Kongsberg Gruppen ASA, Kirkegårdsveien 45, 3601 Kongsberg is the controller of the personal data processed when you use the kongsberg.com website and may be contacted if you have any questions relating to this Privacy Statement.
KONGSBERG consists of the three business areas Kongsberg Maritime, Kongsberg Digital and Kongsberg Defence & Aerospace. Websites and services within these business areas may have additional or more specific privacy statements.
KONGSBERG has adopted binding corporate rules (“the KONGSBERG BCR”). The KONGSBERG BCR provide KONGSBERG with a legal basis for transferring personal data from group companies established within the EEA to group companies established outside the EEA. The KONGSBERG BCR have been approved by the Norwegian and other relevant data protection authorities and is an important mean to demonstrate compliance with the EU General Data Protection Regulation 2016/679 (“GDPR”). For more information about the KONGBSERG’s BCR and group companies bound by the BCR, please see the public version of the KONGSBERG BCR. This public version of the BCR was last updated 2 September 2019.
Kongsberg.com is the general website for KONGSBERG. When you visit the website, we collect data through cookies as described in section 4 below. The data we collect through cookies consists of data relating to your device, IP-address and your use of the website. We use the data collected through cookies for the purposes of offering you the best user experience and for improving the website content by tracking usage patterns and recording preferences. See further information in section 4 below on how to accept and reject cookies by adjusting the settings in your browser.
When you subscribe to receive a newsletter, we collect your e-mail address in order to be able to send you the requested newsletter. The purpose of the newsletter is to provide you with news, press releases and other relevant information from KONGSBERG. In order to subscribe, you must provide your consent prior to receiving the newsletter. Your consent is the legal basis for processing your e-mail address. You can withdraw your consent to stop receiving newsletters from us at any time by following the unsubscribe instructions at the bottom of the newsletter that you receive.
When you contact us, for example for media, investor or finance relations, or for website feedback, we can collect personal data about you. The personal data can concern your name, e-mail address and other information you wish to provide us with to respond to your comment or enquiry. If you register to one of our events, we can collect information about your name, contact information and, if applicable, dietary preferences or similar information.
The legal basis for this processing is that the processing is necessary for fulfilling a contract with you or for taking steps prior to entering into contract, or that it is in our legitimate interest to meet your request and to improve our business and services and these interests are not overridden by your rights to data protection.
When you apply for a job through the website, we use a job application portal operated by an external service provider on our behalf, for processing and handling your job application. When you apply for a job, we collect your name, contact information, CV, education level, competencies and skills, career and work experiences. If relevant, you may also provide us with social security number, job certificates, references and other relevant background information.
We use this information in order to determine your eligibility for the job that you apply for by assessing whether you are the ideal candidate for the position in question.
With your consent, we may also retain your data for the purposes of identifying you as a potential candidate for future suitable vacancies and/or to inform you of future suitable vacancies. If there are no suitable jobs listed on our website, you can also upload your CV to our job application portal for future opportunities. Your candidate profile will be visible to our recruiters and we will contact you should a suitable vacancy arise.
The legal basis for processing and storing your job application, CV and related information is your consent and that the processing is necessary in order to take steps at your request prior to entering into a contract. You can withdraw your consent or update your information at any time through the job application portal or by contacting us at firstname.lastname@example.org
We provide a whistleblowing channel operated by an external service provider. If you submit a report through our whistleblowing channel. You can choose to provide KONGSBERG with your name, phone number and email. If you choose not to provide this information, KONGBERG will not be able to contact you directly.
When you file a report, you will be able to establish a secure mailbox. When you create this mailbox, you will be assigned a case number and be given the option to choose your own password for accessing and following your case. Once you have reported an issue, you have the option to continue communication regarding the case even if you have chosen to stay anonymous. Regardless of whether or not you wish to remain anonymous, we recommend that you open a mailbox, to ensure that communication regarding further investigation of the reported incident is safe and secure.
The legal basis for processing the personal data you submit through the whistleblowing channel is that the processing is necessary for KONGSBERG’s legitimate interest of enabling all employees of KONGSBERG, business partners and stakeholders to report any serious concerns or offenses in a confidential manner.
