Personal data, non-disclosure policy and cookies
The aim of this non-disclosure policy is to provide information on how and why the SATS Group AS (SATS Group) collects and processes personal data.
The MD of the SATS Group is ultimately liable for the processing of the information that is collected and processed by the SATS Group. This liability can be delegated to another person with regard to everyday work. The non-disclosure policy as described below contains the information that the General Data Protection Regulation (GDPR) requires that we provide in association with our processing of your personal data.
The SATS Group processes personal data in accordance with the applicable rules for the protection of such data.
LEGAL GROUNDS FOR THE PROCESSING OF PERSONAL DATA
Processing of personal data is not permitted unless there are valid reasons for this. Such reasons can, for example, be with the consent of the person registered, agreements (a contract entered into) or that we as the party liable for the processing of personal data have a legitimate interest that outweighs the demands of the registered person to protect their private life.
Our reason for processing data is normally that there is an agreement in place and, in certain cases, that the person registered has given their consent. When we first process your personal data, we always inform you of the reason for this data processing.
If the SATS Group is to process personal data of children under 16, the consent of their parent or guardian is required.
HOW SATS USES PERSONAL DATA
We collect and process personal data in order to be able to fulfil our contractual obligations to our employees (administration of employment terms and conditions) and members (administration of customer relationship) and also to be able to provide a good service and information on our products and services (marketing activities). The use of personal data in association with marketing activities is based on consent that you can manage via My pages.
For instance, our training centres offer modern and practical individual and personal training plus group training. When members enter our centres, theirs visit are logged. The same applies when booking group training sessions.
We also have a broad choice of digital tools that enable you to train away from our gym premises. This offer also requires member personal data to be processed as members can log in via their own profile. We also process data on group training session searches and save sessions that members flag as favourites. We also analyse the use of Online Training in order to be able to optimise this offer to our members.
We register the following data: name, national ID number, phone numbers, email address, postal address, photo and type of membership. We get such data from registered member themselves.
DISCLOSURE OF PERSONAL DATA – USE OF THIRD PARTY
Registered personal data are processed confidentially by us, and only persons that need the information for their work will have access to such. As a rule, we therefore do not disclose personal data to any party outside the SATS Group.
On the other hand, it can be the case in certain contexts that we share personal data with our partners, such as Facebook or Google. Sharing of personal data with a third party is a case of personal data processing that requires certain legal conditions to be satisfied. These conditions will, in the first instance, consist of the consent of the registered person, so as a registered person, you will always be aware of our possible sharing of data. Please note that we are obliged to disclose your personal data under certain circumstances.
There are two types of cookies: One type is a file that is saved on your computer for a longer period. The other is a temporary cookie (session cookie). Session cookies are only used during the time you use the website. We use both types of cookies.
You can delete our cookies by going into your browser settings and deleting content.
STORAGE AND DELETION OF PERSONAL DATA
We do not share your personal data with any other party unless there are legal grounds for this. One example of such reasons is normally that you have entered into an agreement with us or we are compelled to do so for legal reasons.
All processing of personal data we do is done within the EU/EEA area. The SATS Group will delete your personal data without undue delay no later than six months after the data are no longer necessary for the purpose they were obtained. They will also be deleted if you withdraw the consent that provided the grounds for the processing of the data or if you object to such processing and there is no overriding legitimate reason for such processing. We have clear deletion procedures for our data processing activities.
If you withdraw your consent to the processing of personal data, our processing of your personal data will cease, however this does not affect the legitimacy of data processing that is based on your consent and that was done before your consent was withdrawn.
You have the right to view, correct, delete (unless we are required to save the information) data and to request the restriction such processing and the transfer of your personal data (data portability). You can also ask us to terminate the processing of your personal data (for example by withdrawing your consent). If you wish to exercise one or several of these rights, we will act in accordance with your request within one month of receiving such, provided we are not liable to act in some other way. Please send any questions to our email address, firstname.lastname@example.org.
Please contact us by email to email@example.com if you have any comments or would like more information on how we process your personal data.
NORWAY: If you think we are in breach of the rules for processing personal data, you can submit a complaint to Datatilsynet.
SWEDEN: If you think we are in breach of the rules for processing personal data, you can submit a complaint to Datainspektionen.
FINLAND: If you think we are in breach of the rules for processing personal data, you can submit a complaint to tietosuojaviranomainen.
DENMARK: If you think we are in breach of the rules for processing personal data, you can submit a complaint to Datatilsynet.