addition to these Rules.
Processing of personal data
3.1. The company processes personal data for the following purposes:
direct marketing, including newsletters and feedback forms;
internal administration.
3.2. The company collects and processes the following categories of personal data:
(a) the basic information necessary for the purposes described above: name, first name and contact information;
(b) information necessary in connection with the sale of goods: order details, invoices, information about payments, etc.;
(c) other information, which is described in detail when requested, and which is only collected with your consent.
3.3. Personal data is processed manually and without automation, using the Company’s systems for processing personal data.
3.4. Only employees, official representatives and managers have the right to process personal data. All employees/official representatives/managers, who are assigned to process personal data, must keep the data confidential and act in accordance with the requirements of the legislation for the protection of personal data.
3.5. An employee/official representative/manager must:
(a) maintain the confidentiality of personal data;
(b) process personal data in accordance with the Personal Data Act and associated regulations;
(c) not publish the personal data, transfer or make it available in any way to any person who is not authorized to process it;
(d) immediately notify the company’s manager, or the person designated by the company’s manager, of any suspicious situation that may jeopardize the security of personal data.
3.6. The employees/official representatives, who process personal data automatically or have access to the local network, where personal data is stored, must use a password. The passwords must be changed regularly, as well as in selected circumstances (for example, when an employee terminates his employment or if it is possible that the password has been disclosed to third parties, etc.). An employee/official representative only knows their own password.
3.7. The person responsible for the maintenance of computer equipment must ensure that files with personal data are not “shared” from other computers and that anti-virus programs are updated regularly.
3.8. The protection of personal data is organised, guaranteed and carried out by the Company’s management, or an employee designated by this.
3.9. An employee no longer has the right to process personal data when the employment contract with the Company has expired, or when the Company’s manager withdraws the employee’s right to process personal data.
3.10. An official representative does not have the right to process personal data when the cooperation agreement with the Company is terminated, or if the Company’s manager withdraws the official representative’s right to process personal data.
3.12. The company manager loses the right to process personal data when the manager’s contract with the company ends.
Information on the Company’s website (www.lhmmountainhomes.com):
(a) By administering the website and diagnosing problems on LHM Group’s server, we may use the IP addresses of visitors’ devices. IP address – a unique network code, identifies a computer. It can be used to create a visitor and collect various demographic information;
(b) By
use cookies, we collect information about the use of the service. Information about cookies, types of cookies and use is given in the fifth paragraph of the Rules (see below);
(c) You submit information by submitting contact forms, warranty services, job applications and requests for a meeting or conversation via the LHM Group’s website. We collect the basic information, which is necessary to identify the user, that you have provided, i.e. name, surname, e-mail, residential address, etc.
Use of cookies:
(a) Technical cookies: ensure the website’s functionality, by creating a user account and login to manage the data subject’s orders. These technical cookies are necessary for the website to function properly.
(b) Functional cookies: help to remember the wishes of the data subject and provide efficient use of the website. For example, these cookies will remember information such as your preferred language, login details, searches and previously visited products. These functional cookies are not necessary, but they add functionality and improve the data subject’s experience on the website.
(c) Analytical cookies: offer insight into how visitors use the website, so that this information can be used to optimize and improve the website, and choose the most effective ways to market and communicate.
(d) Commercial cookies: Company and third-party cookies are created to display customized marketing on our own website and other websites, based on online actions, such as products viewed or searched for by the data subject.
(e) The tool “Google Analytics” is made available by the American company “Google Inc.”, so that it also has access to the statistics collected with the tool. “Google Inc.” is obliged to use the privacy agreement between the EU and the USA, which ensures that the service provider follows the privacy standards of the EU. This supplier is also covered by contractual obligations in relation to privacy. You can read about this here.
Handling of the data subject’s rights
6.1. By submitting a personal identification document to the Company, the data subject has the right to receive information about the sources of information and information about collected personal data, such as how it is processed and made available. The registered person can submit a written request via either letter or e-mail for the Company to grant access to personal data.
6.2. Upon receipt of an inquiry from the data subject regarding processing of the data subject’s personal data, the Company is responsible for sending the requested information to the data subject within 30 calendar days from the date of the data subject’s inquiry. Upon request from the data subject, such information shall be made available via the postal address or via the e-mail address.
6.3. As the data subject, you can request correction or deletion of personal data, or ask to end the processing of your personal data, by sending a written request to the Company via letter or e-mail. Upon receipt of such an inquiry, the Company immediately verifies the personal data and will without delay correct incorrect, incomplete, inaccurate personal data in accordance with the data subject’s wishes.
6.4. The company immediately informs the data subject of the correction, deletion or removal of personal data in accordance with the request
6.5. The company also ensures all other rights, guarantees and other interests of the data subject, which are guaranteed by the Personal Data Act and other relevant legal provisions (if any).
