Privacy Policy & Cookies
Noova Privacy Policy
Noova Energi System AS, org.nr. 918 710 558 (Noova), will process personal data in accordance with the applicable personal data regulations at any time, including the Personal Data Act of 2018, which incorporates the EU General Data Protection Regulation 2016/679 (GDPR).
When you enter into agreements with us, visit our websites, contact customer service, log in to our customer portal, or receive marketing from us, we process personal data that can be linked to you as a person.
This privacy policy describes how we process your personal data and what rights you have under the applicable personal data regulations.
If you have any questions about this privacy policy, you can contact us at post@noova.no
1. What's personal data, and who is responsible for it?
Personal data is information and assessments about an identified or identifiable natural person. This can be, for example, name, telephone number, e-mail address or IP address. Any collection, registration, compilation, storage and disclosure of personal data is called processing of personal data. All processing of personal data in Norway is subject to the Personal Data Act of 2018, which incorporates the GDPR, and the Data Inspectorate supervises the Act. The person who decides what the personal data is to be used for is called the controller. The controller shall ensure that the personal data is processed in accordance with the applicable rules.
Noova is the controller for the processing of your personal data under this privacy policy, and you can contact us at Noova via post@noova.no, Postboks 182, 4339 Ålgård, or via telephone number 51 61 01 70.
2. Why do we collect personal data, and what kind of information do we collect?
At Noova, we want to give you the best possible experience of our services and in meeting with us. We collect and use personal data that you provide to us, through how you use our services, and through visits to the website.
We also receive some information from third parties, which can be both public and private institutions. This is, for example, information about usage patterns from Hubspot and Google Analytics.
We collect and process this personal data in order to be able to enter into and fulfill an agreement with you (cf. GDPR art. 6(1) letter b), based on your express consent (cf. GDPR art. 6(1) letter a), on the basis of our legitimate interest in giving you the best possible experience in relation to our website information and our services, and on the basis of our legitimate interest in processing legal claims (cf. GDPR art. 6(1) letter f), as well as to fulfill our legal obligations (cf. GDPR art. 6(1) letter c).
We generally do not process special categories of personal data, such as health data.
Below we have listed all the specific ways we process your personal data and the categories of personal data we typically process, as well as the legal basis for the processing.
If you contact us, either by sending an e-mail to our customer center, filling out a contact form on the website, using our chat solution on the website, calling us, you will provide information about yourself. In this connection, we process personal data that you send us, such as: name, e-mail address, telephone number, company information, as well as any other information you choose to share with us.
We process the personal data in order to be able to fulfill an agreement with you (cf. GDPR art. 6(1) letter b) or on the basis of our legitimate interest in responding to your inquiries (cf. GDPR art. 6(1) letter f).
If you subscribe to our newsletter, we collect name, e-mail address, telephone number and company information. We process the personal data on the basis of our legitimate interest in following up our customers by sending out relevant news and relevant information about our services (cf. GDPR art. 6(1) letter f, see also the Marketing Act § 15(3)). You can at any time object to this marketing by contacting post@noova.no
If you are not an existing customer with us, the legal basis for sending you such e-mails is your express consent (cf. GDPR art. 6(1) letter a). You can easily unsubscribe from the newsletter through the link in our e-mails.
You are welcome to apply for a job with us, either by sending us an e-mail karriere@noova.no. When recruiting for new positions with us, we will process CV, application, certificates, notes from interviews, results from investigations of references, which will contain personal data.
The basis for processing personal data during recruitment is that the processing is necessary to carry out measures before an employment contract with the job seeker is possibly entered into (cf. GDPR art. 6(1) letter b). If we carry out investigations beyond contacting persons who are listed as references, investigate the application for history, etc., then personal data is processed on the basis of our necessary legitimate interest in ensuring the right candidate for the position (GDPR art. 6 (1) f).
When we enter into a customer agreement with a company that you represent, we will create a Data Processing Agreement with the customer. You can see it here. We process the personal data on the basis of our legitimate interest in fulfilling or entering into an agreement with the company (cf. GDPR art. 6(1) letter f).
3. Cookies
We use cookies to simplify your use of our websites, to provide a functional website, and to ensure the best possible experience of our websites. Cookies are small data files that store information about how you use a website. The information is stored in the browser you use, i.e. with you.
We use necessary cookies on the basis of our legitimate interest in providing you with a functional website (cf. GDPR art. 6(1) letter f). We use all other cookies on the basis of your consent (cf. GDPR art. 6(1) letter a).
The use of cookies is a standard functionality used by most websites. All modern browsers accept the use of cookies by default, but they still allow you to disable the use of them. We would like to point out that the website may not work as expected if you disable the use of cookies.
For more information about which cookies we use and how long they are stored, see our cookie banner.
4. Do we share personal data with third parties?
We do not share your personal data with others unless you consent to the sharing (cf. GDPR art. 6(1) letter a), or there is a legal basis for the sharing. Examples of such grounds are that it is necessary to fulfill an agreement with you (cf. GDPR art. 6(1) letter b), we have a legal obligation to provide your personal data (cf. GDPR art. 6(1) letter c), or it can be justified based on our legitimate interests in sharing the information (cf. GDPR art. 6(1) letter f).
