This Privacy Statement represents the online privacy policy applicable to kongsbergdigital.com and the activities of Kongsberg Digital.
Kongsberg Digital, Lysaker Torg 35, 1366 Lysaker is the controller of the personal data processed by Kongsberg Digital including on our websites (e.g., kongsbergdigital.com, kognifai.com and any other websites that we own or operate), the products we offer and certain activities we conducts, as outlined below in this Statement. If you have any questions regarding this Privacy Statement, you can contact us via: privacy@kongsberg.com
KONGSBERG Gruppen ASA (“KONGSBERG”) consists of the four business areas, Kongsberg Maritime, Kongsberg Digital, Kongsberg Defence & Aerospace, and Kongsberg Discovery. This Privacy Statement outlines how Kongsberg Digital collects and processes personal data, as well as how you can exercise your data privacy rights. For details on how personal data is handled by other KONGSBERG business areas, please visit their respective websites.
KONGSBERG has adopted Binding Corporate Rules ("the KONGSBERG BCR"). The KONGSBERG BCR provides KONGSBERG with a legal basis for transferring personal data from group companies established within the EEA to group companies established outside the EEA. The KONGSBERG BCR have been approved by the Norwegian and other relevant data protection authorities and is an important means to demonstrate compliance with the EUGeneral Data Protection Regulation 2016/679 ("GDPR"). For more information about the KONGSBERG's BCR and group companies bound by the BCR, please see the public version of the KONGSBERG BCR. This public version of the BCR was last updated on 2 September 2019.
Downloads:
When you visit the website, we collect data through cookies as described in section 4 below. The data we collect through cookies consists of data relating to your device, IP-address and your use of the website. We use the data collected through cookies for the purposes of offering you the best user experience and for improving the website content by tracking usage patterns and recording preferences. See further information in section 4 below on how to accept and reject cookies by adjusting the settings in your browser.
When you subscribe to receive a newsletter, we collect your e-mail address in order to be able to send you the requested newsletter. The purpose of the newsletter is to provide you with news, press releases and other relevant information from Kongsberg Digital. In order to subscribe, you must provide your consent prior to receiving the newsletter. Your consent is the legal basis for processing your e-mail address. You can withdraw your consent to stop receiving newsletters from us at any time by following the unsubscribe instructions at the bottom of the newsletter that you receive.
When you contact us, for example for media, investor or finance relations, or for website feedback, we can collect personal data about you. The personal data can concern your name, e-mail address and other information you wish to provide us with to respond to your comment or enquiry. If you register for one of our events, we can collect information about your name, contact information and, if applicable, dietary preferences or similar information.
The legal basis for these processing activities is that the processing is necessary for fulfilling a contract with you or for taking steps prior to entering into contract, or that it is in our legitimate interest to meet your request and to improve our business and services and these interests are not overridden by your rights to data protection.
When you apply for a job through the website, we use a job application portal operated by an external service provider on our behalf, for processing and handling your job application. When you apply for a job, we collect your name, contact information, CV, education level, competencies and skills, career and work experiences. If relevant, you may also provide us with social security number, job certificates, references and other relevant background information.
We use this information in order to determine your eligibility for the job that you apply for by assessing whether you are the ideal candidate for the position in question.
With your consent, we may also retain your data for the purpose of identifying you as a potential candidate for future suitable vacancies and/or to inform you of future suitable vacancies. If there are no suitable jobs listed on our website, you can also upload your CV to our job application portal for future opportunities. Your candidate profile will be visible to our recruiters, and we will contact you should a suitable vacancy arise.
The legal basis for processing and storing your job application, CV and related information is your consent and that the processing is necessary in order to take steps at your request prior to entering into a contract. You can withdraw your consent or update your information at any time through the job application portal or by contacting us at privacy@kongsberg.com.
We provide a whistleblowing channel operated by an external service provider. If you submit a report through our whistleblowing channel. You can choose to provide us with your name, phone number and email. If you choose not to provide this information, we will not be able to contact you directly.
When you file a report, you will be able to establish a secure mailbox. When you create this mailbox, you will be assigned a case number and be given the option to choose your own password for accessing and following your case. Once you have reported an issue, you have the option to continue communication regarding the case even if you have chosen to stay anonymous. Regardless of whether or not you wish to remain anonymous, we recommend that you open a mailbox, to ensure that communication regarding further investigation of the reported incident is safe and secure.
The legal basis for processing the personal data you submit through the whistleblowing channel is that the processing is necessary for Kongsberg Digital's legitimate interest of enabling all employees of Kongsberg Digital, business partners and stakeholders to report any serious concerns or offenses in a confidential manner. This processing is also required to ensure we meet our legal obligations under the EU Whistle Blowing Directive, EU Staff Regulations and other relevant local directives and regulations.
