In the spirit of transparency, this Privacy Policy details how HydraWell processes any personal data collected or received from its business customers and suppliers.

 

1 WHAT INFORMATION DOES THE COMPANY COLLECT AND HOW IS IT USED?

HydraWell collects and processes a range of information about you which includes:

  • Your name and business contact details (including address, job title, email address and telephone number)
  • Personal information on directors, officers and shareholders for screening purposes to ensure HydraWell comply with legal and regulatory obligations, including trade control, anti-money laundering, anti-bribery and corruption laws and other regulatory requirements.

Data is stored in a range of different places, including our Customer Relationship Management System, contracts database, marketing/mailing lists and email system.

We will occasionally contact you with information about our Company and the products and services that we provide. You can stop receiving this information, at any time, by either using the unsubscribe feature in each electronic message or by contacting us directly at post@hydrawell.no  

 

2 WHY DOES THE COMPANY PROCESS PERSONAL DATA?

HydraWell needs to process data for the following purposes:

  • For the purpose of undertaking Business Development
  • Concluding, performing and managing new and existing contracts
  • Health and safety
  • Legal and/or regulatory compliance

3 WHO HAS ACCESS TO DATA?

Your information will be shared internally with HydraWell Staff, if access to the data is necessary for performance of their roles and, where necessary, competent public authority, government, regulatory or fiscal agency where it is necessary to comply with a legal or regulatory obligation to which HydraWell is subject to. In all circumstances the data will be subject to confidentiality arrangements.

 

4 HOW DOES THE COMPANY PROTECT DATA?

HydraWell have implemented a number of operational controls and internal policies to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by our employees in the performance of their duties.

Any data that may be transferred outside of the European Economic Area will be protected by appropriate Transfer Safeguards, which guarantee an adequate level of data protection wherever your data is physically kept.

Where we engage third party suppliers to process data on our behalf, we do so on the basis of written instructions, ensuring the third party has implemented appropriate technical and organisational measures to ensure the security of data.

 

5 FOR HOW LONG DOES THE COMPANY KEEP DATA?

HydraWell will hold data for the duration of our contractual relationship with you and for a period of 5 years thereafter, as set out in a retention policy.

In cases where data is held for a longer period of time, where there is a legal or regulatory reason to do so, data will be deleted when it is no longer required for the legal or regulatory purpose it was held for.

 

6 YOUR RIGHTS

As a data subject, you have a number of rights, as follows:

  • access and obtain a copy of your data on request;
  • to change incorrect or incomplete data;
  • to delete or stop processing your data, for example where the data is no longer necessary for the purposes of processing;
  • object to the processing of your data in certain circumstances
  • to stop processing data for a period if data is inaccurate or there is a dispute about whether or not your interests override our legitimate grounds for processing data.
If you would like to exercise any of these rights, please contact our Data Protection Representative. All correspondence should be addressed to post@hydrawell.no or via the form below.

If you believe that we have not complied with your data protection rights, you can complain to the Data Protection Authority via this link: https://www.datatilsynet.no or to the Information Commissioner via www.ico.org.uk