We use subcontractors or service providers to collect, store or otherwise process personal data on our behalf ("data processors"). In such cases, we have entered into agreements to safeguard information security in all parts of the processing.
We may use suppliers or process personal data outside the EEA. In such cases, the transfer and processing outside the EEA (third country) will always take place in accordance with Chapter V of the GDPR, including being subject to a legal basis for transfer, in order to ensure the protection of your personal data. You can find out which basis is used for the transfer by contacting us.
5. Your rights when we process personal data about you
Below are your rights for the processing of personal data. To exercise your rights, you must contact us by e-mail or telephone according to our contact information in point 1. You can also change data that is stored about you by logging in to "My Page" in the customer portal.
We will respond to your inquiry as soon as possible, and no later than within one month.
Access: You have the right to information about which personal data we have stored about you, and the right to access this personal data.
Correction and deletion: The information we have about you must be correct and up-to-date. If you discover an error, we encourage you to contact us so that the information can be corrected. You can also contact us if you want information to be deleted. We will, as far as possible, accommodate a request to delete personal data, but we cannot do this if we still need the information.
Restriction of processing: You have a general right to ask us to stop processing your personal data, for example if you are of the opinion that we are processing your personal data illegally and you do not want us to delete the personal data according to our routines before the matter has been clarified.
Data portability: For information that you have provided to us and that is necessary to fulfill an agreement with us, and which is processed automatically (i.e. not manually by us), you can request that the personal data about you be delivered or transferred to another supplier in a structured, commonly used and machine-readable format (data portability).
Right to object: You have the right to object to our processing of your personal data if this can be justified by special circumstances on your part.
Right to complain: If you do not agree with how we process your personal data, you have the right to complain to the Data Inspectorate. However, you should still contact us first so that we can clarify any ambiguities.
Processing based on consent: If we process personal data based on your consent, you can withdraw your consent at any time. The easiest way to do this is to use the method that was stated when you gave your consent or by contacting us.
6. Information security
All processing of personal data is secured with the required technical and organizational measures.
We handle information so that it is correct, available and handled according to the degree of sensitivity of the information. We also use a range of security technologies and information security procedures to protect personal data from unauthorized access, use or disclosure. Risk assessments are carried out for the processing of personal data.
We have entered into data processing agreements with all our suppliers who process personal data, where they undertake the same level of security as we have for our processing of personal data.
We restrict access to personal data to the personnel or third parties who are to process the information on our behalf. These parties are subject to confidentiality.
Routines have been established for handling breaches of information security and routines (privacy breaches), and we will, if there is a breach that entails a risk to the privacy of the personal data concerned, send a deviation report to the Data Inspectorate as soon as possible and no later than 72 hours after the breach was discovered. If the breach entails a high probability for the privacy of those affected by the breach, we will also notify them.
7. What cookies do we use and how long do we store your personal information?
We will not store your personal information longer than necessary to fulfill the purpose of the processing and the legal obligations we have.
| Cookie name | Domain | Path | Cookie type | Expiration date | Description |
| __cfruid | .noova.no | / | First-party cookie | Session | Cookie associated with sites using CloudFlare, used to identify legitimate web traffic. |
| JSESSIONID | .nr-data.net | / | Third-party cookie | Session | General platform session cookie, used by sites written in JSP. Typically used to maintain an anonymous user session on the server. This cookie is used to distinguish between humans and robots. |
| __cf_bm | .noova.no | / | First-party cookie | 30 minutes | This is beneficial for the website in order to create valid reports on the use of the website. |
| __cf_bm | .hubspot.com | / | Third-party cookie | 30 minutes | This cookie is used to distinguish between humans and robots. This is beneficial for the website in order to create valid reports on the use of the website. |
| __cfruid | .hs-sites.com | / | Third-party cookie | Session | Cookie associated with sites using CloudFlare, used to identify legitimate web traffic. |
| iztid | .inzynk.io | / | Third-party cookie | 1 year | Used in conjunction with account-based marketing (ABM). The cookie records data such as IP addresses, time spent on the website, and page requests for the visit. This is used to target campaigns to multiple users coming from the same IP address. ABM is typically used to facilitate B2B marketing purposes. |
| _cfuvid | .hubspot.com | / | Third-party cookie | Session | This cookie is part of the services provided by Cloudflare - including load balancing, delivering website content, and serving DNS connection for website owners. |
| izcid | www.noova.no | / | First-party cookie | 1 year | Used in conjunction with account-based marketing (ABM). The cookie records data such as IP addresses, time spent on the website, and page requests for the visit. This is used to target campaigns to multiple users coming from the same IP address. ABM is typically used to facilitate B2B marketing purposes. |
| iztid | www.noova.no | / | First-party cookie | 1 year | Used in conjunction with account-based marketing (ABM). The cookie records data such as IP addresses, time spent on the website, and page requests for the visit. This is used to target campaigns to multiple users coming from the same IP address. ABM is typically used to facilitate B2B marketing purposes. |
8. Changes to the Privacy Policy
We may periodically update this privacy policy to reflect any changes to the website or our website policies. For significant changes, we will inform specifically for the services affected.
Last updated: 14.02.2024