To the extent that the processing relates to sensitive personal data, the legal basis for such processing is that it is necessary for the purposes of carrying out the obligations and exercising the specific rights of Kongsberg Digital in the field of employment and social security and social protection law, or that the processing is necessary for the establishment, exercise or defence of legal claims.
Kongsberg Digital processes business-related data on customers, suppliers and partners, and their employees, to support and manage customer, supplier or partner relationships (internal/external), to provide products and services to third parties (see section 1.7 for further details), for business operation and protection of business interests and security (e.g. information security, logging, conduction of audits and controls, surveys, analysis, reports and managing of daily operations and transactions/possible transactions involving Kongsberg Digital). The legal basis for this processing is Kongsberg Digital's legitimate business interests in ensuring good management of and support for customers, suppliers, partners and third parties, to be able to fulfill contractual obligations when you use our products, to comply with legal obligations and in some occasions consent.
This section outlines how we collect, use, and process your personal data when you use our products, acting as the data controller. It does not cover situations where we process data on behalf of our clients, in which case data processing is governed by specific data processing agreements.
In addition to the processing activities outlined in Section 1.6, we collect and process your personal data when you use our products to manage, improve, and enhance their quality and security. This includes providing you access, understanding product usage; improving functionality and user experience; ensuring accurate billing and audits, process orders, invoicing and other financial follow up; detect, prevent and mitigate security threats and misuse of services offered; perform maintenance, debugging or troubleshooting any issues; provide customer support and to fulfil contractual obligations related to delivery of agreed services. Additionally, we may use your data to ensure compliance with applicable sanction and export control laws.
To achieve these purposes, we may collect the following personal data from you: name, address, telephone number, and email address; employment information like your tittle and the name of the company you work for; unique user information including login ID, username, and password; usage and log data, including details of tool usage, logins, and clickstream behavior; web traffic information such as browser type, device, language, the address of the website from which you arrived, IP address, geographical location and other traffic information; and feedback, comments, or questions about KDI, Kognifai, and services running on Kognifai where applicable.
We process your personal data based on our legitimate interest in improving our products and maintaining its security. In turn, your use of our products benefits from these ongoing improvements and allows us to provide better support and promptly address any issues or bugs you may encounter. We may also process your personal data to ensure compliance with contractual and legal requirements.
When the customer discloses information about its employees in order for KDI to set up or manage the Authorised Users, there will be a transfer from one data controller (the customer) to another (KDI). The customer must ensure that they have the legal basis to disclose the personal data necessary for KDI to set up the Authorised Users.
We may share analytic data with our customers, upon request, about how their Authorized Users interact with the products, but only after all personal data has been removed and the information has been anonymized. If we share analytics that include personal data of Authorized Users with customers, we act as a data processor. In such cases, our responsibilities will be governed by the terms outlined in a Data Processing Agreement (DPA). For other information on sharing and transfer of personal data, please see section 2 of this Privacy Statement.
For further questions about how we process personal data within our products please reach out to us directly. If your personal data is processed by Kongsberg Digital’s clients, we suggest that you contact them directly for any data privacy inquiries.
The Product Academy is a platform where you can elevate your skills and knowledge about KDI products by diving into expert-led courses that provide valuable product knowledge and certification opportunities. The Community is a platform where you can stay updated, connected and access key resources.
When you want to create an account for the first time, you need to sign up for an account in the KDI Azure B2C tenant, which serves as an identity provider and is the source of trust for the user's data. For the scope of creating your account in the KDI Azure B2C Tenant, KDI may process the following personal data about you: basic contact details such as name and email; business information such as job title, function, KDI product(s) in use by you, company or industry; unique user information such as login ID, username, password (including time-based one-time password); web traffic information as provided by browser such as browser type, device, language and the address of the website from which you arrived and other traffic information such as IP address.
KDI processes these personal data to create, manage, and allow access to your account in the KDI Azure B2C Tenant; to reach out to you regarding the management of your account; to facilitate your access and use of the KDI services and applications; to prevent abuse and misuse of the account you have created in the KDI Azure B2C Tenant: to detect, prevent, and mitigate security threats and perform maintenance and debugging; to improve the quality and functionality of the KDI Azure B2C Tenant and associated services. When KDI processes personal data as a data controller within the scope of KDI Azure B2C Tenant and for the purposes stated above, the legal basis is consent.
