It applies to akersolutions.com and the web sites of any Aker Solutions’ legal entity and related online activities. Further, this privacy statement provides information to external data subjects who are not engaged or employed by Aker Solutions, where the data subjects provide us with personal data, or we collect data as part of our normal business operations, from a third party service provider, contract partner, public sources, previous employers or organizations, trade fairs, or communications channels such as email.
Aker Solutions ASA operates the akersolutions.com website(s) and is the controller for the processing of personal data generated from using the site(s), as well as a number of the processes described herein. The Aker Solutions company in your country is the controller for the specific company web site and processing of your personal data for the purpose of providing local services and communication when determining purposes and means of processing.
1. How and Why We Use Personal Data
When you visit our website
When you interact with us
When you contact us, such as for business relations or interest, ordering products and services or in relation to projects, media- or investor contacts, supplier relations, sponsorships, or sign up for an event, we collect your name, email address, phone number, country/location, job title, customer relationship management data, representation and company affiliation and any other information that you wish to provide to us in order to enable us to meet your request or interest, provide support, or comply with contractual obligations or prepare to enter into a contract. When we have an existing customer relationship with you, we may also use your personal data to provide communication and direct market our products and services.
In order to procure goods and services, manage contracts and adhere to legal or regulatory requirements related to our operations, we also process personal data such as general HR Management information and contact information related to human rights verifications and legal compliance.
The legal basis for such processing is either your directly obtained consent or is the legitimate interest in providing information, support and service to you, and these interests are not overridden by your rights to data protection. Where we rely on consent, you are free to withdraw this at any time. Should you wish not to receive any communication from us, please provide an email to firstname.lastname@example.org and we will honor this request.
When you apply for a job
When you apply for a job in Aker Solutions, we use a recruitment system and job application portal operated by an external service provider on our behalf, for processing and handling your job application. The service provider may collect your general identification and contact information, gender, CV, information about your education, competencies and skills, career and work history, job certificates, work permit, references and other relevant background information. For some positions a background check is performed by a third party service provider. You might also be asked to undergo psychometric tests and/or competency assessments. For relevant candidates, some or all of this information will be forwarded to Aker Solutions.
We use this information in order to determine your eligibility for the job and select the right candidate for the position in question. With your consent, we may also retain your data for the purposes of identifying you as a potential candidate for future suitable vacancies and/or to inform you of future suitable vacancies.
The legal basis for processing and storing your job application, CV and related information is your consent and that the processing is necessary in order to take steps at your request prior to entering into a contract. You can withdraw your consent or update your information at any time through the external service provider or by using the contact information available in the job application portal.
When you blow the whistle or use our ethics helpline
Please see the Whistleblowing privacy statement for more information about how we handle your personal data when you submit a report through our whistleblowing channel.
When we conduct integrity due diligence investigations
When determined necessary, Aker Solutions will effectuate Integrity Due Diligence (IDD) investigations. This includes collecting information to evaluate potential business relations or partners, their operation and business ethics. This investigation may include processing of personal data such as organizational position and roles, connections or relations to public authorities representatives or relevant decision makers, political position, possible sanction listings, contracts, relevant memberships, references, legal claims and reputational issues. The legal basis is to comply with legal obligations, pursue our legitimate interests and to establish, exercise or defend legal claims.
When we rent out facilities
When Aker Solutions is renting out property, we process personal data about the personnel of the tenants. Such data will typically include name, SAP ID, email address, company and title. We do this to provide contractual services, secure and maintain the property and personnel according to applicable standards, and to improve how we deliver our responsibilities and services. For these purposes, Aker Solutions will be the controller of the personal data when determining the purposes and mean of processing. We will not process your data for any other purpose. The legal basis for processing such personal data is our interest in renting out the property and delivering the agreed contractual services.
You should contact your employer when renting property from Aker Solutions if you have questions relating to transfer of your personal data from the employer to Aker Solution under the facility agreement.
When we safeguard and protect
Aker Solutions has implemented various safety and security measures where we process personal data. We do this to safeguard against illegal or unauthorized access to areas, buildings, systems, processes or equipment. Our safely measures include CCTV cameras, identity checks and access control. The categories of personal data we collect and process, may include contact information, identity information, role and employment data, CCTV images, data and time logs, location logs, vehicle registration etc. depending on the different security measures.
The purpose of the processing is to ensure compliance to legal and contractual obligations, as well as secure personnel and visitors at all locations and provide support and safeguarding during critical situations. The legal basis for such processing is your consent or our legitimate interests in safeguarding of our business operations and any applicable legal and contractual requirements. Where we rely on your consent to retain data, you may withdraw your consent at any time.
When delivering safety and security services to third parties, we provide a separate Privacy Statement for such services providing more details about our processing of personal data for such purposes.
2. Sharing of Personal Data
We will not share your personal data with third parties except for in circumstances where such sharing is necessary as part of our regular business operations or to provide our services and support to you.