To the extent that the processing relates to sensitive personal data, the legal basis for such processing is that it is necessary for the purposes of carrying out the obligations and exercising the specific rights of KONGSBERG in the field of employment and social security and social protection law, or that the processing is necessary for the establishment, exercise or defence of legal claims.
KONGSBERG processes business-related data on customers, suppliers and partners, and their employees, to support and manage customer, supplier or partner relationships (internal/external), to provide products and services to third parties, for business operation and protection of business interests and security (e.g. information security, logging, conduction of audits and controls, surveys, analysis, reports and managing of daily operations and transactions/possible transactions involving KONGSBERG). The legal basis for this processing is KONGSBERG’s legitimate business interests in ensuring good management of and support for customers, suppliers, partners and third parties, to comply with legal obligations and in some occasions consent.
KONGSBERG collects personal information concerning our business partners and their employees and visitors at our premises for the purposes of e.g. due diligence against anti-corruption and export control legislation.
Due Diligence of business partners (including self-assessment and background check) and processing of security clearance applications. We collect personal data concerning visitors to be able to process requests for visits on our premises. Such personal data can include name, gender, age, roles in companies and information available in public available sources. The legal basis for processing this information is KONGSBERG’s legal obligations, including under the Security Act, and our legitimate interests in maintaining secure premises, facilities, services, equipment and processes.
KONGSBERG processes personal data in connection with video surveillance of KONGSBERG premises and recording of activity logs including Visitor registration. This includes personal data registered in CCTV recordings and access logs. The purpose of this processing is to support and manage safeguarding against illegal or unauthorized access to areas, buildings or rooms or to support the control of equipment and/or production processes, and the legal basis for the processing is KONGSBERG’s legitimate interests in maintaining secure premises, facilities, services, equipment and processes.
KONGSBERG may process personal data necessary to comply with legal obligations, for example tax and accounting information and information relating to legal proceedings. The purpose and legal basis for this processing is KONGSBERG’s legal obligations and KONGSBERG’s legitimate interests in the establishment, exercise or defence of legal claims.
We may share your personal data within KONGSBERG when necessary to fulfil a request from you or for entering into an employment contract with you or in other circumstances where sharing is necessary in order to meet your inquiry. Any sharing of personal data within KONGSBERG is subject to the KONGBERG BCR, which are binding upon all KONGSBERG group companies. For more information, please see the public version of the KONGSBERG BCR.
We do not share your personal data with third parties except where such sharing is necessary to provide services. We use external third-party service providers for example for operating the job application portal (see section 1.4) and the whistleblowing channel (see section 1.5), for website hosting, for processing transactions and for performing statistical analysis of our services. We will only share your personal data with the service providers to the extent it is necessary for them to deliver the services.
In the event that we sell or buy any business or asset, we may disclose your personal data to such prospective buyers or sellers. Moreover, KONGSBERG may share your personal data with public authorities or governments if required by mandatory law.
The Kongsberg BCR provides a legal basis for transfer of personal data from group companies within the EEA to group companies outside the EEA. For more information about the KONGBSERG’s BCR and group companies bound by the BCR, please see the public version of the KONGSBERG BCR.
KONGSBERG will not transfer personal data to a third country outside of the EEA that does not provide adequate protection of personal data unless appropriate safeguards are adduced or the transfer otherwise takes place in accordance with applicable data protection legislation. Examples of such safeguards are Binding Corporate Rules or EU Standard Contractual Clauses.
About browser cookies
A browser cookie is a small data file transmitting information to the user’s browser, with as purpose to authenticate or identify the user. A cookie cannot collect information from the user’s computer or carry any viruses.
Cookies are normally stored on your PC and may contain information such as registration data, user preferences and enabling basic website functionalities. When a server receives a request from a browser that has a cookie, the server is then able to use the information stored in the cookie. For example, the server might be able to customize what is sent back to the user, or keep a log of particular user’s requests.
Any personal information with which we are provided is used exclusively to help us help you!
