Norstat AS, Fridtjof Nansens plass 5, 0160 Oslo, Norway, is responsible for the processing of your personal information, and for keeping it safe. We naturally take appropriate technical and organisational measures to safeguard your personal data, such as using firewalls, encryption and access control to our premises and files.
We collect and process your personal data based on your consent, in the following ways:
A cookie is a small text file which stores information on your computer. It is used on many websites to give you as visitor access to various features like logging in and remembering what you did the last time you visited the site. On this website, we are using cookies to improve your user experience. You can disable cookies by adjusting the settings of your browser.
This website uses the open-source web analysis service Matomo. Matomo uses technologies that make it possible to recognize the user across multiple pages with the aim of analyzing the user patterns (e.g. cookies or device fingerprinting). The information recorded by Matomo about the use of this website will be stored on our server. Prior to archiving, the IP address will first be anonymized.
Through Matomo, we are able to collect and analyze data on the use of our website-by-website visitors. This enables us to find out, for instance, when which page views occurred and from which region they came. In addition, we collect various log files (e.g. IP address, referrer, browser, and operating system used) and can measure whether our website visitors perform certain actions (e.g. clicks, purchases, etc.).
The use of this analysis tool is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the analysis of user patterns, in order to optimize the operator’s web offerings and advertising. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.
For analysis with Matomo we use IP anonymization. Your IP address is shortened before the analysis, so that it is no longer clearly assignable to you.
We host Matomo exclusively on our own servers so that all analysis data remains with us and is not passed on.
Whenever we at Norstat approach people regarding a survey, we process some personal information (such as e-mail address or phone number, name, age and zip code). The personal information we use to get in touch with respondent is normally either publicly available data from public registers, or lists of customers or users from the client we are collecting the survey data on behalf of – for instance when we are doing customer or employee satisfaction surveys or user experience research.
We process your contact information in order to be able to approach you for participation in the surveys and opinion polls we conduct. Information you give us as part of responding to the survey, will be combined with answers from other respondents, and conveyed to our clients in aggregate form only, for statistical use.
Contact information is used to be able to get in touch with you for survey participation purposes. Market and opinion polls are a legitimate interest because the data collected is an important basis for decision-making for our clients, which range from government bodies, institutions and organizations of all kinds.
While we contact you based on a legitimate interest, participation in our surveys is always voluntary, and data collected from you in our surveys is collected on the basis of consent. You have the right to withdraw consent for processing your personal data at any time.
Norstat will never share, sell, transfer or in other ways exchange your personally identifiable information with a third party without collecting your explicit consent for this beforehand.
Information that we process in connection with our surveys is stored in our systems for six months after the data collection is completed. After that, all personally identifiable information will automatically be deleted.
We always safeguard your personal information using both physical and virtual access control, and encrypting sensitive parts of any information you give us. Norstat AS has an internal control system for IT security that has been approved according to the ISAE3000 assurance standard.
We also comply with the Esomar International Code on Market, Opinion and Social Research and Data Analytics, and are certified on the ISO9001:2015 quality standard.
We process your personal information in accordance with applicable privacy legislation and the GDPR. You have the right to see what personal data we have stored about you, to have your information amended or deleted, and to withdraw your consent to the processing of your personal information, at any time.
Norstat has a Data Protection Officer, who is responsible for ensuring that the legislation is being followed. They can be contacted at dpo[at]norstatgroup.com with any questions or concerns you may have.