Privacy Policy for Nordic Rooster Trading AS

This Privacy Policy explains how Nordic Rooster Trading AS collects, uses, stores, shares, and protects personal data when you visit our website, contact us, or otherwise interact with us. We are committed to processing personal data in accordance with applicable Norwegian privacy laws, including the Norwegian Personal Data Act and the EU General Data Protection Regulation (GDPR), as applicable in Norway.

1. Introduction and company information

The data controller responsible for the processing of your personal data is:

Nordic Rooster Trading AS
Dronningens gate 22, 0154 Oslo, Norway
Email: [email protected]
Phone: +47 21 67 84 39

This Privacy Policy applies to personal data processed by Nordic Rooster Trading AS in connection with our business activities, including customer and supplier relations, communication, website use, and any other interaction with us.

2. Data collection and processing

We may collect and process the following categories of personal data, depending on your relationship with us and how you interact with our services:

• Identification and contact information: name, address, email address, telephone number, and similar contact details.
• Communication data: information you provide when contacting us by email, telephone, contact forms, or other channels.
• Transaction and business data: order details, invoice information, payment-related information, delivery details, and correspondence relating to purchases or services.
• Technical data: IP address, browser type, device information, operating system, and website usage data collected through cookies or similar technologies.
• Account and preference data: information relating to your preferences, settings, and interactions with our services, where applicable.

We generally collect personal data directly from you. In some cases, we may also receive data from business partners, service providers, public sources, or authorities where permitted by law.

3. Purpose of data processing

We process personal data for the following purposes:

• to provide and administer our products and services;
• to respond to inquiries and communicate with you;
• to manage customer and supplier relationships;
• to process orders, payments, deliveries, and invoicing;
• to comply with legal obligations, including accounting and record-keeping requirements;
• to maintain and improve our website, systems, and business operations;
• to prevent fraud, misuse, and unauthorized access;
• to establish, exercise, or defend legal claims;
• to send marketing communications where permitted by law and, where required, based on your consent.

4. Legal basis for processing

We process personal data only where we have a valid legal basis under applicable law. Depending on the context, our processing may be based on one or more of the following legal grounds:

• Performance of a contract: where processing is necessary to enter into or perform a contract with you.
• Legal obligation: where processing is necessary to comply with legal obligations, such as accounting, tax, or regulatory requirements.
• Legitimate interests: where processing is necessary for our legitimate business interests, provided that your interests and fundamental rights do not override those interests.
• Consent: where you have given us clear consent for specific processing activities, such as certain marketing communications or cookie use, where required.

5. Data sharing and third parties

We may share personal data with third parties only when necessary and in accordance with applicable law. Such recipients may include:

• IT and hosting providers;
• payment service providers and banks;
• accounting, auditing, and legal advisors;
• delivery and logistics partners;
• customer support and communication service providers;
• public authorities, where required by law;
• other business partners involved in the provision of our services.

We require third parties that process personal data on our behalf to implement appropriate confidentiality and security measures and to process data only according to our instructions and applicable law.

6. Data transfer to third countries

In some cases, personal data may be transferred to or accessed from countries outside Norway and the European Economic Area (EEA). Where such transfers occur, Nordic Rooster Trading AS will ensure that appropriate safeguards are in place in accordance with applicable data protection law, such as:

• an adequacy decision by the European Commission;
• standard contractual clauses approved by the European Commission;
• additional technical and organizational safeguards where necessary.

You may contact us for more information about international data transfers and the safeguards used.

7. Storage duration

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, unless a longer retention period is required or permitted by law. The retention period depends on the type of data and the purpose of processing.

• Customer and transaction records may be retained for the period required by accounting, tax, and commercial laws.
• Communication records may be retained for as long as needed to handle your inquiry and any follow-up.
• Marketing-related data is retained until you withdraw consent or object, where applicable.
• Technical data is retained for a limited period necessary for security, analytics, and operational purposes.

When personal data is no longer needed, it will be deleted, anonymized, or otherwise securely disposed of.

8. User rights

Subject to the conditions and limitations set out in applicable law, you have the following rights regarding your personal data:

• Access: you may request confirmation of whether we process your personal data and obtain a copy of that data.
• Rectification: you may request correction of inaccurate or incomplete personal data.
• Erasure: you may request deletion of your personal data in certain circumstances.
• Restriction: you may request that we limit the processing of your personal data in certain situations.
• Data portability: you may request to receive certain personal data in a structured, commonly used, machine-readable format and, where technically feasible, have it transmitted to another controller.
• Objection: you may object to processing based on legitimate interests and to processing for direct marketing purposes.

To exercise your rights, please contact us using the details provided below. We may need to verify your identity before responding to your request.

9. Withdrawal of consent

Where we rely on your consent as the legal basis for processing, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.

If you withdraw consent, we will stop the relevant processing unless we have another lawful basis for continuing it.

10. Right to complain

If you believe that our processing of your personal data does not comply with applicable law, you have the right to lodge a complaint with the competent supervisory authority in Norway:

Datatilsynet
Postboks 458 Sentrum, 0105 Oslo, Norway
Website: www.datatilsynet.no

We encourage you to contact us first so that we can address your concerns directly.

11. Data security

Nordic Rooster Trading AS takes appropriate technical and organizational measures to protect personal data against unauthorized access, loss, misuse, alteration, or disclosure. These measures may include access controls, encryption where appropriate, secure storage, staff confidentiality obligations, and regular review of our security practices.

While we strive to protect your personal data, no method of transmission over the internet or electronic storage is completely secure. We therefore cannot guarantee absolute security.

12. Contact information

If you have questions about this Privacy Policy or our processing of personal data, or if you wish to exercise your rights, please contact us at:

Nordic Rooster Trading AS
Dronningens gate 22, 0154 Oslo, Norway
Email: [email protected]
Phone: +47 21 67 84 39

13. Changes to privacy policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. Any changes will take effect when the updated policy is published on our website or otherwise made available to you.

We encourage you to review this Privacy Policy periodically to stay informed about how Nordic Rooster Trading AS processes personal data.