- ISO 9001-2008 certification
- Based on UK Anti Bribery Act 2010
- Corporate Social Responsivity Policy
- Based on UN Global Compact
- Health, Safety and Environment
- Based on OHSAS 18001 and ISO 14001
- Requirements also apply to subcontractors
DATA PROTECTION DECLARATION
This Data Protection Declaration describes how the Jacobsen Elektro Group collect and use personal data, as well as the purpose for which the data is collected.
About this Data Protection Declaration
This declaration conforms to the requirements set out by the Norwegian Data Act.
The Jacobsen Elektro Group, represented by the CEO, is the data controller for the organization’s processing of personal data. It is noted under each section where the daily responsibility has been delegated. Delegation concerns the processing only, not the responsibility. This declaration contains information you are entitled to when data is collected through our website (Personal Data Act § 19) and general information on how we process personal data (Personal Data Act § 18, 1st paragraph).
What are personal data?
Personal data constitute all forms of data, information and assessments that may be linked to you as an individual (Personal Data Act § 2, first paragraph). What determines whether an information element constitutes personal data or not is whether that information may identify a specific person. Examples of personal data include your name, profile picture, contact information, social security number etc.
Online collection and processing of personal data
Oslo Webdesign AS is our data processor, and our service provider for development, operation and maintenance of our company website.
Data collected through the operation of the website is stored on dedicated servers operated by the service provider. Only the Jacobsen Elektro Group and Oslo Webdesign AS has access to the collected data. A Data Processor Agreement between the Jacobsen Elektro Group and Oslo Webdesign AS regulates what data the service provider has access to and how this is to be processed.
Webserver – Protocols
When you visit our website, as is usual on almost all websites, our server automatically collects personal information such as your IP address (including the domain name associated with the IP address, i.e. using reverse look-up), the date and time of your visit to our website, the pages you visited on our website and the browser you are using etc.
It also stores the following data, where available:
- the country from which you are accessing our website
- only the top level domain is saved, since this indicates the relevant country
- the language of the browser you are using
- the website from which you are accessing our website
- the search term used, if our site is accessed via a search engine
- the type of connection
- your operating system
We use this information to improve constantly your website experience.
Cookies are information packets sent by web servers to web browsers, and stored by the web browsers. The information is sent back to the server each time the browser requests a page from the server. This enables a web server to identify and track web browsers.
There are two main kinds of cookies: session cookies and persistent cookies. Session cookies are deleted from your computer when you close your browser, whereas persistent cookies remain stored on your computer until deleted, or until they reach their expiry date.
Under the Electronic Communications Act (Norwegian “ekomloven”) it is illegal to collect and process information through cookies unless the user has been informed about this and has given his consent. The user shall be informed about and consent to what data is collected, for what purpose, and who processes the data (see the Electronic Communications Act § 2-7b for details).
You can still use parts of our website even if you do not want cookies to be created on your computer. However, please note that some functions may be restricted and/or will not be available. Most browsers accept cookies automatically. However, you can prevent this by setting your browser to block all cookies. For details, please refer to the instructions provided by your browser manufacturer.
Links to other websites
Our website contains links to other websites where you can find more information. Please note that this data protection declaration does not apply to such linked websites.
Document control and archiving
Department managers are responsible for all personnel following the relevant procedures for our systems. The Jacobsen Elektro Group use the following systems for controlling and archiving documents:
- CRM system: Ganske Enkelt AS
- Finance, Salary, Expenses: Visma
- Management systems: internal file server
- Project documentation: internal file server
- Product documentation: internal file server
A Data Processor Agreement exists between the Jacobsen Elektro Group and each of the service providers listed above, which regulates what data each service provider has access to and how this is to be processed.
Digisys Drift24 AS performs all support, maintenance and backup of our internal file servers. A Data Processor Agreement between the Jacobsen Elektro Group and Digisys Drift24 AS regulates what data this service provider has access to and how this is to be processed.
The Jacobsen Elektro Group complies with the relevant legislation in all processing of personal data.
Special security measures have been put in place to further protect sensitive personal data.
Email and phone
The Jacobsen Elektro Group use email and phones in the daily operation of the company, in communication with internal and external contacts. The department manager of the department that receives the email or phone call is responsible for the processing of any personal data received.
All employees are responsible for deleting any emails that are no longer relevant, and to at least once per year review and delete unnecessary emails in his mailbox. When an employee leaves the company deletes the email account and related mailbox, but work relevant emails are typically transferred to colleagues.
Sensitive personal data shall not be sent per email. Emails received, containing sensitive personal data, shall not be re-distributed, and shall be removed from the email system.
We emphasize that regular email is not encrypted. Therefore, all employees are strongly discouraged from sending any secret, sensitive or otherwise confidential data per email.
Phone calls (caller, receiver and time stamp) are logged in our phone system. This log is required for the operation and maintenance of the system. A log of the most recent calls is available on each employee’s phone. We do not perform any other systematic logging of phone calls where the caller can be identified.
Visiting our premises
The Jacobsen Elektro Group do not employ video surveillance (CCTV) on our premises.
