Privacy Policy

Introduction and scope

This privacy statement applies to all operations of NorTronic AS (including PassPay and ParkPay) and covers all work and activities carried out by employees or others representing us.

The statement contains information regarding:

    • Collection of information from our website.
    • General information on how we process personal data about our contacts and customers.
    • Processing of information about the businesses and institutions we collaborate with in both the private and public sectors.

The statement also includes a summary of privacy policies for our products and services.

Our products and services

Our products use payment terminals, license plate recognition, and counting mechanisms as the basis for the services we provide. Customers using our products are the data controllers for the personal data they access through this use.

NorTronic AS provides operation and support for the products and may therefore gain access to personal data processed by our customers. We will only process any personal data according to documented instructions from the data controller and in compliance with applicable regulations. Larger and public customers enter into data processing agreements with NorTronic AS to regulate this responsibility.

Personal data

NorTronic AS stores information about contact persons in the companies and organizations we are connected with. This information includes:

    • Name of the contact person
    • Address
    • Email/phone used in the work relationship

The information is collected as a result of contact with representatives from organizations in the following contexts:

    • Partner companies
    • Participation in events organized by us or others
    • Organizations/employed individuals who have actively submitted our contact form on our websites

The purpose of this information is to respond to direct inquiries, maintain and develop the partnership, and to communicate relevant information.

We also use cookies, which you can read about by clicking here.

Legal basis for processing personal data

If the customer is a legal entity (i.e., not a natural person), our legal basis is “legitimate interests,” cf. GDPR Article 6(1)(f). Our legitimate interests are to manage the customer relationship, follow up on rights and obligations, and contact the customer regarding relevant inquiries.

If the customer is a natural person, the legal basis for processing is GDPR Article 6(1)(b), fulfillment of a contract with the data subject.

If you have given consent, the information is also used to provide you with information, offers, and service related to your customer relationship via email, phone, and SMS. The basis for this processing is GDPR Article 6(1)(a). You may opt out of receiving such communications from us at any time.

Rights of the data subject

We process your personal data in accordance with the Norwegian Personal Data Act and applicable regulations. Registered individuals have the right to request access to, transfer, correction, or deletion of their personal data. To learn more about your rights, you can visit the Norwegian Data Protection Authority’s website.

Complaints about processing in violation of the rules can be submitted to the Data Protection Authority.

    • Access to registered information, correction, and deletion/unsubscription of data will be carried out upon written request to the CEO.
    • If you subscribe to a newsletter, you can unsubscribe via every new issue or by written request to the CEO.
    • Except for newsletters, we have no routines for profiling or automated processing of personal data.
    • NorTronic AS never discloses personal data to third parties without prior agreement.
Disclosure of information to others

To fulfill our obligations under the agreement with you/your organization, necessary information is disclosed to our partners, including the provider of invoicing services.

The following entities receive information from us:

Name of business Activities/services Transferred to third countries (outside the EU/EEA)
Riverty Norway AS Innkreving av betaling. No.
Operators, toll road owners, and municipalities Payment activities No.
Deletion of personal data

Information received in connection with your contractual relationship is stored in our active customer register as long as we have a customer relationship and need to fulfill contractual obligations. The data will be deleted once the customer’s claims are time-barred according to the Norwegian Limitation Act (foreldelsesloven).

Information we are required to retain under accounting legislation will be stored for up to 5 years, in accordance with legal requirements.

Storage and deletion of license plate numbers in connection with fulfilling the agreement with you/your organization: Passage data collected is stored as long as necessary to collect toll and parking fees, handle complaints, manage IT systems, and comply with data retention obligations under the Norwegian bookkeeping legislation (bokføringsloven). The data will then be deleted.

We use a default setup that masks information such as license plate numbers, phone numbers, and emails after 3 months. This data is deleted after 2 years. However, each facility/operator may adjust the parameters for masking and deletion, so we recommend contacting the facility owner/operator (the data controller) for more specific information.

Confidentiality

All employees and anyone representing NorTronic AS are subject to a duty of confidentiality within the scope of this statement.

Responsible

The CEO is responsible for all practical storage and processing of personal data at Nortronic AS, and the company is the data controller under GDPR. You can contact us by phone at +47 51 85 65 65 or by email at post@nortronic.com.