Cookies on http://www.kongsberg.com
KONGSBERG uses several cookies, that enable the user to experience the information provided in the best way, and to help us maximize the user-friendliness of our web. Additional cookies from third parties may occur, for example enabling streaming of YouTube movies, PDF readers, Adobe Flash functionalities etc.
By using the KONGSBERG website, you approve that we can set cookies in your browser. Note, cookies can always be deleted and or disabled. Please refer to your browser’s help file to determine the browser’s settings.
Be aware of the following, several webpages will not have optimal functionality if cookies are deleted or blocked in settings.
We will process your personal data securely and will apply and maintain appropriate technical and organizational measures to protect your personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing.
This Privacy Statement addresses the collection, use and disclosure of personal data by KONGSBERG. This Privacy Statement does not address or govern the privacy practices adopted by third parties on third party websites or in relation to third party services that may be accessible through use of the website.
Although we try only to link to websites that share our high standards for privacy, we are not in any way responsible for the content or the privacy practices employed by third party websites or third party services. We encourage you to familiarize yourself with the privacy policies applicable to such websites or services prior to providing them with your personal data.
You have a right to information about KONGSBERG’s processing of personal data concerning you and to receive a copy of the personal data being processed. You also have the right to have inaccurate or incomplete personal data concerning you rectified or completed. Under certain circumstances, you can request erasure of your personal data or that the processing of the personal data restricted. You may also have a right to object to the processing, including if the processing is for direct marketing purposes. In some instances, you can have a right to receive the personal data concerning you in a machine readable format and to have it transmitted to another controller (data portability). Subject to certain exceptions, you also have a right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
To exercise your rights as a data subject, please contact our Corporate Privacy Officer by using email; email@example.com. (see contact information in section 12 below).
You have a right to file a complaint to KONGSBERG regarding compliance with the KONGSBERG BCR or violations of your rights under applicable data protection law. You may file a complaint to the Corporate Privacy Officer (see contact information in section 12 below), or through the general contact section of KONGSBERG’s company website by using email: firstname.lastname@example.org
You will receive the result of the complaint handling within four (4) weeks after we receive the complaint. If, due to the complexity of the complaint, a response cannot be given within the four (4) weeks period, you will be informed accordingly and provided with an estimate for the timescale within which a response will be provided.
In case a complaint is rejected, you will receive the reasons for the rejection. If you are not satisfied with the response to the complaint, you can choose to lodge claims based on the KONGSBERG BCR, see section 9 below.
We encourage you to first follow the complaints procedure in section 8 above before filing any complaint or claim with competent data protection authorities or the courts.
In case of violation of the KONGSBERG BCR, you may, at your choice, submit a complaint or a claim to the data protection authority or the courts:
a) in the EEA country at the origin of the personal data transfer, against the KONGSBERG group company in such country of origin responsible for the relevant transfer;
b) in Norway, against Kongsberg Gruppen ASA; or
c) in the EEA country where the you or have your place of work, against the KONGSBERG group company being the Controller of the relevant personal data.
The data protection authorities and courts shall apply their own substantive and procedural laws to the dispute. Any choice made by you will not prejudice the substantive or procedural rights you may have under applicable law.
The kongsberg.com website is governed in accordance with Norwegian legislation, and the Oslo District Court shall be the legal venue with exclusive jurisdiction over any dispute arising from your use of this website.
We may update this Privacy Statement from time to time. If such updates are minor and do not have a material meaning for your rights or the way we use personal data, we may make such changes without posting a specific notice on our website. We encourage you to review this Private Statement on a regular basis to familiarize yourself with the latest updates.
If we make material changes to this Privacy Statement that may affect your rights or the way we use personal data, we will provide a specific notice on our website.
If you have any questions or comments relating to this Privacy Statement or want to exercise your rights, please contact our Corporate Privacy Officer at email@example.com or via mail directed to:
Corporate Privacy Officer
Kongsberg Gruppen ASA
If you have unresolved concerns, you also have the right to complain to the data protection authority competent to resolve such concerns according to the applicable law or KONGSBERG Binding Corporate Rules.
Effective date: 16th of May 2018/ Last updated: 2th of September 2019