How we protect your data and private information
This Privacy Statement applies to the services offered via the Kognifai platform (hereafter referred to as "Kognifai").
Kongsberg Digital AS ("KDI" or "we") will act in the capacity of controller in relation to Kognifai (cf. section 2 below).
KDI is part of a group (the “Kongsberg Group”), of which Kongsberg Gruppen ASA (“KONGSBERG”) is the ultimate owner. KONGSBERG’s general privacy statement applies to and may supplement this Privacy Statement with regards to Kognifai.
Each individual who a) has entered into a Kognifai related agreement with KDI, and/or b) is an employee of a Kognifai customer or partner (or otherwise related to a customer and/or partner), and who is identified and notified to KDI to be given access to one or more services on Kognifai, is hereinafter referred to as an “Authorised User”. "You" and “Your” refers to Authorised Users.
2. ROLES AND RESPONSIBILITIES of controller
KDI is the controller with respect to the following activities:
- To prevent abuse and misuse of services offered via Kognifai
- Improve quality and functionality of Kognifai and Kognifai related services
- Detect, prevent and mitigate security threats and perform maintenance and debugging
Personal data will only be processed in connection with these activities to the extent necessary and proportionate to fulfil the stated purposes and to comply with relevant data protection laws and regulations KDI is subject to.
KDI executes specific processing activities with regards to the processing of personal data in order to deliver services to our customers or partners on Kognifai, hereunder for the following purposes:
- To fulfil contractual obligations related to delivery of agreed services
- Provide requested information or assistance
- Process orders, invoicing and other financial follow up.
The customers or partners of Kognifai are the controllers for these processing purposes. When, for example, the customer discloses information about its employees in order for KDI to set up or manage the Authorised Users, there will be a transfer from one data controller (the customer) to another (KDI). The customer or partner must ensure that the they have the legal basis to disclose the personal data necessary for KDI to set up the Authorised Users.
3. CATEGORIES OF PERSONAL DATA PROCESSED
When You use the services on Kognifai, KDI may process the following data about You, depending on Your use of Kognifai:
- Basic contact details such as name, address, telephone number and email
- Feedback, comments or questions about KDI, Kognifai and services running on Kognifai
- Unique user information such as login ID, username, password
- Web traffic information as provided by browser such as browser type, device, language and the address of the website from which You arrived and other traffic information such as IP address
- Clickstream behaviour
4. LEGAL BASIS FOR THE PROCESSING
When KDI processes personal data as a controller and for the purposes stated in section 2 above, the legal basis is the legitimate interests pursued by KDI. KDI deems the processing of personal data legitimate from a business perspective. All processing is carried out in a manner that does not infringe Your privacy rights.
5. SHARING AND TRANSFERS OF PERSONAL DATA
KDI may share Your personal data with other companies in the Kongsberg Group if this is necessary to fulfil a request from You.
KDI does not share Your personal data with third parties except where such sharing is necessary to deliver and improve the Kognifai services. KDI may share Your personal data with third parties who have a contractual relationship with KDI and who KDI has permitted to make their applications available on Kognifai, provided You have requested access to such applications via Your Kognifai related agreement with KDI. KDI also use external third-party service providers, for example for website hosting, for processing transactions and for performing statistical analysis of the Kognifai services. KDI will only share Your personal data with third parties to the extent it is necessary for them to deliver the services.
KDI may share Your personal data with public authorities or governments if required by mandatory law.
The KONGSBERG Binding Corporate Rules (“BCR”) provides a legal basis for transfer of personal data from group companies within the EEA to group companies outside the EEA. For more information about the KONGSBERG's BCR and group companies bound by the BCR, please see the public version of the KONGSBERG BCR.
KONGSBERG will not transfer personal data to a third country outside of the EEA that does not provide adequate protection of personal data unless appropriate safeguards are adduced, or the transfer otherwise takes place in accordance with applicable data protection legislation. Examples of such safeguards are Binding Corporate Rules, EU Standard Contractual Clauses or if the receiving party is certified under the EU-US Privacy Shield.
6. SECURITY OF PROCESSING
KDI undertakes to process Your personal data securely and will apply and maintain appropriate technical and organizational measures to protect Your personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing.
KDI uses the data collected through cookies for the purpose of offering You the best user experience and for improving services running on Kognifai by tracking usage patterns and recording preferences.
8. YOUR RIGHTS
You may contact KDI for further information about the processing of personal data relating to Kognifai.
You will as a main rule have a right to access Your personal data processed by KDI and/or to obtain a copy of the personal data. You also have a right to contact KDI to have inaccurate or incomplete personal data concerning You rectified, completed and under some circumstances deleted or restricted. If You believe that KDI's processing is not legitimate, You may also object to the relevant processing activities.
In some instances, You can have a right to receive the personal data concerning you in a machine readable format and to have it transmitted to another controller (data portability).
To exercise Your rights as a data subject or if You have questions regarding this Privacy Statement, please contact our Corporate Privacy Officer by using the below email address;
If You are not satisfied with this Privacy Statement or the way KDI treats Your personal data, You may file a complaint to the Norwegian Data Inspectorate.