Transfer of personal data
7.1. Personal data can only be made available to data providers when the Company has signed the associated agreements on the transfer/sharing of personal data; the security measures must ensure adequate protection of the personal data that is transferred. Personal data may also be transferred to third parties in other cases, as described in the Personal Data Act and other relevant legal provisions (if any).
7.2. The Company does not use, and does not disclose, any sensitive personal information, such as health information, ethnicity, religious beliefs or political opinions, without the explicit consent of the data subject, unless required or permitted by law.
7.3. Personal data may also be transferred to third parties in other cases, as described in the Personal Data Act and other relevant legal provisions (if any).
Risk factors for the protection of personal data
8.1. A breach of personal data security – an act or omission that may result in an undesirable result, in addition to a breach of mandatory requirements in the laws governing personal data security. The protection of personal data, a
the seriousness of the damage caused by the deviation or the consequences in each individual case must be assessed by a group, set up by the Company’s manager or the person appointed by him.
8.2. Risk factors for the protection of personal data:
(a) accidental events, when there is a breach of personal data security due to random causes (errors in data processing, data storage, deletion of information, errors in distribution (addresses) during data transmission, etc., or system interruptions due to power cuts, computer viruses, etc., violation of internal procedures, lack of system maintenance, software tests, insufficient maintenance of data transmission, insufficient line capacity and protection, network integration of computers, protection of computer programs, lack of fax equipment, etc.);
(b) intentional breach of personal data security (unauthorized intrusion into the Company’s/official representatives’ premises, storage media for personal data, information systems, computer networks, malicious access to personal data, proven spread of computer viruses, theft of personal data, illegal use of another employee’s access, etc.);
(c) unexpected unintended events (lightning and thunder, fire, flood, storm, electrical problems, consequences of changes in temperature and humidity, influence from dust, dirt and magnetic fields, accidental technical accidents, other unavoidable and/or uncontrollable factors, etc .).
Implementation of measures for the protection of personal data
9.1. To ensure the protection of personal data, the Company implements – or intends to implement – the following measures for the protection of personal data:
(a) administrative (arrangement for secure documents, computer data and associated archives, in addition to the organization of work within different areas of activity, introduction to personal data security for employees, in the workplace, after termination of employment or similar conditions, etc.);
(b) technical security and software security (administration of servers, information systems and databases, maintenance of workplaces, maintenance of the Company’s premises, protection of operating systems, protection against computer viruses, etc.);
(c) communications and computer networks (firewalls, sharing of data, programs, unwanted data packets, etc.).
9.2. Technical tools and software tools for the protection of personal data must ensure the following:
(a) installation of operating system and database copies, copying techniques and compliance checks;
(b) continuous processing technology;
(c) a strategy for updating systems in the event of unexpected events (surprise management);
(d) physical (logical) separation of the environment for program testing from the operational processes;
(e) authorized use of data, and maintenance of data integrity.
9.3. All employees/official representatives, who have the right to process personal data or to facilitate and enforce their protection, must strictly follow the requirements of the measures for the protection of personal data and associated rules, instructions or procedures, established by the Company.
Terms for processing personal data
10.1. For the purpose of registering a meeting or conversation – first name, last name, e-mail address, telephone and residential address. This personal data is processed with your consent and stored for 10 (ten) years after your last visit to our website, for marketing and quality assurance purposes.
10.2. With the purpose of entering into and fulfilling the contract – name, surname, e-mail address, telephone number, delivery address, payment details for the product / service (bank account number, payment method, etc.), purchase history (purchased goods, price, etc.), other information related to the conclusion and the delivery of the contract or offer. This personal data is processed on the basis of the necessity to fulfill the contract concluded with you, or to ensure the efficiency of the process and high quality of customer service for possible contracts, and is stored for 10 (ten) years from the date of your last purchase and/ or from the date of your last inquiry relating to entering into a possible contract.
10.3. For the purpose of offering warranty services – name, surname, e-mail address, telephone number, home address, purchase history (purchased goods, order number, etc.), other information related to identification of the subject for warranty service. This personal data is processed based on the necessity of fulfilling the contract concluded with you, and is stored for 10 (ten) years from the date of the completed contract.
10.4. With the aim of creating a network of official representatives – first name, last name, e-mail address, telephone, street address. This personal data is processed with your consent and stored for 10 (ten) years after your application has been completed and sent to us.
10.5. When personal data must no longer be processed, they are deleted, except as stated by law, which must be transferred to government archives.
10.6. Information for direct and indirect
te marketing campaigns are stored by the Company only as long as necessary for the intended purpose of the data processing, legislation or the data subject. In the event of an inquiry from the data subject, the Company deletes all information belonging to the data subject, which is not necessary to store in accordance with legal requirements.
Responsibility
11.1. The employee/official representative, who breaks the Personal Data Act, other laws that regulate the processing and protection of personal data, or these rules, are responsible for the reactions provided by law.
Final provisions
12.1. Compliance with the rules, and if necessary an audit, is cleared with the Company’s manager or his designated person.
12.2. Responsible employees/official representatives confirm the rules by signing.
LHG Group – November, 2022