When you use the Product Academy or the Community, KDI may process the following data about you, depending on your use of the services: basic contact details such as name and email; business information such as job title, function, profile picture of you if you decide to upload one, KDI product(s) in use by you, company, industry; unique user information such as login ID, username; feedback, comments or questions about KDI, our products, the Product Academy or Community and associated services; web traffic information as provided by browser such as browser type, device, language and the address of the website from which you arrived and other traffic information such as IP address.
KDI processes these personal data to: to manage, and allow access to your account; to provide you with services in the Product Academy or the Community; to prevent abuse and misuse of services offered via the Product Academy or the Community; to provide you with communication, information, customized offerings based on the information given by you in your profile, KDI product information, announcements, event invitations, etc.; to detect, prevent, and mitigate security threats and perform maintenance and debugging; to improve the quality and functionality of the Product Academy or the Community and associated services. When KDI processes personal data as a controller within the scope of the Product Academy or the Community for the purposes stated above, the legal basis is consent.
Your personal data is stored in KDI's private tenants which are owned by Microsoft Azure in Europe. When using the Product Academy and Community, your personal data may be stored both within and outside Europe. All transfers of personal data to third countries are conducted with appropriate data protection safeguards.
KDI does not share your personal data with third parties except where such sharing is necessary to deliver and improve the services offered, for example with third-party services providers for platform hosting or customer identity and access management (CIAM). For sharing and transfer of personal data within the Kongsberg Group, please see section 2 of this Privacy Statement.
The Product Academy is hosted on the Sana platform. For information on how they process personal data and their cookie policy, visit their privacy policy.
KDI Community is hosted on Higher Logic Vanilla platform. For information on how they process personal data and their cookie policy, visit their privacy policy.
Kongsberg Digital collects personal information concerning our business partners and their employees and visitors at our premises for the purposes of e.g. due diligence against anti-corruption and export control legislation.
Due Diligence of business partners (including self-assessment and background check) and processing of security clearance applications. We collect personal data concerning visitors to be able to process requests for visits on our premises. Such personal data can include name, gender, age, roles in companies and information available in publicly available sources. The legal basis for processing this information is Kongsberg Digital's legal obligations, including under the Security Act, and our legitimate interests in maintaining secure premises, facilities, services, equipment and processes.
KONGSBERG processes personal data in connection with video surveillance of KONGSBERG premises and recording of activity logs including Visitor registration. This includes personal data registered in CCTV recordings and access logs. The purpose of this processing is to support and manage safeguarding against illegal or unauthorized access to areas, buildings or rooms or to support the control of equipment and/or production processes, and the legal basis for the processing is KONGSBERG's legitimate interests in maintaining secure premises, facilities, services, equipment and processes.
Kongsberg Digital may process personal data necessary to comply with legal obligations, for example tax and accounting information and information relating to legal proceedings. The purpose and legal basis for this processing is Kongsberg Digital's legal obligations and legitimate interests in the establishment, exercise or defence of legal claims.
We may share your personal data within KONGSBERG when necessary to fulfil a request from you or for entering into an employment contract with you or in other circumstances where sharing is necessary in order to meet your inquiry. In such scenario, we only share personal data with authorized personnel, and any sharing of personal data within KONGSBERG is subject to the KONGSBERG BCR, which are binding upon all KONGSBERG group companies. For more information, please see the public version of the KONGSBERG BCR.
We do not share your personal data with third parties except where such sharing is necessary to provide services. We may use external third-party service providers for example for operating the job application portal (see section 1.4) for the whistleblowing channel (see section 1.5), for website hosting, for processing transactions for performing statistical analysis of our services, and with third parties who have a contractual relationship with KDI and who KDI has permitted to make their applications available on Kognifai, provided you have requested access to such applications via your Kognifai related agreement with KDI (see section 1.7). We will only share your personal data with the service providers to the extent it is necessary for them to deliver the services.
In the event that we sell or buy any business or asset, we may disclose your personal data to such prospective buyers or sellers. Moreover, Kongsberg Digital may share your personal data with public authorities or governments if required by mandatory law, and if in accordance with our BCR.
The KONGSBERG BCR provides a legal basis for transfer of personal data from group companies within the EEA to group companies outside the EEA.
Kongsberg Digital will not transfer personal data to a third country outside of the EEA that does not provide adequate protection of personal data unless appropriate safeguards are adduced, or the transfer otherwise takes place in accordance with applicable data protection legislation. Examples of such safeguards are Binding Corporate Rules or EU Standard Contractual Clauses.
For more information about the KONGSBERG's BCR and group companies bound by the BCR, please see the public version of the KONGSBERG BCR.
