It applies to akersolutions.com and the web sites of any Aker Solutions’ legal entity and related online activities. Further, this privacy statement provides information to external data subjects who are not employed by or hired in by Aker Solutions, where the data subjects provide us with personal data, or we collect data as part of our normal business operations, from a third party service provider, contract partner, public sources, previous employers or organizations, trade fairs, or communications channels such as e-mail.
Aker Solutions ASA operates the akersolutions.com website(s) and is the controller for the processing of personal data generated from using the site(s) and for the processing described below. The Aker Solutions company in your country is the controller for the specific company web site and processing of your personal data for the purpose of providing local services and communication when determining purposes and means of processing.
1. How and Why We Use Personal Data
When you visit our websites
When you interact with us
When you contact us, such as for business relations or interest, ordering products and services or in relation to projects, media- or investor contacts, supplier relations, sponsorships, or sign up for an event, we collect your name, e-mail address, phone number, country/location, job title, customer relationship management data, representation and company affiliation and any other information that you wish to provide to us. We use the data to enable us to meet your request or interest, provide support, comply with contractual obligations or prepare to enter into a contract. When we have an existing customer relationship with you, we may also use your personal data to provide communication and direct market our products and services.
In order to procure goods and services, manage contracts and adhere to legal or regulatory requirements related to our operations, we also process personal data such as identification data, employment data, nationality, gender, public roles, relations and contact information related to human rights verifications and legal compliance.
The legal basis for such processing is either your directly obtained consent or the legitimate interest in establishing or maintaining a business relation, providing information, support and service to you, and these interests are not overridden by your rights to data protection. Where we rely on consent, you are free to withdraw this at any time. Should you wish not to receive any communication from us, please provide an e-mail to firstname.lastname@example.org and we will honor this request.
When you apply for a job
When you apply for a job in Aker Solutions, we use a recruitment system and job application portal operated by an external service provider on our behalf, for processing and handling your job application. The service provider may collect your general identification and contact information, gender, nationality, information about your education, competencies and skills, career and work history, job certificates, work permit, public roles, interests, references and other relevant background information. For some positions a background check is performed by a third-party service provider. You might also be asked to undergo psychometric tests and/or competency assessments. For relevant candidates, some or all of this information will be forwarded to Aker Solutions.
We use this information in order to determine your eligibility for the job and select the right candidate for the position in question. With your consent, we may also retain your data for the purposes of identifying you as a potential candidate for future suitable vacancies and/or to inform you of future suitable vacancies.
The legal basis for processing and storing your job application, CV and related information is your consent and that the processing is necessary in order to take steps prior to entering into a contract. You can withdraw your consent or update your information at any time through the external service provider or by changing your profile in the job application portal.
When you blow the whistle or use our Ethics helpline
Please see the Whistleblowing privacy statement for more information about how we handle your personal data when you submit a report through our whistleblowing channel.
When we conduct Integrity Due Diligence investigations
When determined necessary, Aker Solutions will effectuate Integrity Due Diligence (IDD) investigations. This includes collecting information to evaluate potential business relations or partners, their operation and business ethics. This investigation may include processing of personal data such as organizational position and roles, connections or relations to public authorities’ representatives or relevant decision makers, political position, possible sanction listings, contracts, relevant memberships, references, legal claims and reputational issues. The legal basis is to comply with legal obligations, pursue our legitimate interests and to establish, exercise or defend legal claims.
When we rent out facilities
When Aker Solutions is renting out property, we process personal data about the personnel of the tenants. Such data will typically include name, SAP ID, e-mail address, employment company and title. We do this to provide contractual services, secure and maintain the property and personnel according to applicable standards, and to improve how we deliver our responsibilities and services. For these purposes, Aker Solutions will be the controller of the personal data when determining the purposes and mean of processing. We will not process your data for any other purpose. The legal basis for processing such personal data is our interest in renting out the property and delivering the agreed contractual services.
You should contact your employer if you have questions relating to transfer of your personal data from the employer to Aker Solution under a facility agreement.
When we safeguard and protect
Aker Solutions has implemented various safety and security measures where we process personal data. We do this to safeguard against illegal or unauthorized access to areas, to protect and secure people, buildings, systems, technology, rights, processes or equipment. Our safely measures include camera surveillance, , IT logs, physical surveillance, identity checks and access control. The categories of personal data we collect and process, may include contact information, identity information, role and employment data, CCTV images, date and time logs, location logs, vehicle registration etc., depending on the different security measures.
The purpose of the processing is to ensure compliance to legal and contractual obligations, as well as secure and protect personnel and visitors at all locations, secure property, technology and equipment and provide support and safeguarding during critical situations. The legal basis for such processing is your consent, our legitimate interests in safeguarding of people, properties and business operations and any applicable legal and contractual requirements. Where we rely on your consent to retain data, you may withdraw your consent at any time.
When delivering safety and security services to third parties, we provide a separate Privacy Statement for such services providing more details about our processing of personal data for such purposes.
2. Sharing of Personal Data
We will not share your personal data with third parties except for in circumstances where such sharing is necessary as part of our regular business operations or to provide our services and support to you.
Occasionally we use external third-party service providers for delivering services on our behalf, based on our instructions as set out in a data processing agreement with the relevant service provider. We use such service providers for example for transactional possessing or administration services, security services, consultancy purposes, hiring services (temporary work arrangements) recruitment services, financial services, facility management services, parking services, IT services, communication services and integrity due diligence services. In such instances we may share your personal data with such parties to the extent necessary to perform such services.
We will not disclose your personal data to third parties for the purposes of allowing them to market their products or services to you.
Should we sell or buy any business or asset, we may disclose your personal data to such prospective buyers or sellers, such as in the case of establishing joint ventures. We may further share your personal data with third parties, organizations or individuals to the extent necessary to protect and defend Aker Solutions (including enforcing any applicable terms and conditions). The legal basis for such processing is that the processing is necessary for achieving our legitimate interest in being able to execute such transactions.
When required by law, regulation, legal process or an enforceable governmental request, we may share your personal data for legal reasons within the Aker Solutions Group and to public authorities or governments but only to the extent we are required to do so.
3. Transfer of Personal Data
When sharing personal data to other parties as described above, we sometimes need to transfer personal data to a country outside the European Economic Area (EEA) in order to be able to fulfil one of the purposes set out in this Privacy Statement.
We will not transfer personal data to a third country outside of the EEA that does not provide adequate protection of personal data unless appropriate safeguards are applied, or the transfer otherwise takes place in accordance with applicable data protection legislation.
Aker Solutions has adopted binding corporate rules for processing and transfer of personal data ("Aker Solutions Data Protection Procedure", "BCR"). The BCR provides a legal basis for transferring personal data from group companies established within the EEA to group companies established outside the EEA. The BCR have been approved by the Norwegian and other relevant data protection authorities and is an important measure to ensure and demonstrate compliance with the EU General Data Protection Regulation 2016/679 ("GDPR"). For more information about the BCR and group companies bound by the BCR, please see please see https://akersolutions.com/BCR and https://akersolutions.com/BCR-companies
5. Security of Processing
We will process your personal data securely and will apply and maintain appropriate technical and organizational measures to protect your personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing. Access to personal data is strictly limited to personnel of Aker Solutions and its controlled business units and affiliates who have appropriate authorization and a clear business need for that data.
6. Retention and Deletion of Data
Your personal data will be retained as long as necessary to fulfil the legitimate purpose(s) for the processing and as long as required by law. If you or your employer have a contractual relationship with us, any personal data relating to you will be retained as long as necessary to enable us to fulfil our obligations relating to that contractual relationship.
If you apply for a job through our website, we will retain your personal data for one year from the position is filled, and delete it thereafter, unless you request us to retain it for a longer period of time in order to notify you of similar job offerings. If you consent to certain processing, we store your personal data until you withdraw your consent or once the personal data is no longer necessary for achieving the purpose of the processing.
7. Your Rights As a Data Subject
You have the right to request access to and rectification of any information we have collected about you through your use of the website and its online functionalities. To help us keep your personal data updated, we advise you to inform us of any changes or discrepancies.
You also have the right to erasure and restriction of processing in some instances. You may have a right to receive personal data concerning you in a machine-readable format and to forward the data to another party (data portability), provided that certain conditions are met.
You also have the right to object to the processing, including if the processing is for marketing purposes. In order to object to processing, please contact the Group Privacy Officer. To exercise your rights as a data subject, or if you wish to make a complaint regarding our compliance with this Privacy Statement or our BCR, please contact the Group Privacy Officer at Aker Solutions (see contact information below).
You have a right to complain to the Norwegian Data Protection Authority, but we encourage you to first contact the Group Privacy Officer, before filing such complaint.
8. Privacy Statements of Third Parties
This Privacy Statement addresses the collection, use and disclosure of personal data by Aker Solutions as described above. This Privacy Statement does not address or govern the privacy practices adopted by third parties on third party websites or in relation to third party services that may be accessible through use of the website. Although we try only to link to websites that share our high standards for privacy, we are not in any way responsible for the content or the privacy practices employed by third party websites or third party services. We encourage you to familiarize yourself with the privacy policies applicable to such websites or services prior to providing them with your personal data.
9. Governing Law and Jurisdiction
The akersolutions.com website is governed by Norwegian law, and the District Court of Oslo shall be the legal venue with exclusive jurisdiction over any dispute arising from your use of this website.
10. Changes to This Privacy Statement
We may update this Privacy Statement from time to time. If such updates are minor and do not have a material meaning for your rights or the way we use personal data, we may make such changes without posting a specific notice on our website. We encourage you to review this Privacy Statement on a regular basis to familiarize yourself with the latest updates. If we make material changes to this Privacy Statement that may affect your rights or the way we use personal data, we will provide a specific notice on our website.
11. How to Contact Us
If you have any questions or comments relating to this Privacy Statement or want to exercise your rights, please contact our Group Privacy Officer at PII@akersolutions.com. If you have unresolved concerns, you also have the right to complain to the supervisory authority competent to resolve such concerns according to the applicable law or Aker Solutions' Binding Corporate Rules.
Effective date: May 8, 2018 / Last updated: November 2020