Occasionally we use external third-party service providers for delivering services on our behalf and on our instructions as set out in a data processing agreement with the relevant service provider. We use such service providers for example for, security services, consultancy purposes, hiring services (temporary work arrangements) recruitment services, financial services, facility management services, parking services, IT services, communication services and integrity due diligence services. In such instances we may share your personal data with such parties to the extent necessary to perform such work.
We will not disclose your personal data to third parties for the purposes of allowing them to market their products or services to you.
In the event that we sell or buy any business or asset, we may disclose your personal data to such prospective buyers or sellers, such as in the case of joint ventures. We may further share your personal data with third parties, organizations or individuals to the extent necessary to protect and defend Aker Solutions (including enforcing any applicable terms and conditions). The legal basis for such processing is that the processing is necessary for achieving our legitimate interest in being able to executing such sale or buy.
When required by law, regulation, legal process or an enforceable governmental request, we may share your personal data for legal reasons within the Aker Solutions Group and to public authorities or governments but only to the extent we are required to do so.
3. Transfer of Personal Data
When sharing personal data to other parties as described above, we sometimes need to transfer personal data to a country outside the European Economic Area (EEA) in order to be able to fulfil one of the purposes set out in this Privacy Statement.
We will not transfer personal data to a third country outside of the EEA that does not provide adequate protection of personal data unless appropriate safeguards are applied or the transfer otherwise takes place in accordance with applicable data protection legislation.
Aker Solutions has adopted binding corporate rules for processing and transfer of personal data ("Aker Solutions Data Protection Procedure", "BCR"). The BCR provides a legal basis for transferring personal data from group companies established within the EU/EEA to group companies established outside the EU/EEA. The BCR have been approved by the Norwegian and other relevant data protection authorities and is an important measure to ensure and demonstrate compliance with the EU General Data Protection Regulation 2016/679 ("GDPR"). For more information about the BCR and group companies bound by the BCR, please see please see https://akersolutions.com/BCR and https://akersolutions.com/bcr/group-companies
5. Security of Processing
We will process your personal data securely and will apply and maintain appropriate technical and organizational measures to protect your personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing. Access to personal data is strictly limited to personnel of Aker Solutions and its controlled business units and affiliates who have appropriate authorization and a clear business need for that data.
6. Retention and Deletion of Data
Your personal data will be retained as long as necessary to fulfil the legitimate purpose(s) for the processing and as long as required by law. If you or your employer have a contractual relationship with us, any personal data relating to you will be retained as long as necessary to enable us to fulfil our obligations relating to that contractual relationship.
If you apply for a job through our website, we will retain your personal data for one year from the position is filled, and delete it thereafter, unless you request us to retain it for a longer period of time in order to notify you of similar job offerings. If you consent to certain processing, we store your personal data until you withdraw your consent or once the personal data is no longer necessary for achieving the purpose of the processing.
7. Your Rights As a Data Subject
You have the right to request access to and rectification of any information we have collected about you through your use of the website and its online functionalities. To help us keep your personal data updated, we advise you to inform us of any changes or discrepancies.
You also have the right to erasure and restriction of processing in some instances. You may have a right to receive personal data concerning you in a machine-readable format and to forward the data to another party (data portability), provided that certain conditions are met.
You also have the right to object to the processing, including if the processing is for marketing purposes. In order to object to processing, please contact the Group Privacy Officer. To exercise your rights as a data subject, or if you wish to make a complaint regarding our compliance with this Privacy Statement or our BCR, please contact the Group Privacy Officer at Aker Solutions (see contact information in section 11 below).
You have a right to complain to the Norwegian Data Protection Authority, but we encourage you to first contact the Group Privacy Officer, before filing such complaint.
8. Privacy Statements of Third Parties
This Privacy Statement addresses the collection, use and disclosure of personal data by Aker Solutions as described above. This Privacy Statement does not address or govern the privacy practices adopted by third parties on third party websites or in relation to third party services that may be accessible through use of the website. Although we try only to link to websites that share our high standards for privacy, we are not in any way responsible for the content or the privacy practices employed by third party websites or third party services. We encourage you to familiarize yourself with the privacy policies applicable to such websites or services prior to providing them with your personal data.
9. Governing Law and Jurisdiction
The akersolutions.com website is governed by Norwegian law, and the District Court of Oslo shall be the legal venue with exclusive jurisdiction over any dispute arising from your use of this website.
10. Changes to This Privacy Statement
We may update this Privacy Statement from time to time. If such updates are minor and do not have a material meaning for your rights or the way we use personal data, we may make such changes without posting a specific notice on our website. We encourage you to review this Privacy Statement on a regular basis to familiarize yourself with the latest updates. If we make material changes to this Privacy Statement that may affect your rights or the way we use personal data, we will provide a specific notice on our website.
11. How to Contact Us
If you have any questions or comments relating to this Privacy Statement or want to exercise your rights, please contact our Group Privacy Officer at PII@akersolutions.com. If you have unresolved concerns, you also have the right to complain to the supervisory authority competent to resolve such concerns according to the applicable law or Aker Solutions' Binding Corporate Rules.
Effective date: May 8, 2018 / Last updated: December, 2019