About browser cookies
A browser cookie is a small data file transmitting information to the user's browser, with as purpose to authenticate or identify the user. A cookie cannot collect information from the user's computer or carry any viruses.
Cookies are normally stored on your PC and may contain information such as registration data, user preferences and enabling basic website functionalities. When a server receives a request from a browser that has a cookie, the server is then able to use the information stored in the cookie. For example, the server might be able to customize what is sent back to the user, or keep a log of particular user's requests.
Cookies on www.kongsbergdigital.com
Kongsberg Digital uses several cookies, that enable the user to experience the information provided in the best way, and to help us maximize the user-friendliness of our web. Additional cookies from third parties may occur, for example enabling streaming of YouTube movies, PDF readers, Adobe Flash functionalities etc.
By using the Kongsberg Digital website, you approve that we can set cookies in your browser. Note, cookies can always be deleted and or disabled. Please refer to your browser's help file to determine the browser's settings.
Be aware of the following, several webpages will not have optimal functionality if cookies are deleted or blocked in settings.
For further information about the use of cookies on www.kongsbergdigital.com/cookie-policy
Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of Individuals, Kongsberg Digital implements appropriate technical and organizational measures. The technical and organizational measures ensure a level of security appropriate to the risk that are presented by the processing, in particular from accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data transmitted, store or otherwise processed.
This Privacy Statement addresses the collection, use and disclosure of personal data by Kongsberg Digital. This Privacy Statement does not address or govern the privacy practices adopted by third parties on third party websites or in relation to third party services that may be accessible through use of the website.
Although we try only to link to websites that share our high standards for privacy, we are not in any way responsible for the content, or the privacy practices employed by third party websites or thirdparty services. We encourage you to familiarize yourself with the privacy policies applicable to such websites or services prior to providing them with your personal data.
You have a right to information about Kongsberg Digital's processing of personal data concerning you and to receive a copy of the personal data being processed. You also have the right to have inaccurate or incomplete personal data concerning you rectified or completed. Under certain circumstances, you can request erasure of your personal data or that the processing of the personal data is restricted. You may also have a right to object to the processing, including if the processing is for direct marketing purposes. In some instances, you can have a right to receive the personal data concerning you in a machine-readable format and to have it transmitted to another controller (data portability). Subject to certain exceptions, you also have a right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
To exercise your rights as a data subject, please contact our Corporate Privacy Officer by using email; privacy@kongsberg.com. (see contact information in section 12 below).
You have a right to file a complaint to Kongsberg Digital regarding compliance with the KONGSBERG BCR or violations of your rights under applicable data protection law. You may file a complaint to the Corporate Privacy Officer (see contact information in section 12 below), or through the general contact section of Kongsberg Digital's company website by using email: privacy@kongsberg.com.
You will receive the result of the complaint handling within four (4) weeks after we receive the complaint. If, due to the complexity of the complaint, a response cannot be given within the four (4) weeks period, you will be informed accordingly and provided with an estimate for the timescale within which a response will be provided.
In case a complaint is rejected, you will receive the reasons for the rejection. If you are not satisfied with the response to the complaint, you can choose to lodge claims based on the KONGSBERG BCR, see section 9 below.
We encourage you to first follow thecomplaints procedure in section 8 above before filing any complaint or claim with competent data protection authorities or the courts.
In case of violation of the KONGSBERG BCR, you may, at your choice, submit a complaint or a claim to the data protection authority or the courts:
The data protection authorities and courts shall apply their own substantive and procedural laws to the dispute. Any choice made by you will not prejudice the substantive or procedural rights you may have under applicable law.
The kongsbergdigital.com website is governed in accordance with Norwegian legislation, and the Oslo District Court shall be the legal venue with exclusive jurisdiction over any dispute arising from your use of this website.
We may update this Privacy Statement from time to time. If such updates are minor and do not have a material meaning for your rights or the way we use personal data, we may make such changes without posting a specific notice on our website. We encourage you to review this Private Statement on a regular basis to familiarize yourself with the latest updates.
If we make material changes to this Privacy Statement that may affect your rights or the way we use personal data, we will provide a specific notice on our website.
If you have any questions or comments relating to this Privacy Statement or want to exercise your rights, please contact our Corporate Privacy Officer at privacy@kongsberg.com or via mail directed to:
Corporate Privacy Officer
Kongsberg Gruppen ASA
P.O.Box1000
3601 Kongsberg
If you have unresolved concerns, you also have the right to complain to the data protection authority competent to resolve such concerns according to the applicable law or KONGSBERG Binding Corporate Rules.
Effective date: 16th of May 2018/ Last updated: 16th December 2024
