Advokatfirmaet Berngaard AS offers legal assistance to various industries. Through our law practice, we meet various people and gain access to information that must be treated with respect and caution. We care about protecting your privacy.
This privacy policy describes how Advokatfirmaet Berngaard AS uses and processes personal data in our business, our obligations and your rights. Advokatfirmaet Berngaard AS (“Berngaard”) is the data controller.
"Personal data" means any information relating to a physical person. "Processing" of personal data means any use of personal data, whether by automated means, such as collection, structuring, storage and erasure.
Who this privacy policy applies to?
Berngaard process personal data about people who:
- are, or work for, existing, former or potential clients,
- are, or work for, existing, former or potential counterparties,
- are, or work for, our suppliers or business partners,
- are applying for a job with us, or
- get in touch with us in another way (except employees).
Advokatfirmaet Berngaard AS owns the website www.berngaard.no.
We use cookies on the website. Read more about what information is collected using our website.
Processing of personal data when providing legal assistance
Berngaard process personal data in connection with specific legal assistance assignments, to the extent necessary to provide legal assistance in accordance with an agreement with the client. Performing a legal assistance assignment includes establishing a client relationship, resolving any conflicts of interest, completing the legal assistance assignment and invoicing the client. The processed information may include information about clients, counterparties and others related to the assignment, and may include special categories of personal data (sensitive personal data).
Regarding the processing of personal data in connection with legal assignments, processing is necessary for compliance with legal obligations (for example an obligation to conduct identity checks according to the Money Laundering Act) or because the processing is necessary to carry out an agreement with the client. The privacy of data subjects is considered when assessing whether the processing is necessary to carry out the agreement with the client (in the form of a balance of interest’s test). The legal basis for processing of special categories of personal data, such as health data, is that the processing is necessary for the establishment, exercise or defence of legal claims.
Information is only disclosed to others to the extent necessary to perform the legal assignment or if there is another legal basis for such disclosure. For example, information could be disclosed to the courts, to a counterparty or to a counterparty's legal representative as part of the work on a case. We keep case documents in accordance with an agreement with the client, if there is a legal obligation to retain such information, or as long as necessary to fulfil the purpose of the processing, usually for 20 years after the case is considered closed.
Processing of personal data relating to our suppliers or business partners
We process personal data about people who are connected to our suppliers and business partners, such as names of contact persons, e-mail addresses, telephone numbers and addresses. Such personal data is processed to the extent necessary to administer a contractual relationship and/or fulfil an agreement. The privacy of data subjects is taken into account when assessing whether the processing is necessary to administer the contractual relationship and/or fulfil the agreement (in the form of a balance of interest’s test).
The personal data is processed for as long as necessary to administer and/or fulfil the agreement or if there is a legal obligation to retain such information.
Processing of personal data for marketing purposes
We process personal data about people who are connected to both existing and potential clients as well as business partners and other stakeholders for marketing purposes, including sending out newsletters, offering seminars and the like. The information processed for this purpose includes contact information such as names, e-mail addresses, telephone numbers, addresses and assessments related to possible marketing events and forms of collaboration.
The legal basis for such processing is Berngaard's legitimate interest in sending out information and marketing inquiries to stakeholders. If we use e-mail to send out marketing inquiries, this is only sent to people with whom we have an existing client relationship or to people who have given consent to receive such marketing inquiries. You can withdraw such consent by following the instructions in any e-mail inquiry.
Recruitment
We process personal data in connection with recruitment of persons for employment, office stays (e.g., students writing their master´s thesis) or the like. We process information such as name, e-mail address, telephone number, address, information from your CV, application and other provided documents, photo, diploma and our or any given references' assessments related to the applicant. The legal basis for such processing is Berngaard's legitimate interest in recruiting people to its business. If you do not get a position with us after a recruitment process, we will delete the information about you shortly, unless you have consented to further storage.
The information obtained during a recruitment process is received via our supplier CVideo AS or by e-mail. If you want to apply for a job with us, we ask you to send an application via our CVideo solution, which you will find under our "Career" tab.
Courses and seminars
We process personal data when we arrange seminars, lectures, meetings and the like. The information processed for such purposes usually includes contact information such as name, e-mail address, telephone number and employer or educational institution. The legal basis for such processing is Berngaard's legitimate interest in organizing and administering such events. Such personal data is deleted when the event is over, and it is no longer necessary to process the information.
Use of Facebook, Instagram and LinkedIn
We have our own business pages on Facebook, Instagram and LinkedIn where we share news, articles and other content. We manage these pages, including the comment and chat features.
In order to visit our Facebook, Instagram or LinkedIn page you must create a user account for that specific service, subject to separate privacy terms and terms of use.
Disclosure of personal data to others
We do not disclose personal data to others unless there is a legal basis for such disclosure. For example, we may disclose personal data to a counterparty, a court or a public administrative body in order to perform a legal assignment for a client. We will not disclose confidential information in violation of the lawyers' duty of confidentiality.
We use data processors to collect, store or otherwise process personal data on our behalf. For example, we have data processors who deliver accounting services, case processing systems and systems for IT and operations to us. In such cases, we have entered into data processing agreements to safeguard privacy and information security in all stages of the processing.
Our processing of personal data takes place mainly within the EU/EEA area. The following of our data processors/partners may process personal data outside the EU/EEA:
If processing of personal data takes place outside the EU/EEA area, we ensure that the transfer of personal data takes place in accordance with privacy regulations, for example by using the EU's standard contractual clauses. Contact us if you want more information.
About your rights
Privacy regulations provide rights related to the processing of your personal data. You can request more information about how we process information about you, by contacting us using the contact information at the bottom of the page.
You have the right to request access to your personal data. You also have the right to request that we correct any information which is inaccurate and that we complete information which is incomplete. Under certain conditions, you have the right to request erasure of your personal data. Furthermore, you may have the right to restrict our processing and to object to our processing of personal data. You also have the right to receive your personal data in a structured, commonly used and machine-readable format.
You have the right to complain about our processing of personal data to the Norwegian Data Protection Authority (Datatilsynet), but we ask you to contact us first so that we can take your objections into consideration and/or possibly resolve misunderstandings.
There may be exceptions to the rights mentioned above. If you wish to invoke your rights, you can contact us by using the contact information at the bottom of the page, and we will respond to your inquiry as soon as possible and normally within 30 days.
Changes to our privacy policy
This privacy policy is subject to change. An updated version of the privacy policy will be available on our website www.berngaard.no.
Contact information
If you have any questions regarding this privacy policy or to how we process personal data, you can contact us via:
