Multiconsult seeks to meet those requirement through how we handle personal data that are in our possession. We will only use personal data for appropriate purposes, and personal data will be processed in accordance with applicable data protection regulation and according to Multiconsult’s privacy framework.
2. Multiconsult’s processing of Personal Data
Multiconsult processes personal data about employees, employees of customers and suppliers, external consultants and other stakeholders. Multiconsult also processes personal data who are not employed or engaged by Multiconsult.
Multiconsult will process personal data fairly and lawfully, and only for a specified, explicit and legitimate purpose or as required by law. Multiconsult will therefore only process personal data when such processing is necessary for us to manage our operations, provide services or other legitimate business interests. Personal data will be retained only for the period that is required to serve the legitimate purpose.
Multiconsult will ensure that measures are implemented to protect personal data in order to ensure it’s confidentiality, integrity and availability.
Third party service providers may process personal data on behalf of Multiconsult. Multiconsult has implemented control measures to ensure that personal data are handled according to Multiconsult’s privacy framework.
Multiconsult processes data subject personal data that are not employed or engaged by Multiconsult. That personal data is handled with the following purpose:
2.2. Procurement Related Matters
Multiconsult processes personal data necessary in order to procure goods and services from suppliers and contractors.
2.3. Integrity Due Diligence
Multiconsult has established an Integrity Due Diligence (IDD) process. The IDD process collects information to help us understand who our counterparties are, their values and how their business is conducted. For more information about IDD, contact GDPR@multiconsult.no.
2.4. Whistleblower portal
Multiconsult has a Whistleblower portal where employees and external third parties can raise concerns or report any suspected or potential breaches of law or company regulations.
Multiconsult communicates externally and internally. Communication activities can be, but not limited to distribution of newsletters, press releases, company reports, websites, events, handling user-initiated dialogue, providing information to public authorities, conducting surveys, and communicating in social media networks.
Multiconsult process personal data for recruitment purposes to ensure that Multiconsult recruits qualified candidates. The legal basis Multiconsult is the necessity of verifying the identity of the applicant before entering a contract.
3. Collection of personal data
Multiconsult collects personal data as a part of our normal operation. Our collection can be, but is limited to:
- contact information such as names and addresses, telephone numbers and email addresses;
- details about an individual’s work experience and qualifications, date of birth, driver’s licence details;
- screening-related information;
business details, including the names of relevant office holders of a company and business numbers; and
- details for preferences related to marketing and other types of events.
Personal data may be collected in a number of ways, including:
- directly by Multiconsult staff when establishing a business relationship or through operational dealings;
- from a third-party service provider or agent, from a source of publicly available information (e.g. websites) or from an employer (e.g. where a supplier or contractor provides personal data about their employees);
- through use of Multiconsult’s website; or
- data provided directly by you.
4. Transfer of Personal Data
Multiconsult has internal agreements with respect to transfer of personal data between legal entities and national borders within EU/EEA.
Multiconsult has also internal agreements for transfer of personal data with companies and subsidiaries outside EU/EEA. All transfer and handling are according to laws that ensures the privacy of the data subject.
5. How to exercise your rights as a data subject
National and international data protection gives rights to data subjects. The data subjects have, under some circumstances, the right to request access, rectification, erasure and/or restriction to processing of their data.
If you have questions or want to exercise your rights as a data subject, please make your requests by using this request form