The Jacobsen Elektro Group process personal data on employees to manage salary and personnel management according to the Data Protection Act (§ 8 first paragraph, § 8 a), b) or f), and § 9 a), b) and f)). The HR Manager has the daily responsibility for this. Processed data required for salary payment includes personal identification number, contact information, salary level, timesheets, tax level, tax municipality, and trade union affiliation. Other data collected on employees is related to the individual’s job description and facilitation of working conditions.
Data is collected in connection with the access control system at each office site, and on project work sites. This data is collected from the individual employee.
Personal data is only ever disclosed in relation to salary payments and other disclosures mandated by law.
Information on employees’ name, position and responsibilities is regarded as public information and may be published on the company website.
The company collects and stores the Curriculum Vitae (CV) of employees that are likely to be involved in customer delivery projects. The employee submits and verifies the data included in a CV himself. The company will disclose the relevant employee CVs to a customer in a bid/tender. The CVs are treated as confidential data, and this is communicated to the customer in each project.
Job applications are treated as sensitive personal data. The HR Manager is responsible for archiving job applications for 1 year. The exception to this is:
- All former and current employees have a personnel file in our archive system, where the job application is stored together with other information (in other words, the job application is not deleted in these cases).
Logging of personal data in information systems
The Jacobsen Elektro Group has standard security logs for our information systems. What is logged typically includes user name, time stamp and access permissions.
The legal basis for such logging is found in the log requirement in the Personal Data Regulation (“personopplysningsforskriften”) §2-8 and 2-14, and in the Personal Data Act § 8 f), to safeguard the organizations protection of company assets other than personal data.
You are entitled to know what personal data is registered about you at the Jacobsen Elektro Group, and how this data is processed (Personal Data Act § 18 first paragraph).
As a registered person with the Jacobsen Elektro Group, in some cases you are entitled to require correction and deletion of data about yourself (Personal Data Act § 27 and § 28). This may apply to data that is incorrect and/or incomplete, or data to which the Jacobsen Elektro Group has no legal access for processing.
The Jacobsen Elektro Group shall respond to your request, as a registered person, free of cost and within 30 days.
Pursuant to the provision in the Personal Data Act (§2 item 4), the CEO of Jacobsen Elektro Holding AS has the overall responsibility for all processing of personal data, and is the data controller. Daily follow-up of this responsibility is delegated to the Chief Compliance Officer, and it is he who responds to enquiries about the processing of personal data at the Jacobsen Elektro Group.
If you want information on the type of data that is registered about you, would like access to or wish to correct/delete data that is registered about you, or have general questions about the processing of personal data at the Jacobsen Elektro Group, you may contact firstname.lastname@example.org.
Data Protection Officer
The Jacobsen Elektro Group has a Data Protection Officer who shall safeguard the data protection interests of employees, suppliers and customers at the Jacobsen Elektro Group.
The Data Protection Officer can support individuals who have personal data registered with the Jacobsen Elektro Group in safeguarding their rights, but the Data Controller is responsible for ensuring that the organization follows the established rules.
The Data Protection Officer can provide assistance and answer any questions related to Data Protection. You can contact the Data Protection Officer at email@example.com.
The group is strictly opposed to and practices a zero tolerance policy towards any form of corruption. Included in our definition of corruption, is the action of giving, receiving, requiring or otherwise transmitting or receiving improper benefits, which are likely to affect employees or others’ actions towards our companies.
Corruption threatens the rule of law, undermines good governance, fairness and social justice, and distorts competition, democracy and human rights because it undermines ethical and moral values. It will also cause companies to incur direct financial losses and destroy their reputations.
As a global company with projects and contracts in Africa and Asia, we monitor closely on the increased risk of corruption and exploitation this may have. This is an obligation for all our employees and in particular for the corporate Board of Directors and Executive Management. Anti-corruption is a prioritized area in which we maintain constant focus on prevention, risk reduction measures and the identification of non-compliance.
Jacobsen Elektro Group shall contribute to a sustainable development of the societies in which we operate. We are aiming to do our best to satisfy the needs of all our stakeholders. This does not only include respecting and adhering to local legislation, but also to minimize negative impacts on the environment and promoting a good and safe physical as well as psychological work environment. The companies within Jacobsen Elektro Group are committed to work for the best humane workplace practices. We strive to continuously improve our Human Resource policies and procedures through education, training, communication, and employee involvement.
All companies in the Jacobsen Elektro Group is dedicated to respecting and complying with the content of UN Global compact and SA8000 which form the backbone of our ethical guidelines. We expect our agents, consultants and suppliers to do the same, and will keep our self actively involved in partner- and supplier development through our training program – “Compliance on the agenda”.
The SA8000 Standard, established by SAI and one of the world’s preeminent social standards, is a tool for implementing international labor standards to protect workers along each step of the supply chain.
Jacobsen Elektro is committed to the continuous improvement of the health and safety of its employees, and of the employees of subcontractors engaged
at our worksites. This is followed up thoroughly through our projects, and actions taken locally when needed. HSE related data are collected, aggregated up at group level, and monitored to find potential systematic health related risks across the companies in the group.
Jacobsen Elektro Group has contributed with humanitarian aid in several countries – especially in the African region. The contributions have helped children with food, school and positive experiences like games and sports. The help has always been given almost directly to the needing, and many children have experienced a better life as a result of this.