2. What personal data do we process?

The type of personal data that Giant Leap Technologies AS processes about you may be:

• Contact information such as name, employee number, address, telephone number, email, social security number and demographic information (for some solutions provided by Giant Leap Technologies AS)
• Vehicle information such as LPN (License Plate Number), color, make, type, nation, picture of the parked vehicle, GPS-position, time and date stamp of parking ticket/unpaid parking, former parking violations/tickets etc (for some solutions provided by Giant Leap Technologies AS)
• Employees variables like planned and actual working hours, deviations from working hours, absence, incoming phone data etc. (for some solutions provided by Giant Leap Technologies AS)
• User and web traffic information such as login ID, username, and IP address
• Financial information such as invoice-related information, payment type and account numbers (only for refunds)
• Content you have uploaded or provided such case handler and warden correspondence
• Statistics that show how the users use our software and consume content we offer

For the purposes mentioned in the section “Why we process personal data”, Giant Leap Technologies AS, does not process sensitive personal data about you.

3. How is personal data collected?

‍In general, Giant Leap Technologies AS, collects personal data directly from you or other persons linked to our Customer. If the Customer purchases Giant Leap Technologies AS products or services via a partner company, we may collect information about you from the partner company.

Giant Leap Technologies AS will also use cookies and other tracking technologies when you use our applications/services and websites, in order to optimise your experience of Giant Leap Technologies AS and our products. 

In some cases, we may also collect information about you from other sources. These sources may be third-party data aggregators, marketing partners, public sources or third-party social networks.

4. Why do we process personal data?

This Privacy Statement applies when Giant Leap Technologies AS processes your personal data for various purposes when you interact with us, such as:

Buy and deliver

• Facilitate customer orders, agreements, payments
• Offer services directly to you, such as webinars, courses, newsletters, reports etc.
• Provide requested offers on products and services to Customers
• Create and facilitate accounts for users of our services

Support and improve

• Improve and develop the quality, functionality and user experience of our products, services and websites
• Offer customer support and consultancy for our products and services

Security

• Detect, mitigate and prevent security threats and abuse, and perform maintenance and debugging

Marketing

• Manage and send marketing preferences and content
• Create interest profiles in order to promote relevant products and services (profiling)
• Handling of leads in order to promote relevant products and services

Recruiting

• Manage recruitment processes and process job applications
• Evaluate submitted documentation, conduct interviews and call references

5. What is the legal basis for processing your personal data?

We process data based on several legal grounds.

Agreement with you
We process your personal data on the basis of a legal binding contract with you. This will typically be when you apply for a job in Giant Leap Technologies AS. Processing your personal data such as CV, application and references is necessary for handling jobseekers’ requests before a contract is entered into.

Your consent
Giant Leap Technologies AS might process your personal data based on consent. You will always be able to withdraw your consent, after you have given the consent.

Legitimate interest
Giant Leap Technologies AS has a legitimate interest when we process your data for security, support and improvement purposes, or when you act as customer contact/lead for our existing and potential customers, hereunder in customer support. Your personal data is processed from a business perspective in a manner that we believe does not conflict with your privacy rights or freedoms.

Further Giant Leap Technologies AS processes data based on legitimate interest if you are signing up for example a webinar, downloading reports or other content from our web pages. The legitimate interest is to provide you with correct content, hold webinars, do marketing and administrate your requests. Read more about how Giant Leap Technologies AS processes your personal data for marketing purposes based on legitimate interest and your rights when we process your personal data for such purposes under the section called “marketing” in this privacy statement.

6. How is your personal data shared?

Within the Visma Group
Giant Leap Technologies AS is a part of the Visma Group. As Visma consists of many different subsidiaries, it is important for us that we provide the best possible overall experience for you. In order to maintain an overview and insight, Giant Leap Technologies AS may share your personal data across companies in the Visma Group.

Outside of the Visma Group
Visma may also share your personal data with external third parties in the following contexts:

User communities
‍If you make a post, comment or similar on user communities or other forums or sites, such information can be read and used by anyone with access to such forums. Giant Leap Technologies AS is not responsible for any information you submit on such forums or sites.

Business partners
Giant Leap Technologies AS may share your personal information with our partners in the event this is legitimate from a business perspective and according to applicable privacy legislation.

Public authorities
‍The police and other authorities may request access to personal information from Giant Leap Technologies AS. In these cases, Giant Leap Technologies AS will only provide the data if there is a court order etc. to do so.

7. When do we use processors?

Giant Leap Technologies AS uses processors to process personal data. These processors are typically vendors of cloud services or other IT hosting services. When using processors, Giant Leap Technologies AS will enter into a data processing agreement in order to safeguard your privacy rights. If processors are located outside the EU/EEA, we ensure legal grounds for such international transfers on your behalf, hereunder by using the EU Model Clauses.

You are always welcome to request an overview and more detailed information on our processors. For how to contact us , please see the last section of this statement.

For information on sub-processors used to provide you our services, please visit our Visma Trust Centre.

8. How long is your data stored?

Giant Leap Technologies AS will only store your personal information as long as required to perform our contractual obligations. 

When processing your personal data on other legal bases, such as legitimate interest, data is stored as long as necessary to fulfill the purpose of processing. 

Hence, your personal data may be subject to different retention policies based on the type of data and the purpose of collecting it. Below are some examples:

When recruiting, Giant Leap Technologies AS will delete your personal information such as CV, application and other documents 12 months after application deadline, unless otherwise agreed upon with you. 

If you use the chat service on our website, your personal information such as email, name, IP address etc. is kept for up to six months, after which it is automatically deleted.

Another example is contact information stored for different marketing purposes. If you opt out or unsubscribe to our marketing services, data will be deleted no longer than 12 months after registration.  

For further information regarding deletion, feel free to contact us (see contact information in the last section of this statement).

9. What are your rights?

You can invoke the following rights in relation to our processing of your personal data:

• Access: You have the right to request a copy of the personal data we process about you. 
• Rectification: You also have the right to request Giant Leap Technologies AS to rectify inaccurate personal data concerning you. If you have an account for Giant Leap Technologies AS sites or services, this can usually be done through the appropriate "your account" or "your profile" sections on the applicable site or service.
• Deletion: You can request Giant Leap Technologies AS to delete personal data relating to you. 
• Restriction: You may ask us to restrict the processing of your personal data
• Portability:  You may ask us to provide you or others with your personal data in a structured, commonly used and machine-readable format.
• Object: On grounds relating to your particular situation, you have the right to object to our processing of your personal data on the basis of legitimate interests or for direct marketing purposes. You also have the right to object to our processing of your personal data for the performance of tasks carried out in the public interest or in the exercise of official authority or based on legitimate interests.

Please note that there may be certain exceptions or limitations to the abovementioned rights which could apply depending on the specific circumstances of your situation. In such cases, we will provide you with detailed information about the applicable exception or limitation and help you exercise your rights to the fullest extent possible, in accordance with applicable laws and regulations.

Please use this Privacy Request Form to file requests as mentioned in this section.

Finally, you also have a right to file a complaint to the data protection authorities with regard to our processing of your personal data.

10. Marketing and profiling

Legitimate interest
‍When you interact with Giant Leap Technologies AS e.g. by visiting our web pages, downloading content, attending webinars, and as part of using our services, Giant Leap Technologies AS will be processing your personal data based on legitimate interest. One of our legitimate interests is the processing of personal data for direct marketing purposes. 

Giant Leap Technologies AS uses your personal data to provide relevant content to you through direct marketing on social media platforms and emails, webpages or in a service, based on your preferences. The personal data processed are aggregated details about you such as IP address, interests (where you have clicked, etc.), username and device. This is done through technologies like cookies and is called profiling. Giant Leap Technologies AS will also be able to combine this information with information about the customer relationship we may have with your company.

The purpose of the profiling is to deliver customized marketing to you, improve your user experience with our services / websites and deliver products that our customers are satisfied with. Giant Leap Technologies AS’s services are generally used as tools for work-related purposes, and your behaviour in these tools says little about your personal life. No sensitive data is processed. Your personal data is therefore processed from a business perspective in a way that we believe does not conflict with your freedoms and rights as an individual.

Giant Leap Technologies AS uses email as a tool to communicate marketing, however only if you have consented in accordance with national marketing legislation (if needed). If you have consented, you will always have the possibility to opt out as described below, or when you receive an email containing marketing.

Right to opt-out of marketing communications
‍You have the right to opt out of receiving marketing communications from Giant Leap Technologies AS and being subject to profiling. You can do this by either:

• Following the instructions for opt-out in the relevant marketing communication
• Changing preferences under the relevant edit account section if you have an account with Giant Leap Technologies AS 
• Contacting us via e-mail at helpdesk@giantleap.no

You will also always have the option to opt into/out of cookies on a particular web page, through our cookie banner.

Please note that even if you opt out from receiving marketing communications, you may still receive administrative communications from Giant Leap Technologies AS, such as order confirmations and notifications necessary to manage your account or the services provided to Customers.

11. Changes

We encourage you to review this Statement regularly. If we make significant changes to our Statement that materially alter our privacy practices, we may also notify you by other means, such as sending an email or posting a notice on our website/learning platforms/social media pages prior to the changes taking effect.

12. How to contact us

If you have any questions regarding our processing of your personal data please contact our data protection manager Martin Rønning, on post@giantleap.no.